Terms & Conditions

This page (together with the documents referred to on it) tells you the terms of use on which you may make use of our website http://.krystal.uk ("our site"), whether as a guest or a registered user. Please read these terms of use carefully before you start to use the site. By using our site, you indicate that you accept these terms of use and that you agree to abide by them. If you do not agree to these terms of use, please refrain from using our site.

Information about us

https://krystal.uk is a website operated by Krystal Hosting Limited, (“we”, “us” or “our”). We are registered in England and Wales under company number 07571790 and have our registered office at Kemp House 152 - 160 City Road London EC1V 2NX. Our main trading address is Netwise House, 24 Old Jamaica Road, London SE16 4AW. Our VAT number is GB 884-9822-60.

We are a limited company.

Accessing our site

Access to our site is permitted on a temporary basis, and we reserve the right to withdraw or amend the service we provide on our site without notice (see below). We will not be liable if for any reason our site is unavailable at any time or for any period.

From time to time, we may restrict access to some parts of our site, or our entire site, to users who have registered with us.

If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of these terms of use.

When using our site, you must comply with the provisions of our Acceptable Use Policy.

You are responsible for making all arrangements necessary for you to have access to our site. You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms, and that they comply with them.

Intellectual property rights

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

You may print off one copy, and may download extracts, of any page(s) from our site for your personal reference and you may draw the attention of others within your organisation to material posted on our site.

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

Our status (and that of any identified contributors) as the authors of material on our site must always be acknowledged.

You must not use any part of the materials on our site for commercial purposes without obtaining a licence to do so from us or our licensors.

If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Reliance on information posted

Commentary and other materials posted on our site are not intended to amount to advice on which reliance should be placed. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.

Our site changes regularly

We aim to update our site regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.

Our liability

The material displayed on our site is provided without any guarantees, conditions or warranties as to its accuracy. To the extent permitted by law, we, other members of our group of companies and third parties connected to us hereby expressly exclude:

All conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity.

Any liability for any direct, indirect or consequential loss or damage incurred by any user in connection with our site or in connection with the use, inability to use, or results of the use of our site, any websites linked to it and any materials posted on it, including:

• loss of income or revenue;
• loss of business;
• loss of profits or contracts;
• loss of anticipated savings;
• loss of data;
• loss of goodwill;
• wasted management or office time; and

whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable, provided that this condition shall not prevent claims for loss of or damage to your tangible property or any other claims for direct financial loss that are not excluded by any of the categories set out above.

This does not affect our liability for death or personal injury arising from our negligence, nor our liability for fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable law.

Information about you and your visits to our site

We process information about you in accordance with our privacy policy. By using our site, you consent to such processing and you warrant that all data provided by you is accurate.

Our site uses cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

Transactions concluded through our site

Contracts for the supply of services formed through our site or as a result of visits made by you are governed by our terms and conditions of supply.

Uploading material to our site

Whenever you make use of a feature that allows you to upload material to our site, you must comply with the content standards set out in our acceptable use policy. You warrant that any such contribution does comply with those standards, and you indemnify us for any breach of that warranty.

Any material you upload to our site will be considered non-confidential and non-proprietary, and we have the right to use, copy, distribute and disclose to third parties any such material for any purpose. We also have the right to disclose your identity to any third party who is claiming that any material posted or uploaded by you to our site constitutes a violation of their intellectual property rights, or of their right to privacy.

We will not be responsible, or liable to any third party, for the content or accuracy of any materials posted by you or any other user of our site.

We have the right to remove any material or posting you make on or upload to our site if, in our opinion, such material does not comply with the content standards set out in our acceptable use policy.

Viruses, hacking and other offences

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack.

By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any material posted on it, or on any website linked to it.

Linking to our site

You may link to our home page, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it, but you must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part where none exists.

You must not establish a link from any website that is not owned by you.

Our site must not be framed on any other site, nor may you create a link to any part of our site other than the home page. We reserve the right to withdraw linking permission without notice. The website from which you are linking must comply in all respects with the content standards set out in our acceptable use policy.

If you wish to make any use of material on our site other than that set out above, please address your request to contact@krystal.uk.

Links from our site

Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them.

Jurisdiction and applicable law

The English courts will have exclusive jurisdiction over any claim arising from, or related to, a visit to our site although we retain the right to bring proceedings against you for breach of these conditions in your country of residence or any other relevant country.

These terms of use and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England.

Variations

We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are binding on you. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our site.

Your concerns

If you have any concerns about material which appears on our site, please contact contact@krystal.uk.

Thank you for visiting our site.

This acceptable use policy sets out the terms between you and us under which you may access our website - https://krystal.uk ("our site"). This acceptable use policy applies to all users of, and visitors to, our site.

Your use of our site means that you accept, and agree to abide by, all the policies in this acceptable use policy, which supplement our terms of website use.

https://krystal.uk is a website operated by Krystal Hosting Limited ("we", "us" or "our"). We are registered in England and Wales under company number 07571790 and we have our registered office at Kemp House, 152 - 160 City Road, London, EC1V 2NX. Our main trading address is Netwise House, 24 Old Jamaica Road, London SE16 4AW. Our VAT number is GB 884-9822-60.

Prohibited uses

You may use our site only for lawful purposes. You may not use our site:

• If you do not agree to our Website Terms of Use.
• In any way that breaches any applicable local, national or international law or regulation.
• In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect.
• For the purpose of harming or attempting to harm minors in any way.
• To send, knowingly receive, upload, download, use or re-use any material which does not comply with our content standards.
• To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam).
• To knowingly transmit any data, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.

You also agree:

• Not to reproduce, duplicate, copy or re-sell any part of our site in contravention of the provisions of our terms of website use.
• Not to access without authority, interfere with, damage or disrupt:
• any part of our site;
• any equipment or network on which our site is stored;
• any software used in the provision of our site; or
• any equipment or network or software owned or used by any third party.

Interactive services

We may from time to time provide interactive services on our site, including, without limitation:

• Bulletin boards; and
• Services relating to the creation of your website such as the uploading of your documents and information.

Where we do provide any interactive service, we will provide clear information to you about the kind of service offered, if it is moderated and what form of moderation is used (including whether it is human or technical).

We will do our best to assess any possible risks for users (and in particular, for children) from third parties when they use any interactive service provided on our site, and we will decide in each case whether it is appropriate to use moderation of the relevant service (including what kind of moderation to use) in the light of those risks. However, we are under no obligation to oversee, monitor or moderate any interactive service we provide on our site, and we expressly exclude our liability for any loss or damage arising from the use of any interactive service by a user in contravention of our content standards, whether the service is moderated or not.

The use of any of our interactive services by a minor is subject to the consent of their parent or guardian. We advise parents who permit their children to use an interactive service that it is important that they communicate with their children about their safety online, as moderation is not foolproof. Minors who are using any interactive service should be made aware of the potential risks to them.

Where we do moderate an interactive service, we will normally provide you with a means of contacting the moderator, should a concern or difficulty arise.

Content standards

These content standards apply to any and all material which you contribute to our site ("contributions"), and to any interactive services associated with it.

You must comply with the spirit of the following standards as well as the letter. The standards apply to each part of any contributions as well as to its whole.

Contributions must:

• Be accurate (where they state facts).
• Be genuinely held (where they state opinions).
• Comply with applicable law in the UK and in any country from which they are posted.

Contributions must not:

• Contain any material which is defamatory of any person.
• Contain any material which is obscene, offensive, hateful or inflammatory.
• Promote sexually explicit material.
• Promote violence.
• Promote discrimination based on race, sex, religion, nationality, disability, sexual orientation or age.
• Infringe any copyright, database right or trade mark of any other person.
• Be likely to deceive any person.
• Be made in breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence.
• Promote any illegal activity.
• Be threatening, abuse or invade another’s privacy, or cause annoyance, inconvenience or needless anxiety.
• Be likely to harass, upset, embarrass, alarm or annoy any other person.
• Be used to impersonate any person, or to misrepresent your identity or affiliation with any person.
• Give the impression that they emanate from us, if this is not the case.
• Advocate, promote or assist any unlawful act such as (by way of example only) copyright infringement or computer misuse.

Suspension and termination

We will determine, in our discretion, whether there has been a breach of this acceptable use policy through your use of our site. When a breach of this policy has occurred, we may take such action as we deem appropriate.

Failure to comply with this acceptable use policy constitutes a material breach of the terms of use upon which you are permitted to use our site, and may result in our taking all or any of the following actions:

• Immediate, temporary or permanent withdrawal of your right to use our site.
• Immediate, temporary or permanent removal of any posting or material uploaded by you to our site.
• Issue of a warning to you.
• Legal proceedings against you for reimbursement of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
• Further legal action against you.
• Disclosure of such information to law enforcement authorities as we reasonably feel is necessary.

We exclude liability for actions taken in response to breaches of this acceptable use policy. The responses described in this policy are not limited, and we may take any other action we reasonably deem appropriate.

Changes to the acceptable use policy

We may revise this acceptable use policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you. Some of the provisions contained in this acceptable use policy may also be superseded by provisions or notices published elsewhere on our site.

Welcome to the Krystal Hosting Limited (“Krystal Hosting”) privacy notice.

Krystal Hosting respects your privacy and is committed to protecting your personal data.

Our privacy notice will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

1. Important information and who we are

Purpose of this privacy notice

This privacy notice aims to give you information on how Krystal Hosting collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign in to your client area or purchase a product / service. When we collect, use and are responsible for certain personal information about you, we are regulated under the General Data Protection Regulation ("GDPR") which applies across the European Union (including in the United Kingdom) and we are responsible as "controller" of that personal information for the purposes of those laws.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with any other notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

This privacy notice supplements any other notices and is not intended to override them.

