SUBSCRIPTION TERMS

 Updated on June 24, 2026

These subscription terms (the “Terms”) govern the supply of the Site Diary software-as-a-service solution by Script & Go Limited, a company incorporated and registered in England and Wales with company number 11583574 whose registered office is at Office 1 Izabella House 24-26 Regent Place B13NJ Birmingham - England (the “Supplier”, “we”, “us”), to the business customer identified at registration or in the applicable Order Form (the “Customer”, “you”). 

By creating an account, ticking the acceptance box during online registration, signing an Order Form or using the Services, the Customer accepts these Terms in full and without reservation. If the individual accepting these Terms does so on behalf of a company or other legal entity, that individual represents that they have authority to bind that entity. If you do not agree to these Terms, you must not register for or use the Services.

1. BUSINESS CUSTOMERS ONLY 

1.1  The Services are provided exclusively to businesses and professionals. By accepting these Terms, the Customer warrants that it is acting in the course of a business, trade, craft or profession and not as a consumer. Statutory rights and protections applicable to consumers, including under the Consumer Rights Act 2015 and the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013, do not apply to the Contract. 

1.2  The Customer confirms that it has not relied on any statement, promise or representation made or given by or on behalf of the Supplier which is not set out in the Contract, and that it has satisfied itself, before subscribing, that the Services are suitable for its requirements, where applicable by making use of the Free Plan or a Trial.

2. DEFINITIONS AND INTERPRETATION 

2.1  In these Terms, the following definitions apply: 

“Authorised User” an individual employee, worker, contractor or agent of the Customer who is authorised by the Customer to use the Services under the Customer’s account, up to the number of users subscribed for under the relevant Plan. 

“Business Day” a day other than a Saturday, Sunday or public holiday in England and France. 

“Contract” the contract between the Supplier and the Customer for the supply of the Services, formed in accordance with clause 3.2 and comprising the documents listed in clause 3.3. 

“Customer Data” all data, information, content, documents, photographs, records and materials uploaded to, submitted