Controller & Data Processor

Krystal Hosting is the controller and data processor and we are responsible for your personal data (collectively referred to as Krystal Hosting Limited "we", "us" or "our" in this privacy notice).

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.

Krystal Hosting Limited Contact details

Name: David Kimberley (Data privacy manager)
Postal address: Kemp House, 152 - 160 City Road, London, EC1V 2NX
Telephone number: 020 8050 1337
Email: dave@krystal.uk

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to the privacy notice and your duty to inform us of changes

The data protection laws changed on 25th May 2018.

This version of our privacy policy was last updated on 3rd January 2021.

It is important that the personal data we hold about you is accurate and current.

Please keep us informed if your personal data changes during your relationship with us.

Third-party links

This website may include links to third-party websites, plug-ins and applications.

Clicking on those links or enabling those connections may allow third parties to collect or share data about you.

We do not control these third-party websites and are not responsible for their privacy statements.

When you leave our website, we encourage you to read the privacy notice of every website you visit.

2. The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified.

It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

• Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
• Contact Data includes billing address, delivery address, email address and telephone numbers.
• Financial Data includes bank account and payment card details.
• Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
• Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
• Usage Data includes information about how you use our website, products and services.
• Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose.

Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.

For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services).

In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

3. How is your personal data collected?

We use different methods to collect data from and about you including through:

• Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise.

  This includes personal data you provide when you:

  • apply for our products or services;
  • create an account on our website;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us some feedback.
• Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
• We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.
• Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
• Technical Data from the following parties:
  (a) analytics providers;
  (b) affiliate network providers;
  (c) advertising networks; and
  (d) search information providers.
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
• Identity and Contact Data from data brokers or aggregators.
• Identity and Contact Data from publicly availably sources.

4. How we use your personal data

We will only use your personal data when the law allows us to.

Most commonly, we will use your personal data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation.

Generally we do not rely on consent as a legal basis for processing your personal data other than to respond to an enquiry you make to us via our website where by making the enquiry you consent to us using any personal data provided for the purposes of dealing with and responding to that enquiry, or in relation to sending third party direct marketing communications to you via email or text message.

You have the right to withdraw consent to marketing at any time by contacting us.

Purposes for which we will use your personal data

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity	Type of data	Lawful basis for processing including basis of legitimate interest
To register you as a new customer	(a) Identity (b) Contact	Performance of a contract with you
To process and deliver your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us	(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications	(a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey	(a) Identity (b) Contact (c) Profile (d) Marketing and Communications	(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To enable you to partake in a prize draw, competition or complete a survey	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications	(a) Performance of a contract with you (b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	(a) Identity (b) Contact (c) Technical	(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you	(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical	Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences	(a) Technical (b) Usage	Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you	(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile	Necessary for our legitimate interests (to develop our products/services and grow our business)
To deal with a general enquiry or careers enquiry	(a) Identity (b) Contact	(a) Consent (b) Necessary for our legitimate interests (recruitment and to communicate with our customers, partners and other third parties)

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising:

Promotional offers from us

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased goods or services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.

Third-party marketing

We will get your express opt-in consent before we share your personal data with any company outside of Krystal Hosting for marketing purposes.

Opting out

You can ask us or third parties to stop sending you marketing messages at any time by contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

For more information about the cookies we use, please see our cookie policy.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. Disclosures of your personal data

We may have to share your personal data with the parties set out below for the purposes:

• Internal Third Parties
• External Third Parties
• Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International transfers

We share your data within Krystal Hosting including any of our subsidiary companies and on occasion with 3rd party suppliers where required and listed specifically within our Glossary.

This might involve transferring your data outside the European Economic Area (EEA).

We ensure your personal data is protected by requiring all our 3rd parties to follow the same rules when processing your personal data.

These rules are called "binding corporate rules". For further details, see European Commission: Binding corporate rules.

Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

7. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8. Data retention

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for 6 years after they cease being customers for tax purposes.

In some circumstances you can ask us to delete your data: see request erasure below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

9. Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data.

• Request access to your personal data.
• Request correction of your personal data.
• Request erasure of your personal data.
• Object to processing of your personal data.
• Request restriction of processing your personal data.
• Request transfer of your personal data.
• Right to withdraw consent.

If you wish to exercise any of the rights set out above, please contact us.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. Glossary

LAWFUL BASIS

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

THIRD PARTIES

External Third Parties

• Service providers acting as processors who provide IT and system administration services.
• Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based who provide consultancy, banking, legal, insurance and accounting services.
• HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.
• External third parties who provide electronic / computing services, as listed below:

Name	Type of service	Data Processed
Slack Inc.	Live Chat Service	Internal messaging that might include customer name and email details for the purpose of support.
Xero Limited	Accountancy Software	Customer details including customer name, address and email address.
Google	Cloud based documentation software, storage & analytical	Occasional instances of customer name and email address on internally-shared documents and analytical tools.
Stripe	Payment Processor	Customer name, address and card information for the purpose of payment processing.
MaxMind Inc.	Digital Mapping	Customer name, address, email address and IP for fraud verification / prevention.
Dial9 Communications Limited	Communications Service Provider	Name, phone number and call recording.
aTech Media Limited	Live Chat Services	Name, email address and any live chat discussion.
Hotjar Ltd	Visitor Session Recording Service	Customer content of live chat discussion.
Enom Inc.	Domain Name & SSL Services	Customer name, address and email address.
OpenSRS	Domain Name Services	Customer name, address and email address.
Nominet	Domain Name Services	Customer name, address and email address.
Chartio	Cloud Based Data Analytic Tool	Very occasional instances of client data in the course of carrying out statistics analysis
Netistrar	Domain Name Services	Customer name, address and email address.
PayPal	Payment Processor	Customer name, address and card information for the purpose of payment processing.
Promoter.io	Net Promoter Scoring	Customer name and email address.
AdRoll	Retargeting / Remarketing	Service data and performance data.

YOUR LEGAL RIGHTS

You have the right to:

Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

11. Data Processing Agreement

These terms set out the additional terms requirements and conditions on which we will process personal data when providing services to you.

This Agreement contains the mandatory clauses required by article 28(3) of the General Data Protection Regulation ((EU) 2016/679) for Agreements between data controllers.

We are Krystal Hosting Ltd a company incorporated and registered in England and Wales with company number 07571790 whose registered office is at Kemp House, 152 - 160 City Road, London, EC1V 2NX

By purchasing our website hosting services you confirm that you accept to these terms of data processing and you agree to comply with them.

If you do not agree with these terms, you must not purchase website hosting services from us.

We recommend that you print a copy of these terms for your future reference.

AGREED TERMS

1. Definitions and interpretation

The following definitions and rules of interpretation apply in this Agreement.

1.1 Definitions:

Data Subject: an individual who is the subject of Personal Data.

Personal Data: means any information relating to an identified or identifiable natural person that is processed by the Data Processor as a result of, or in connection with, the provision of the services; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing, processes and process: either any activity that involves the use of Personal Data or as the Data Protection Legislation may otherwise define processing, processes or process. It includes any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording. organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Processing also includes transferring Personal Data to third parties.

Data Protection Legislation: all applicable privacy and data protection laws including the General Data Protection Regulation ((EU) 2016/679) and any applicable national implementing laws, regulations and secondary legislation in England and Wales relating to the processing of Personal Data and the privacy of electronic communications, as amended, replaced or updated from time to time, including the Privacy and Electronic Communications Directive (2002/58/EC) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2003/2426).

Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

Standard Agreements Clauses (SCC): the European Commission's Standard Agreementual Clauses for the transfer of Personal Data from the European Union to processors established in third countries as set out in Commission Decision 2010/87/EU.

1.2 This Agreement is subject to the terms of any separate agreement made between the parties for the supply of website hosting services (“Services Agreement”) and is incorporated into any such Agreement. Interpretations and defined terms set forth in the Services Agreement apply to the interpretation of this Agreement.

1.3 The Annexes form part of this Agreement and will have effect as if set out in full in the body of this Agreement. Any reference to this Agreement includes the Annexes.

1.4 A reference to writing or written excludes faxes and email.

1.5 In the case of conflict or ambiguity between:

(a) any provision contained in the body of this Agreement and any provision contained in the Annexes, the provision in the body of this Agreement will prevail;

(b) the terms of any accompanying invoice or other documents annexed to this Agreement and any provision contained in the Annexes, the provision contained in the Annexes will prevail; and

(c) any of the provisions of this Agreement and the provisions of the Services Agreement, the provisions of the Services Agreement will prevail.

1.6 This agreement is in addition to and does not remove or replace a party’s obligations under the Data Protection Legislation.

1.7 In this agreement we are the Data Processor and you are the Data Controller

2. Personal data types and processing purposes

2.1 The Data Controller retains control of the Personal Data and remains responsible for its compliance obligations under the applicable Data Protection Legislation, including providing any required notices and obtaining any required consents, and for the processing instructions it gives to the Data Processor.

2.2 ANNEX A describes the subject matter, duration, nature and purpose of processing and the Personal Data categories and Data Subject types in respect of which the Data Processor may process to provide services to the Data Controller under the terms of the Services Agreement or otherwise.

3. Data Processor's obligations

3.1 The Data Controller acknowledges that for the purposes of fulfilling its obligations under the Agreement the Data Processor may have access to and may be required to process Personal Data (as defined in the Data Protection Legislation) on behalf of the Data Controller and in accepting the Agreement the Data Controller authorises the Data Processor to process its Personal Data in accordance with the terms of this Clause 3.

3.2 Both parties will comply with all applicable requirements of the Data Protection Legislation. This clause 3 is in addition to, and does not relieve, remove or replace, a party's obligations under the Data Protection Legislation.

3.3 The parties acknowledge that for the purposes of the Data Protection Legislation, the Data Controller is the data controller and the Data Processor is the data processor (where Data Controller and Data Processor have the meanings as defined in the Data Protection Legislation).

3.4 Without prejudice to the generality of clause 3.2, the Data Controller will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Personal Data to the Data Processor for the duration and purposes of this agreement.

3.5 Without prejudice to the generality of clause 3.2, the Data Processor shall, in relation to any Personal Data processed in connection with the performance by the Data Processor of its obligations under this agreement:

(a) process that Personal Data only on the written instructions of the Data Controller unless the Data Processor is required by the laws of any member of the European Union or by the laws of the European Union applicable to the Data Processor to process Personal Data (Applicable Laws). Where the Data Processor is relying on laws of a member of the European Union or European Union law as the basis for processing Personal Data, the Data Processor shall promptly notify the Data Controller of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Data Processor from so notifying the Data Controller;

(b) ensure that it has in place appropriate technical and organisational measures, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it);

(c) ensure that all personnel who have access to and/or process Personal Data are obliged to keep the Personal Data confidential; and

(d) subject to clause 3.10 to not transfer any Personal Data outside of the European Economic Area (“EEA”) unless the prior written consent of the Data Controller has been obtained and the following conditions are fulfilled:

(i) the Data Controller or the Data Processor has provided appropriate safeguards in relation to the transfer;

(ii) the data subject has enforceable rights and effective legal remedies;

(iii) the Data Processor complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred; and

(iv) the Data Processor complies with reasonable instructions notified to it in advance by the Data Controller with respect to the processing of the Personal Data;

(e) if so reasonably required, assist the Data Controller, at the Data Controller's cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;

(f) notify the Data Controller without undue delay on becoming aware of a Personal Data breach;

(g) if so reasonably required, at the written direction of the Data Controller, delete or return Personal Data and copies thereof to the Data Controller on termination of the agreement unless required by Applicable Law to store the Personal Data; and

(h) if so reasonably required, maintain complete and accurate records and information to demonstrate its compliance with this clause 3.

3.6 In accepting these Terms and Conditions the Data Controller consents to the Data Processor appointing third-party processors of Personal Data (“the Sub Processors”) under this agreement.

3.7 The Data Processor shall enter with the Sub Processors into a written agreement incorporating terms which are substantially similar to those set out in this clause 3 prior to any Sub Processor being appointed.

3.8 The Data Controller accepts that for the purposes of this Agreement part or all of its Personal Data may need to be processed outside of the EEA and the Data Controller further consents to the Data Processor processing its Personal Data in appointing these third party processors listed within section 10. Glossary who are located outside of the EEA.

3.9 The Data Controller shall have the ability to withdraw its consent to the Data Processor’s use of Sub Processor for the purposes of fulfilling this Agreement by notifying the Data Processor in writing at its registered office. However the Data Controller acknowledges that the Data Processor may not be able to perform the Services or any part of the Services unless it is able to appoint an alternative Sub Processor and where an alternative Sub Processor cannot be appointed, the Data Processor shall not be obliged to provide any part of the Services which are so affected.

3.10 The Data Processor may, at any time on not less than 30 days’ notice, revise this clause 3 by replacing it with any applicable controller to processor standard clauses or similar terms forming party of an applicable certification scheme (which shall apply when replaced by attachment to this agreement).

4. Term and termination

4.1 This Agreement will remain in full force and effect so long as:

(a) the Services Agreement remains in effect or the Data Processor provides the relevant services to the Data Controller, or

(b) the Data Processor retains any Personal Data related to the Services Agreement and/or the services in its possession or control.

4.2 Any provision of this Agreement that expressly or by implication should come into or continue in force on or after termination of the Services Agreement or the provision of services by the Data Processor to the Data Controller (as may be applicable) in order to protect Personal Data will remain in full force and effect.

4.3 If a change in any Data Protection Legislation prevents either party from fulfilling all or part of its obligations to the other party, the parties will suspend the processing of Personal Data until that processing complies with the new requirements. If the parties are unable to bring the Personal Data processing into compliance with the Data Protection Legislation within 28 days, they may terminate the Services Agreement and/or the provision of services on written notice to the other party without prejudice to any right or remedy the parties may have under the Services Agreement or otherwise

5. Notice

5.1 Any notice or other communication given to a party under or in connection with this Agreement must be in writing and delivered to:

For the Data Controller: The address provided under the Services Agreement

For the Data Processor: David Kimberley, Address: Krystal Hosting Ltd, Kemp House, 152 - 160 City Road, London, EC1V 2NX. Email: dave@krystal.uk

5.2 Clause 5.1 does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.

5.3 A notice given under this agreement is valid if sent by post or by e-mail.

6. General

If any provision or part-provision of this Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of this Agreement.

If any provision or part-provision of this Agreement is invalid, illegal or unenforceable, the parties shall negotiate in good faith to amend such provision so that, as amended, it is legal, valid and enforceable, and, to the greatest extent possible, achieves the intended commercial result of the original provision.

Waiver. A waiver of any right under this Agreement or law is only effective if it is in writing and shall not be deemed to be a waiver of any subsequent breach or default. No failure or delay by a party in exercising any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict its further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.

No partnership or agency. Nothing in this Agreement is intended to, or shall be deemed to, establish any partnership or joint venture between the parties, nor constitute either party the agent of the other for any purpose. Neither party shall have authority to act as agent for, or to bind, the other party in any way.

Third parties. A person who is not a party to this Agreement shall not have any rights to enforce its terms.

Variation. Except as set out in these Conditions, no variation of this Agreement, including the introduction of any additional terms and conditions, shall be effective unless it is agreed in writing and signed by the Data Processor.

Governing law. This Agreement, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with the law of England.

Jurisdiction. Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).

ANNEX A Personal Data Processing Purposes and Details

Subject matter of processing: [Website Hosting Services]

Duration of Processing: The Term as set out at Clause 4.1

Nature of Processing: [Storage]

Business Purposes: Performance of our Services Agreement

Personal Data Categories: [Identity, Data, Financial Data, Transaction Data, Technical Data, Profile Data, Usage Data, Marketing & Communications Data and any other such date as collected by the Data Controller on its website]

Data Subject Types: [any user of the Data Controller’s website]

• Located in a country with a current determination of adequacy.
• Binding Corporate Rules.
• Standard Processing Clauses between Customer as "data exporter" and Provider as "data importer".
• Standard Processing Clauses between Provider as "data exporter" on behalf of Customer and Provider affiliate or Sub Processor as "data importer".
• EU-US Privacy Shield Certified.

This acceptable use policy sets out the terms between you and us under which you may use your hosting services. This acceptable use policy applies to shared, reseller, VPS, and dedicated server hosting.

Your use of our site means that you accept, and agree to abide by, all the policies in this acceptable use policy, which supplement our Website Terms of Use.

https://krystal.uk is a website operated by Krystal Hosting Limited, (“we”, “us” or “our”).

1. Prohibited Uses

1. You may use your hosting services only for lawful purposes. You and each authorised user may not use your services:
   1. In any way that breaches any applicable local, national or international law or regulation, including copyright or other intellectual property law.
   2. In any way that is unlawful, fraudulent or otherwise dishonest, or has any unlawful or fraudulent purpose or effect.
   3. To promote any unlawful activity.
   4. For the purpose of harming or attempting to harm minors or any other person in any way.
   5. For using your services in a way intended to harm our network, operations, business, equipment, websites or systems, or the reputation of our company or any other person or entity (including any denial of service and similar attacks).
   6. To transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam). Maintaining an open SMTP (Simple Mail Transfer Protocol) relay is also prohibited.
   7. to allow the use of our platform to provide free hosting to your customers because this encourages spamming and other abuses of the platform.
   8. To simulate communications from us or another service or entity in order to collect identity information, authentication credentials, or other information (phishing).
   9. To transmit knowingly any data, send or upload any material that contains viruses or disabling code including trojan horses, worms, time-bombs, ransomware, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.
   10. To represent or suggest that we endorse any other business, product or service unless we have separately agreed to do so in writing.
   11. To gain unauthorised access to or use of any computers, data, systems, accounts or networks of any person.
   12. In any manner which may impair any other person’s use of the Services or use of any other services provided by us to any other person.
   13. To attempt to circumvent any password or user authentication methods of any person.
   14. In any manner inconsistent with our agreement or inconsistent with any instructions provided by us from time to time.
2. Ruby, Sapphire, Diamond & Tanzanite plans are intended to be used to host websites under your direct ownership - they are not unlimited reseller plans. We reserve the right to withdraw support or suspend the service where such plans are:
   1. Used to effectively resell our hosting services to multiple customers (whether you charge them or not).
   2. Used as bulk media sharing sites.
   3. Used as backup storage facilities or for personal multi-media content such as movies, music, photos or other media, or as an email archival system.

2. Communication Standards

1. Any data, information or communication made on or using the Services by any person must conform to appropriate and lawful standards of accuracy, decency and lawfulness, which shall be applied in our discretion, acting reasonably. In particular, you warrant and undertake that any data and each such communication shall at all times be:
   1. Submitted lawfully and without infringement of any Intellectual Property Rights of any person;
   2. Free of any virus (at the point of entering our systems);
   3. factually accurate;
   4. provided with all necessary consents of all relevant third parties;
   5. not defamatory or likely to give rise to an allegation of defamation;
   6. not obscene, seditious, vulgar, pornographic, sexually explicit, discriminatory, or deceptive;
   7. not abusive, threatening, offensive, harassing or invasive of privacy;
   8. not racist, sexist of xenophobic;
   9. not liable to offend religious sentiments or deeply held beliefs; and
   10. unlikely to cause offence, embarrassment or annoyance to any person.

3. Suspension and termination

1. Suspension of your services will occur automatically in the following cases:
   1. Payment is overdue. We accept no liability should our inability to take a payment cause an account to become overdue. Please ensure you receive a payment confirmation on the expected date.
   2. Malware or other suspect content has been discovered in your hosting account.
   3. Spam or fraud/phishing email has been sent from your hosting services.
2. Notwithstanding the above, failure to comply with this acceptable use policy constitutes a material breach of the terms of use upon which you are permitted to use our services, and may result in our taking all or any of the following actions:
   1. Issue of a warning to you.
   2. Issue of a request to remove email or other media from your account or to upgrade to a VPS solution if your shared hosting account is determined to be over appropriate usage limits.
   3. Immediate, temporary or permanent withdrawal of your right to use our services.
   4. Immediate, temporary or permanent removal of any material from our services.
   5. Legal proceedings against you which may include, but not be limited to, recovery of all costs on an indemnity basis (including, but not limited to, reasonable administrative and legal costs) resulting from the breach.
   6. Notification of law enforcement authorities where we feel this is absolutely necessary.
3. We exclude liability for actions taken in response to breaches of this acceptable use policy. The responses described in this policy are not limited, and we may take any other action we reasonably deem appropriate.

4. Changes to the acceptable use policy

1. We may revise this acceptable use policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make, as they are legally binding on you.

This page (together with the documents referred to in it) tells you information about the legal terms and conditions (“Agreement”) on which we contract with you, the Affiliate, under our Affiliate Programme. Please read this Agreement carefully and make sure that you understand them before agreeing to become an Affiliate of ours. By agreeing to be one of our Affiliates you agree to be bound by this Agreement and the other documents expressly referred to in it.

By entering into this Agreement with us you also confirm that you are over 18 years old or, if different, that you are of sufficient age to be entitled to enter into legal agreements in your jurisdiction.

If you refuse this Agreement you will not be able to receive any commission on referrals to our business.

You should print a copy of this Agreement for future reference.

We amend this Agreement from time to time as set out in clause 4.2. Every time someone you refer to us places an order for Services with us the Affiliate Terms at the time of the placement of the order will apply at that time as published on our site affiliate.k.io.

Parties

1. KRYSTAL HOSTING LTD a company incorporated in England and Wales under number 07571790 whose registered office is at Kemp House, 152-160 City Road, London, EC1V 2NX (“Krystal”, “we”, “us”, “our”); and
2. You, the person, business or charitable organisation engaging with us as an affiliate (“Affiliate”, “you”, “your”), (each of Krystal and the Affiliate being a “party” and together Krystal and the Affiliate are the “parties”).

Background

1. Krystal supplies the Services (as defined below).
2. Krystal wishes to appoint the Affiliate as its non-exclusive agent in the Territory (as defined below) for the marketing of the Services on the terms of this Agreement.
3. The Affiliate has agreed to market the Services in the Territory on Krystal’s behalf on the terms of this Agreement.

The Parties Agree:

1 Definitions and interpretation

1. In this Agreement, unless otherwise provided:
   1. Agreement means the main body of this Agreement, its schedules and appendices, as each may be amended from time to time in accordance with their terms;
   2. Bribery Laws means the Bribery Act 2010 and associated guidance published by the Secretary of State for Justice under the Bribery Act 2010 and all other applicable UK legislation, statutory instruments and regulations in relation to bribery or corruption;
   3. Business Day means a day other than a Saturday, Sunday or public or bank holiday when banks are open for non-automated commercial business in the City of London;
   4. Commencement Date means the date the Affiliate enters into this Agreement with Krystal by indicating their acceptance of these terms on our site affiliate.k.io;
   5. Confidential Information means any information that the Affiliate has or acquires that is confidential in nature concerning Krystal including, all knowhow, trade secrets, financial, commercial, technical, tactical or strategic information of any kind, information relating to its business, affairs, plans, customers, clients, suppliers and services;
   6. Cookies means a small text file which is placed onto a device (eg computer, smartphone or other electronic device) when someone uses our website. Cookies help Krystal recognise a particular Customer and are crucial to the effectiveness of the referral of Customers to Krystal. Customer means any person or company in the Territory with whom Krystal enters into a contract for the sale and supply of the Services;
   7. Data Protection Laws means, as applicable to either party and/or to the rights, responsibilities and/or obligations of either party in connection with this Agreement:
      1. the GDPR;
      2. the Data Protection Act 2018;
      3. the Directive 2002/58/EC (ePrivacy Directive) and/or the Privacy and Electronic Communications (EC Directive) Regulations 2003;
      4. any other applicable law relating to the processing, privacy and/or use of Personal Data, as applicable to either party and/or to the rights, responsibilities and/or obligations of either party in connection with this Agreement;
      5. any laws which implement any such laws; and
      6. any laws that replace, extend, re-enact, consolidate or amend any of the foregoing;
   8. Force Majeure has the meaning given in clause 18;
   9. GDPR means the General Data Protection Regulation, Regulation (EU) 2016/679;
   10. Intellectual Property means copyright, patents, know-how, trade secrets, trade marks, trade names, design rights, rights in get-up, database rights, chip topography rights, mask works, utility models, domain names and all similar rights and, in each case: (a) whether registered or not; (b) including any applications to protect or register such rights; (c) including all renewals and extensions of such rights or applications; (d) whether vested, contingent or future; and (e) wherever existing;
   11. Krystal’s Hosting Acceptable Use Policy means the standard terms of Krystal’s Hosting Acceptable Use Policy and as amended from time to time and which can be found at krystal.uk/terms;
   12. Krystal’s Intellectual Property has the meaning given in clause 9.1;
   13. Local Laws has the meaning given in clause 5.1.10;
   14. Month means the period of one calendar month starting on the first day of the month and finishing on the last day of the month and includes a partial month running up to the end of the calendar month if the Commencement Date falls on any other day than the first day of the month.
   15. Net Sale Price means the actual price charged to Customers for the Services excluding (where applicable) VAT and charges for bolt-on services;
   16. Personal Data has the meaning given in applicable Data Protection Laws from time to time;
   17. Prices means the prices for the Services as determined by Krystal from time to time and updated on our site krystal.uk;
   18. Qualifying Contract has the meaning given in clause 6.2;
   19. SEO means Search Engine Optimisation;
   20. Services means the services supplied by Krystal described in Schedule 1 as amended from time to time according to the offering on our site krystal.uk;
   21. Term has the meaning given in clause 2.1;
   22. Terms of Supply means Krystal’s standard terms of sale and supply for the Services and includes the Hosting Acceptable Use Policy, as described at Schedule 2, as amended or updated by Krystal from time to time in accordance with this Agreement and published on the site krystal.uk, or such other terms to which Krystal may from time to time give its prior written consent;
   23. Territory means the United Kingdom, any British Crown Dependencies and any British Overseas Territories;
   24. VAT means value added tax as defined in the Value Added Tax Act 1994 and any equivalent or similar tax.
2. In this Agreement:
   1. the table of contents, background section and any clause, schedule or other headings in this Agreement are included for convenience only and shall have no effect on the interpretation of this Agreement;
   2. a reference to a ‘party’ includes that party’s personal representatives, successors and permitted assigns;
   3. a reference to a ‘person’ includes a natural person, corporate or unincorporated body (in each case whether or not having separate legal personality) and that person’s personal representatives, successors and permitted assigns;
   4. a reference to a ‘company’ includes any company, corporation or other body corporate, wherever and however incorporated or established;
   5. a reference to a gender includes each other gender;
   6. words in the singular include the plural and vice versa;
   7. any words that follow ‘include’, ‘includes’, ‘including’, ‘in particular’ or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words;
   8. a reference to ‘writing’ or ‘written’ includes any method of reproducing words in a legible and non-transitory form;
   9. a reference to legislation is a reference to that legislation as amended, extended, re-enacted or consolidated from time to time;
   10. a reference to legislation includes all subordinate legislation made from time to time under that legislation; and
   11. a reference to any English action, remedy, method of judicial proceeding, court, official, legal document, legal status, legal doctrine, legal concept or thing shall, in respect of any jurisdiction other than England, be deemed to include a reference to that which most nearly approximates to the English equivalent in that jurisdiction.

2 Commencement and term

This Agreement shall commence on the Commencement Date and (subject to earlier termination pursuant to clauses 12 or 18) shall continue until either party shall give to the other party not less than one months’ written notice to terminate the Agreement (“Term”) provided that the end of such notice period must coincide with the end of the Month.

3 Appointment and scope

1. Krystal appoints the Affiliate as its non-exclusive agent for the marketing of the Services in the Territory for the Term, and the Affiliate accepts that appointment, on and subject to the terms of this Agreement.
2. Krystal shall have the right at any time during the Term and thereafter to appoint other persons as agent, seller, reseller, distributor or franchisee for the marketing and/or sale of the Services in the Territory.
3. Krystal shall be entitled to market and solicit orders for the Services and sell the Services, in each case, in the Territory at any time during the Term and thereafter.
4. The Affiliate shall not market the Services outside the Territory or sell, seek sales or solicit orders for the Services from persons outside the Territory.
5. The Affiliate shall have the authority to market to, but not execute or otherwise conclude contracts with, Customers for sales of the Services in the Territory.

4 Rights and duties of Krystal

1. Throughout the Term Krystal shall:
   1. act dutifully and in good faith towards the Affiliate
   2. at its own expense supply the Affiliate with promotional and marketing materials relating to the Services to the extent Krystal (acting reasonably) considers these to be required for the Affiliate to be able to appropriately market the Services in the Territory;
   3. use its reasonable endeavours to perform the Services and otherwise carry out Customer contracts introduced by the Affiliate or advise the Affiliate as soon as reasonably practicable if it is unable to fulfil any order for the Services introduced by the Affiliate on behalf of a Customer;
   4. deal with any after-sales enquiries or complaints from Customers;
   5. provide the Affiliate with such other information in connection with the Services and/or the Customers as the Affiliate may reasonably require from Krystal to be able to perform its obligations under this Agreement.
2. Krystal may, at its sole discretion, without notice to the Affiliate:
   1. add services to, or withdraw services from, the list of the Services in Schedule 1;
   2. change the specification of any of the Services;
   3. change the structure and rates of the commission payments described in clause 6 below;
   4. change the price of any of the Services; and/or
   5. make changes to its then current Terms of Supply.
3. Krystal shall inform the Affiliate, within a reasonable time, whether it accepts, refuses or otherwise intends not to execute any contract the Affiliate has procured for it unless the Customer is in breach of Krystal’s Terms of Supply.
4. Subject to the compliance of the Affiliate with clause 5.1.10, Krystall warrants to the Affiliate that the Services comply with all applicable Local Laws as are in force at the Commencement Date and that, where the Affiliate notifies Krystal of any change to such Local Laws, Krystal shall use reasonable endeavours to ensure the compliance of the Services with such changed Local Laws as soon as is reasonably practicable after the date of implementation of such change.

5 Rights and duties of the Affiliate

1. Throughout the Term the Affiliate shall:
   1. look after the interests of Krystal and act dutifully and in good faith towards Krystal, Customers and prospective customers;
   2. comply with Krystal’s instructions in relation to the marketing of the Services and otherwise in its dealings with Customers and prospective customers and shall comply with all policies of Krystal as Krystal may notify to the Affiliate from time to time;
   3. use its best endeavours, and act with all reasonable care and skill, to promote the Services and to seek to enhance the reputation and goodwill of Krystal, in each case, in the Territory;
   4. make clear to all Customers and prospective customers that it is the agent of Krystal only to the extent provided for in this Agreement and shall not pledge the credit of Krystal, enter into any compromise with Customers or otherwise incur any obligation on Krystal’s behalf except as expressly provided for under this Agreement or with Krystal’s prior written consent;
   5. to make clear on any marketing communications that it is acting as an Affiliate for Krystal and to comply with all applicable advertising laws;
   6. not allow its interests to conflict with those of Krystal or the duties it owes Krystal and shall not do anything detrimental or prejudicial to the commercial interests or reputation of Krystal;
   7. exercise reasonable commercial judgment in its dealings with Customers and prospective customers, including in connection with carrying out appropriate due diligence in respect of their suitability for Krystal’s Services;
   8. in the course of dealing with all Customers and prospective customers the Affiliate shall bring the then-current Prices and Terms of Supply to their notice and attention and in the name of and for Krystal, obtain Customer orders for the Services on (and only on) Krystal’s then-current Prices and Terms of Supply and send such orders to Krystal for acceptance and fulfilment in accordance with this Agreement;
   9. immediately inform Krystal of any order or enquiry about the Services received by the Affiliate in connection with Customers or prospective customers outside the Territory;
   10. comply with relevant laws and regulations, and obtain and maintain all licences, permits, consents, approvals and registrations as may from time to time be necessary for the marketing of the Services and generally in its performance of this Agreement. The Affiliate shall indemnify Krystal against any and all liabilities incurred by Krystal as a result of any breach by the Affiliate of this clause 5.1.10;
   11. notify Krystal of all laws, regulations and codes which are applicable to the promotion, marketing, sale and supply of the Services in the Territory (“Local Laws”) and shall notify Krystal of any actual or prospective change in such Local Laws as soon as is reasonably possible. The Affiliate warrants to Krystal that it has notified it of all Local Laws that are in force as at the Commencement Date and any planned changes to Local Laws that may apply during the Term;
   12. communicate to Krystal all information relevant to this Agreement that is available to the Affiliate;
   13. promptly report to Krystal any complaints, problems or claims relating to the Services and promptly inform Krystal of any after-sales enquiries concerning the Services, in each case that has been received by or communicated to the Affiliate or of which the Affiliate has otherwise become aware, and where and to the extent requested by Krystal carry out and/or assist with investigations regarding the same;
   14. not make any statement or give any representation, warranty or guarantee in respect of the Services, other than those set out in the Terms of Supply, without Krystal’s prior written consent;
   15. employ sufficient competent and appropriately qualified personnel to carry out and comply with its obligations under this Agreement;
   16. only use marketing, promotional or sales materials supplied or otherwise approved in writing by Krystal and shall not in any way make any alterations to any such materials;
   17. not make available the Affiliate link or code on any coupon or voucher sites, business-opportunity sites or engage in other incentivised programmes in relation to the marketing of Krystal’s Services or any other blackhat SEO or spam activities undertaken with the aim of generating more referrals;
   18. not attempt to refer Customers to Krystal by the use of illegal or spam mailing (such as unsolicited bulk mailing), or unauthorised forum postings;
   19. as part of the Affiliate’s actions that are in good faith the Affiliate will not take any actions or market the Services with the intention to create a negative revenue situation for Krystal;
   20. pay all expenses incurred by it in connection with its performance of its obligations under this Agreement and, at its own expense, maintain such of its own systems, facilities, offices, sales outlets and other premises, in each case as are reasonably required to effectively perform its obligations under this Agreement; and
   21. comply with the reasonable instructions of Krystal in connection with any dispute, claims or proceedings in connection with the Services or any Customer, but shall not otherwise be involved in or take any action in connection with any such dispute, claims or proceedings other than with the prior written consent of Krystal.
2. The Affiliate acknowledges that the tracking of new Customers will be managed by Cookies placed on the Customer’s browser. If the Customer refuses the Cookies Krystal needs to track any orders, the Affiliate acknowledges that Krystal may not be able to pay Commission in line with clause 6 below. For details of Krystal’s Cookie Policy please see krystal.uk/terms.
3. The obligations of the Affiliate under clause 5.1 are in addition, and without prejudice, to the duties upon the Affiliate under the Data Protection Laws.

6 Commission

1. Subject to the other terms of this clause 6, Krystal shall pay to the Affiliate a commission as follows:
   1. If the Affiliate refers a total of between 1 and 5 Customers to Krystal who each enter into a Qualifying Contract with Krystal for any of the Services within a given Month during the Term and pursuant to this Agreement, Krystal shall pay to the Affiliate a commission of £25 for each Qualifying Contract.
   2. If the Affiliate refers a total of between 6 and 10 Customers to Krystal who each enter into a Qualifying Contract with Krystal for any of the Services within a given Month during the Term and pursuant to this Agreement, Krystal shall pay to the Affiliate a commission of £35 for each Qualifying Contract.
   3. If the Affiliate refers a total of between 11 and 20 Customers to Krystal who each enter into a Qualifying Contract with Krystal for any of the Services within a given Month during the Term and pursuant to this Agreement, Krystal shall pay to the Affiliate a commission of £50 for each Qualifying Contract.
   4. If the Affiliate refers a total of between 21 or more Customers to Krystal who each enter into a Qualifying Contract with Krystal for any of the Services within a given Month during the Term and pursuant to this Agreement, Krystal shall pay to the Affiliate a commission of £50 for each Qualifying Contract unless the Customer and Krystal have entered into an additional agreement to pay a higher sum, in which case the amount paid shall be determined by such additional agreement.
   5. If there are other significant factors that mark an Affiliate as a super high volume referrer of Customers Krystal may enter into an additional agreement for a fixed period of time and on fixed terms to pay the Affiliate a commission at an agreed rate for each Qualifying Contract in manner similar to that described in 6.1.4 above.
2. Krystal offers a 60 day money back guarantee to all new Customers who sign up to our Services which starts at the point of the Customer entering into the contract with Krystal. As such, commission on payments to Affiliates will only be eligible for payment when each Customer has decided to continue its contract with Krystal beyond the first 60 days. This is known as a “Qualifying Contract”. Any Customer referred to Krystal under this Agreement that cancels its contract with us within that first 60 days period or that Krystal rejects due to fraud or other breach of Krystal’s Hosting Acceptable Use Policy will not be eligible for a commission payment.
3. From time to time Krystal may publish offers for higher rates of commission which are published on the website, in the affiliate dashboard or by email in which case commission will be paid at the higher advertised rate for the period stated.
4. Where Krystal previously appointed an agent for the marketing of the Services in the Territory and that agent is entitled to receive commission on the sale of the Services in the Territory even after the Commencement Date of this Agreement, then the Affiliate acknowledges that it is not also entitled to receive commission in connection with those same sales and agrees not to seek any such commission from Krystal.
5. Commission shall be paid no later than 5 working days after the end of the month in which a contract for Services under this Agreement becomes a Qualifying Contract. By way of example, if an Affiliate refers a Customer to us and that Customer enters into a contract with Krystal on 10th March, the contract will become a Qualifying Contract on 9th May if it is not cancelled by that date, the payment to the Affiliate will become due 5 working days into June.
6. Within 5 working days of the end of each Month Krystal shall make available within the Affiliate portal on affiliate.k.io a statement showing:
   1. the Net Sale Price in respect of all the Services sold by Krystal as a result of the Affiliate’s marketing efforts or negotiations pursuant to the terms of this Agreement;
   2. confirmation of the Qualifying Contracts and their value in commission to the Affiliate;
   3. a payment history for commission paid broken down into Months in a form suitable for VAT requirements.
7. The Affiliate shall within 14 days of the statement referred to in clause 6.6 above notify Krystal of any part of such statement which the Affiliate disputes (and which is to be resolved pursuant to clause 6.8.
8. Where the Affiliate notifies Krystal of any dispute pursuant to clause 6.7 above, Krystal shall pay the undisputed amount and shall be entitled to withhold the disputed amount until such time as the dispute is resolved, it having been referred to Krystal’s accountant’s for determination. The parties acknowledge that such determination shall be final and agree that they shall not seek to challenge it.
9. Interest shall be payable on any sum due but unpaid by either party to the other from the due date until payment, and whether before or after judgment, at 2% per annum over the Bank of England base rate from time to time.
10. All commission shall be calculated and payable in pounds sterling and other currencies shall be converted into sterling at the daily rate set by Krystal’s banking provider for the currency concerned on the date when payment is received by Krystal.
11. Each party shall:
    1. keep full and accurate accounts and records and all invoices and receipts, in each case, which are in connection with transactions and other interactions with Customers carried out by the Affiliate on Krystal’s behalf pursuant to this Agreement;
    2. allow the other party and/or its duly authorised representatives to inspect and copy such accounts, records, invoices and receipts at all reasonable times.

7 Anti-bribery

1. For the purposes of this clause 8 the expressions “adequate procedures” and “associated with” shall be construed in accordance with the Bribery Act 2010 and legislation or guidance published under it.
2. The Affiliate shall ensure that it and each person referred to in clauses 7.2.1 to 7.2.3 (inclusive) does not, by act or omission, place Krystal in breach of any Bribery Laws. The Affiliate shall comply with all applicable Bribery Laws in connection with the marketing of the Services in the Territory and performance of its obligations in connection with this Agreement, ensure that it has in place adequate procedures to prevent any breach of this clause 7 and ensure that:
   1. all of the Affiliate’s personnel and all direct and indirect sub-contractors, suppliers, agents and other intermediaries of the Affiliate;
   2. all others associated with the Affiliate; and
   3. each person employed by or acting for or on behalf of any of those persons referred to in clause 7.2.1 and 7.2.2;
   4. involved in marketing of the Services in the Territory and performance of its obligations in connection with this Agreement, so comply.
3. Without limitation to clause 7.2, the Affiliate shall not in connection with the marketing of the Services in the Territory and performance of its obligations in connection with this Agreement make or receive any bribe (which term shall be construed in accordance with the Bribery Act 2010) or other improper payment or advantage, or allow any such bribe, improper payment or advantage to be made or received on its behalf, either in the UK or elsewhere, and shall implement and maintain adequate procedures to ensure that such bribes or improper payments or advantages are not made or received directly or indirectly on its behalf.
4. The Affiliate shall immediately notify Krystal as soon as it becomes aware of a breach or possible breach of any of the requirements in this clause 7.
5. Any breach of this clause 7 by the Affiliate shall be deemed a material breach of this Agreement that is not remediable and entitle Krystal immediately to terminate this Agreement by notice under clause 12.1.1.

8 Anti-tax evasion facilitation

1. For the purposes of this clause 8:
   1. the expressions “associated with”, “Prevention Procedures”, “UK Tax Evasion Offence” and “Foreign Tax Evasion Offence” shall be construed in accordance with Part 3 of the Criminal Finances Act 2017 (“CFA 2017”) and guidance published under it;
   2. “Corporate Failure to Prevent Offence” means an offence under section 45 and/or section 46 of CFA 2017 and any other applicable UK laws, legislation, statutory instruments and regulations in relation to preventing the facilitation of tax evasion and any similar or equivalent laws in any other relevant jurisdiction;
   3. “Affiliate Associated Person” means all or any of the following:
      1. persons associated with the Affiliate (“Affiliate’s Associates”); and
      2. persons associated with any of the Affiliate’s Associates; in each case, involved in performing services for or on behalf of the Affiliate in connection with this Agreement.
2. The Affiliate shall ensure that it and the Affiliate Associated Persons shall not by any act or omission commit, or cause, facilitate or contribute to the commission by any person including Krystal, of a:
   1. Corporate Failure to Prevent Offence;
   2. UK Tax Evasion Offence; or
   3. Foreign Tax Evasion Offence in connection with this Agreement.
3. The Affiliate shall not, and shall ensure that Affiliate Associated Persons shall not, solicit or engage with or take steps to solicit or engage with any person associated with Krystal to facilitate the commission of a UK Tax Evasion Offence or a Foreign Tax Evasion Offence in connection with the performance of its obligations in connection with this Agreement.
4. The Affiliate shall, and shall procure that Affiliate Associated Persons shall, pay, in full and in a timely manner, all taxes due and payable relating to all monies, remuneration, profit and value received or payable by the Affiliate or Affiliate Associated Persons in connection with the performance of its obligations in connection with this Agreement or otherwise.
5. Without prejudice to clause 8.2, the Affiliate shall ensure that: 8.5.1 it and all relevant Affiliate Associated Persons have in place such Prevention Procedures as it is reasonable in all the circumstances to expect the Affiliate and such persons to have in place to prevent any breach of this clause 8 and comply with Krystal’s Prevention Procedures as notified to the Affiliate from time to time.
6. Without limitation to clauses 8.2, 8.3, 8.4 and 8.5 above, the Affiliate shall:
   1. ensure that all Affiliate Associated Persons involved in the performance of the Affiliate’s obligations in connection with this Agreement have been vetted and that due diligence has been undertaken and is undertaken on a regular continuing basis to such standard or level of assurance as is reasonably necessary in relation to a person in that position in the relevant circumstances;
   2. maintain accurate and up to date records of:
      1. any requests to facilitate any UK Tax Evasion Offence or any Foreign Tax Evasion Offence made to the Affiliate or any Affiliate Associated Person in connection with this Agreement either in the UK or elsewhere;
      2. any action taken by the Affiliate to inform the relevant enforcement bodies or regulatory authorities that the Affiliate or any Affiliate Associated Person has been requested to facilitate a UK Tax Evasion Offence or a Foreign Tax Evasion Offence (except to the extent that the Affiliate is prevented by law from doing so);
      3. its compliance with its obligations under this clause 8 and all training and guidance provided to Affiliate Associated Persons in respect of the obligations under this clause 8 and applicable laws for the prevention of tax evasion;
      4. the Affiliate’s monitoring of compliance by Affiliate Associated Persons with the applicable policies and procedures as required by clause 8.5; and
      5. the measures that the Affiliate has taken in response to any incidence of suspected or actual tax evasion or facilitation of tax evasion or breach of this clause 9 (including the Affiliate’s relevant internal reporting and disciplinary procedures);
   3. maintain and provide such access to the records or information referred to in clause 8.6.2 in accordance with its obligations in clause 5.1; and
   4. ensure all Affiliate Associated Persons involved in performing services in connection with this Agreement are subject to and at all times comply with equivalent obligations to those of the Affiliate under this clause 8 and the Affiliate shall be liable to Krystal for any act or omission by any such person in breach of any of the obligations under this clause 8 as if this was an act or omission of the Affiliate.
7. The Affiliate warrants and represents that it has not, and, no Affiliate Associated Persons have:
   1. been investigated in connection with, or charged with having committed or facilitated the commission of, any UK Tax Evasion Offence or any Foreign Tax Evasion Offence;
   2. received any court orders, warrants or oral or written notices from a government prosecuting authority concerning any actual or alleged violation by it of any UK Tax Evasion Offence or any Foreign Tax Evasion Offence; or
   3. received any report (including a report from the Affiliate’s external auditors, any Affiliate Associated Persons or any other person) or discovered any evidence suggesting that the Affiliate or any Affiliate Associated Person has committed or facilitated the commission of any UK Tax Evasion Offence or any Foreign Tax Evasion Offence.
8. The Affiliate shall immediately notify Krystal as soon as it becomes aware of any allegation, investigation, evidence or report relating to a breach or possible breach of any of the requirements in this clause 8.
9. Any breach of this clause 8 by the Affiliate shall be deemed a material breach of this Agreement that is not remediable and entitle Krystal immediately to terminate this Agreement by notice under clause 12.1.1.

9 Intellectual property

1. The Affiliate acknowledges and agrees that:
   1. the Intellectual Property in the Services and any other materials provided to the Affiliate by or on behalf of Krystal and all goodwill associated with that and/or Krystal’s business; and
   2. the Intellectual Property in any materials created or developed by or on behalf of the Affiliate in connection with this Agreement are the property of Krystal (“Krystal’s Intellectual Property”) and that the Affiliate has no right to any of it.
2. The Affiliate shall:
   1. use Krystal’s Intellectual Property only in accordance with Krystal’s instructions and for the purposes of, and during the Term of, this Agreement;
   2. not take or omit to take or authorise any action or omission whereby any of Krystal’s Intellectual Property or Krystal’s ownership of it might be jeopardised or invalidated;
   3. not use any trade marks, trade names, logos or other branding on or in connection with the Services in the Territory other than as previously approved by Krystal in writing;
   4. not remove or alter any trade marks, trade names, logos or other branding or identification marks that have been included on any sales, promotional or marketing materials;
   5. at Krystal’s request and expense, assist Krystal in maintaining the validity and enforceability of Krystal’s Intellectual Property;
   6. immediately inform Krystal of any actual or threatened infringement of Krystal’s Intellectual Property of which it becomes aware; and
   7. at Krystal’s request, give Krystal reasonable assistance in dealing with such infringements (including proceedings).
3. Krystal shall defend or, at its option, settle any action brought against the Affiliate arising from any claim that the Affiliate’s use of any of Krystal’s Intellectual Property (other than that which was developed or created by the Affiliate) for the purposes of the marketing of the Services in the Territory in accordance with this Agreement infringes any third party intellectual property right.
4. Krystal’s obligations under clause 9.3 shall not apply to any of the Services or any of Krystal’s Intellectual Property that has been modified or used by the Affiliate other than strictly in accordance with this Agreement, and the Affiliate shall indemnify Krystal against any liabilities arising out of or in connection with any claim in relation to such matters.
5. Krystal’s obligations under clause 9.3 are conditional on the Affiliate:
   1. promptly advising Krystal in writing of any claim or action;
   2. making no admission as to, or settlement or compromise of, any claim or action without Krystal’s prior written consent;
   3. giving Krystal, at its request, sole conduct of any defence and any settlement negotiations; and
   4. co-operating fully with Krystal and providing Krystal with all reasonable assistance in the defence or settlement of such claim or action.
6. Krystal may withdraw, replace or modify any of the Services or other related materials it has provided to the Affiliate if Krystal thinks, or it is claimed, that any such Services or materials infringe, or may infringe, any third party intellectual property right.
7. The provisions of this clause 9 set out the entire liability of Krystal and the sole remedy of the Affiliate in respect of its subject-matter.

10 Data protection

1. The Affiliate and Krystal agree not to disclose to each other any Personal Data relating to the Customers.
2. Each party shall comply shall comply with all Data Protection Laws in connection with the exercise and performance of its respective rights and obligations under this Agreement. Each party agrees that any material breach of the Data Protection Laws shall, if not remedied within five days of written notice from the other party, give grounds to the other party to terminate this Agreement with immediate effect.
3. Krystal shall comply with the Privacy Policy in respect of the data held about the Affiliate and about the Customers as published on Krystal’s site https://krystal.uk/terms and as updated from time to time.

11 Confidentiality

1. The Affiliate agrees that it may use the Confidential Information only in the exercise of its rights and performance of its obligations under this Agreement and that during the Term and thereafter it shall not use or disclose the Confidential Information except in accordance with this clause 11.
2. Subject to clause 11.4, the Affiliate may disclose the Confidential Information:
   1. to those of its employees, officers, professional advisers or representatives who need to know the Confidential Information in order to exercise the Affiliate’s rights and perform its obligations under this Agreement provided that the Affiliate shall ensure that each of its employees, officers, professional advisers or representatives to whom such Confidential Information is disclosed is aware of its confidential nature and complies with this clause 11 as if it were a party; and
   2. to the extent required by law, to any court, any governmental, regulatory or supervisory authority (including any recognised investment exchange) or any other authority of competent jurisdiction.
3. The Affiliate shall indemnify and keep indemnified and hold harmless Krystal from and against any losses, damages, liability, costs (including legal fees) and expenses which Krystal may incur or suffer as a result of or arising from any breach by the Affiliate of its obligations under this clause 11.
4. To the extent any Confidential Information is Personal Data, such Confidential Information may be disclosed or used only to the extent such disclosure or use does not conflict with any of the Data Protection Laws.
5. Any breach of this clause 11 by the Affiliate shall be deemed a material breach of this Agreement that is not remediable and entitle Krystal immediately to terminate this Agreement by notice under clause 12.1.1.

12 Termination

1. Krystal may terminate this Agreement at any time by giving notice in writing to the Affiliate if:
   1. the Affiliate commits a material breach of this Agreement and such breach is not remediable;
   2. the Affiliate commits a material breach of this Agreement which is not remedied within five days of receiving written notice of such breach;
   3. the Affiliate brings Krystal into disrepute or is convicted of an offence involving dishonesty; or
   4. any consent, licence or authorisation held by the Affiliate is revoked or modified such that the Affiliate is no longer able to comply with its obligations under this Agreement or receive any benefit to which it is entitled.
2. The Affiliate may terminate this Agreement at any time by giving notice in writing to Krystal if Krystal commits a material breach of this Agreement and either such breach is not remediable or, if remediable, is not remedied within sixty days of receiving written notice of such breach.
3. Either party may terminate this Agreement at any time by giving notice in writing to the other party if that other party:
   1. stops carrying on all or a significant part of its business, or indicates in any way that it intends to do so;
   2. is unable to pay its debts either within the meaning of section 123 of the Insolvency Act 1986 or if the non-defaulting party reasonably believes that to be the case;
   3. becomes the subject of a company voluntary arrangement under the Insolvency Act 1986;\
   4. has a receiver, manager, administrator or administrative receiver appointed over all or any part of its undertaking, assets or income;
   5. has a resolution passed for its winding up;
   6. has a petition presented to any court for its winding up or an application is made for an administration order, or any winding-up or administration order is made against it;
   7. is subject to any procedure for the taking control of its goods that is not withdrawn or discharged within seven days of that procedure being commenced;
   8. has a freezing order made against it;
   9. is subject to any recovery or attempted recovery of items supplied to it by a supplier retaining title to those items;
   10. is subject to any events or circumstances analogous to those in clauses 12.3.1 to 12.3.9 in any jurisdiction; or
   11. takes any steps in anticipation of, or has no realistic prospect of avoiding, any of the events or procedures described in clauses 12.3.1 to 12.3.10 including for the avoidance of doubt, giving notice for the convening of any meeting of creditors, issuing an application at court or filing any notice at court, receiving any demand for repayment of lending facilities, or passing any board resolution authorising any steps to be taken to enter into an insolvency process.
4. This Agreement shall terminate automatically without notice in the event of the death of the Affiliate.
5. On termination and without prejudice to any additional obligations of the Affiliate under the Data Protection Laws:
   1. all rights and licences granted to the Affiliate under this Agreement shall cease and the Affiliate shall cease to market the Services;
   2. the Affiliate shall immediately cease to represent itself as an agent or as otherwise acting for Krystal or in relation to the Services and shall make no further use of Krysal’s Intellectual Property or other property of Krystal;
   3. all outstanding invoices and other sums owed to the Affiliate by Krystal shall be paid within 30 days of termination;
   4. the Affiliate shall return or (at Krystal’s request) destroy all Confidential Information and other property of Krystal then in its possession or control, and certify in writing that this has been done;
   5. the Affiliate shall return or (at Krystal’s request) destroy all marketing, promotional and sales material relating to the Services in its possession or control, and certify in writing that this has been done;
   6. the Affiliate shall not, for a period of six months from termination, directly or through others solicit or approach any employee or agent of Krystal engaged in the performance of this Agreement in the twelve months preceding its termination.
6. Termination of this Agreement shall not affect any accrued rights and liabilities of either party at any time up to the date of termination, including any right to claim damages in respect of any breach of this Agreement which existed at or prior to the date of termination.
7. Subject to applicable law, neither party shall have any liability to the other for damages, compensation or otherwise by reason only of the termination of this Agreement in accordance with its terms.
8. The provisions of clauses 1, 6, 9, 10, 11, 12.5 to 12.8 (inclusive), 13 to 16 (inclusive) and 18 to 33 (inclusive) shall survive termination of this Agreement, however occurring.

13 Limitation of liability

1. Notwithstanding any other provision of this Agreement, the liability of the parties shall not be excluded or limited in any way in respect of the following:
   1. death or personal injury caused by negligence;
   2. fraud or fraudulent misrepresentation; or
   3. any other losses which cannot be excluded or limited by applicable law.
2. Subject to clause 13.1, the total liability of Krystal under or in connection with this Agreement and regardless of whether such liability arises in tort (including negligence), contract, breach of statutory duty or in any other way (including under any indemnity) shall not exceed the sum of one thousand pounds.
3. Subject to clause 13.1, Krystal shall not be liable for consequential, indirect or special losses.
4. Subject to clause 13.1, Krystal shall not be liable for any of the following (whether direct or indirect):
   1. loss of profit;
   2. loss or corruption of data;
   3. loss of use;
   4. loss of production;
   5. loss of contract;
   6. loss of opportunity;
   7. loss of savings, discount or rebate (whether actual or anticipated);
   8. harm to reputation or loss of goodwill.

14 Dispute resolution

1. Any dispute arising between the parties out of or in connection with this Agreement shall be dealt with in accordance with the provisions of this clause 14.
2. The dispute resolution process may be initiated at any time by either party serving a notice in writing on the other party that a dispute has arisen. The notice shall include reasonable information as to the nature of the dispute.
3. The parties shall use all reasonable endeavours to reach a negotiated resolution through the following procedures:
   1. within seven days of service of the notice, the contract managers of the parties shall discuss the dispute and attempt to resolve it.
   2. if the dispute has not been resolved within seven days of the first meeting of the contract managers, then the matter shall be referred to the directors, organisation managers, or persons of equivalent seniority). The directors (or equivalent) shall conduct a meeting within seven days of the date of such referral to discuss the dispute and attempt to resolve it.
4. The specific format for the resolution of the dispute under clause 14.3.1 and, if necessary, clause 14.3.2 shall be left to the reasonable discretion of the parties, but may include the preparation and submission of statements of fact or of position.
5. If the dispute has not been resolved within fourteen days of the first meeting of the directors (or equivalent) under clause 14.3.2, the matter may be referred to mediation in accordance with the London Court of International Arbitration Mediation Rules.
6. Either party may issue formal legal proceedings or commence arbitration at any time whether or not the steps referred to in clauses 14.3 and 14.5 have been completed.

15 Entire agreement

1. The parties agree that this Agreement and any documents entered into pursuant to it constitutes the entire agreement between them and supersedes all previous agreements, understandings and arrangements between them, whether in writing or oral in respect of its subject matter.
2. Each party acknowledges that it has not entered into this Agreement or any documents entered into pursuant to it in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in this Agreement or any documents entered into pursuant to it. No party shall have any claim for innocent or negligent misrepresentation on the basis of any statement in this Agreement.
3. Nothing in this Agreement purports to limit or exclude any liability for fraud.

16 Notices

1. Any notice given by a party under this Agreement shall:
   1. be in writing and in English;
   2. be signed by, or on behalf of, the party giving it (except for notices sent by email); and
   3. be sent to the relevant party at the address set out in clause 16.3.
2. Notices may be given, and are deemed received:
   1. by hand: on receipt of a signature at the time of delivery;
   2. by Royal Mail Recorded Signed For post: at 9.00 am on the second Business Day after posting;
   3. by Royal Mail International Tracked & Signed post: at 9.00 am on the fourth Business Day after posting; and
   4. by email: one Business Day after transmission.
3. Notices shall be sent to:
   1. Krystal for the attention of Dave Kimberley, Chief Operating Officer at: Kemp House, 152-160 City Road, London, EC1V 2NX or to affiliates@krystal.uk
   2. The Affiliate for the attention of the account holder with postal address and email address as registered on our portal affiliate.k.io at the date of giving or receiving notices.
   3. Any change to the contact details of a party as set out in clause 16.3 shall be notified to the other party in accordance with clause 16.1 and shall be effective:
      1. on the date specified in the notice as being the date of such change; or
      2. if no date is so specified, two Business Days after the notice is deemed to be received.
4. All references to time are to the local time at the place of deemed receipt.
5. This clause 16 does not apply to notices given in legal proceedings or arbitration.

17 Announcements

1. Subject to clause 17.2, no announcement or other public disclosure concerning this Agreement or any of the matters contained in it shall be made by, or on behalf of, the Affiliate without the prior written consent of Krystal.
2. If the Affiliate is required to make an announcement or other public disclosure concerning this Agreement or any of the matters contained in it by law, any court, any governmental, regulatory or supervisory authority (including any recognised investment exchange) or any other authority of competent jurisdiction, it may do so provided it:
   1. notifies Krystal as soon as is reasonably practicable upon becoming aware of such requirement to the extent it is permitted to do so by law, by the court or by the authority requiring the relevant announcement or public disclosure;
   2. makes the relevant announcement or public disclosure after consultation with Krystal so far as is reasonably practicable; and
   3. makes the relevant announcement or public disclosure after taking into account all reasonable requirements of Krystal as to its form and content and the manner of its release, so far as is reasonably practicable.

18 Force majeure

1. In this clause 18, “Force Majeure” means an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under this Agreement.
2. A party shall not be liable if delayed in or prevented from performing its obligations under this Agreement due to Force Majeure, provided that it:
   1. promptly notifies the other party of the Force Majeure event and its expected duration; and
   2. uses reasonable endeavours to minimise the effects of that event and resumes performance of its obligations as soon as is reasonably possible.
3. If, due to Force Majeure, a party:
   1. is or is likely to be unable to perform a material obligation; or
   2. is or is likely to be delayed in or prevented from performing its obligations for a continuous period of more than 40 Business Days, the other party may terminate this Agreement on not less than four weeks’ written notice.

19 Further assurance

The Affiliate shall at the request of Krystal, do all acts and execute all documents which are necessary to give full effect to this Agreement.

20 Variation

No variation of this Agreement shall be valid or effective unless it is in writing, refers to this Agreement and agreement is duly recorded by, or on behalf of, each party.

21 Assignment

1. The Affiliate may not assign, sub-contract or encumber any right or obligation under this Agreement, in whole or in part, without Krystal’s prior written consent.
2. Krystal may at any time assign, sub-contract or encumber any right or obligation under this Agreement, in whole or in part.

22 Set off

1. Any amount that the Affiliate owes to Krystal under this Agreement or otherwise, whether now or at any time in the future, whether it is liquidated or not and whether it is actual or contingent, may be set off from any amount due to the Affiliate by Krystal under this Agreement or otherwise. Any exercise by Krystal of its rights under this clause 22.1 shall not prejudice any other right or remedy available to it, whether under this Agreement or otherwise.
2. The Affiliate must pay all sums that it owes to Krystal under this Agreement free and clear without any set-off, counterclaim, deduction or withholding of any kind, save as may be required by law.

23 No partnership

The parties are independent businesses and are not partners or employer and employee and this Agreement does not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Save as expressly provided for in this Agreement, none of the parties shall have, nor shall represent that they have, any authority to make any commitments on the other party’s behalf.

24 Equitable relief

Each party recognises that any breach or threatened breach of this Agreement may cause the other party irreparable harm for which damages may not be an adequate remedy. Accordingly, in addition to any other remedies and damages available to the other party, each party acknowledges and agrees that the other party is entitled to the remedies of specific performance, injunction and other equitable relief without proof of special damages.

25 Severance

1. If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of this Agreement shall not be affected.
2. If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.

26 Waiver

1. No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under this Agreement shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.
2. No single or partial exercise of any right, power or remedy provided by law or under this Agreement shall prevent any future exercise of it or the exercise of any other right, power or remedy.
3. A waiver of any term, provision, condition or breach of this Agreement shall only be effective if given in writing and signed by the waiving party, and then only in the instance and for the purpose for which it is given.

27 Compliance with law

Each party shall (at its own expense unless expressly agreed otherwise) ensure that in the performance of its obligations under this Agreement, its employees, agents and representatives, shall comply with all laws, enactments, regulations, regulatory policies, guidelines and industry codes applicable to them and shall maintain such authorisations and all other approvals, permits and authorities as are required from time to time to perform their obligations under or in connection with this Agreement provided that neither party shall be liable for breach of this clause 27 to the extent that such breach is directly caused or contributed to by any breach of this Agreement by the other party (or its employees, agents and representatives).

28 Conflicts within agreement

1. In the event of any conflict or inconsistency between different parts of this Agreement, the following descending order of priority applies:
   1. the terms in the main body of this Agreement;
   2. Schedule 1;
   3. Schedule 2.
2. Subject to the above order of priority between documents, later versions of documents shall prevail over earlier ones if there is any conflict or inconsistency between them.

29 Costs and expenses

Each party shall pay its own costs and expenses incurred in connection with the negotiation, preparation, signature and performance of this Agreement (and any documents referred to in it).

30 Language

1. The language of this Agreement is English. All documents, notices, waivers, variations and other written communications relating to this Agreement shall be in English.
2. If this Agreement and any document relating to it is translated, the English version shall prevail.

31 Third party rights

Except as expressly provided for in this Agreement, a person who is not a party to this Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of the provisions of this Agreement.

32 Governing law

This Agreement and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales.

33 Jurisdiction

Subject to clause 14, the parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, this Agreement, its subject matter or formation (including non-contractual disputes or claims).

Schedule 1 - Commercial terms

The Services

In this Schedule, unless otherwise provided:

• CDN means Content Delivery Network
• cPanel means Web hosting control panel software
• HA means High Availability
• PCI Compliant means Payment card industry compliant
• SSL Certificate means Secure Sockets Layer certificate - encrypts data being transmitted between web server and user
• WHM means Web host manager software

Cloud Hosting - for up to date details please refer to https://krystal.uk/cloud-hosting.

These are our standard cPanel web hosting packages on our shared servers, suitable for individuals and small businesses not for the purpose of reselling. All packages include cPanel, free LetsEncrypt SSL certificates and our other standard suite of features listed on the Cloud Hosting page of our website. Our packages in this category are named Amethyst, Topaz and Ruby. For an up to date list of the features and pricing of each package please refer to https://krystal.uk/cloud-hosting.

Reseller Hosting - for up to date details please refer to https://krystal.uk/reseller-hosting.

Reseller hosting providers buyers with standard cPanel access like shared “Cloud Hosting” packages but also provides WHM access, this enables the user to create cPanel accounts directly under their ownership/management. This may be for individuals running multiple websites, web designers that host multiple websites or indeed those individuals/businesses that wish to sell web hosting themselves. Our packages in this category are named Unity, Trinity and Infinity. For an up to date list of the features and pricing of each package please refer to https://krystal.uk/reseller-hosting

Business Hosting - for up to date details please refer to https://krystal.uk/pci-compliant-hosting

Our Business Hosting, or ‘PCI Compliant Hosting’ as it is sometimes referred to, is similar to our standard Cloud Hosting packages in the sense that they are single cPanel accounts designed for individuals and businesses. They do offer the ability to host multiple websites, but these are isolated within a single cPanel account. The main difference of the “Business Hosting” is the fact that they are hosted on premium servers, with less than 100 users per server. This results in less contention and overall better stability. Other features not found as part of any of our other packages are as follows:

• 4-hourly backups (as in backups taken every 4 hours) or 6x per day
• Litemage caching to bolster Magento performance
• Higher LVE limits (for larger or busier websites)

Our packages in this category are named Sapphire, Diamond and Tanzanite. For an up to date list of the features and pricing of each package please refer to https://krystal.uk/pci-compliant-hosting.

Onyx WordPress Hosting - for up to date details please refer tohttps://krystal.uk/wordpress-hosting.

Our Onyx WordPress Hosting is unlike any of our other web hosting packages and is not hosted on a shared server, nor does it come with cPanel. Onyx has been developed in-house and utilises “HA” technology, which means it is distributed across multiple containers (servers). By design, if a container fails, the Onyx site remains online due to it being distributed across multiple containers. The product is designed for those that require the absolute best uptime and a managed platform that delivers maximum performance so that website owners can focus on running their business. Where applicable, additional sites can be bolted on to Onyx plans for an extra monthly fee. The CDN allowance is a technology that pulls static resources from websites, such as images and other static elements of code such as styling and distributes them across global servers, this speeds up delivery of these assets to website visitors when they access the website within a web browser. Our packages in this category are named Personal, Pro, Business, Agency. For an up to date list of the features and pricing of each package please refer to https://krystal.uk/wordpress-hosting

Schedule 2 - Terms of supply

For our current terms and conditions of sale and supply of services please see krystal.uk/terms.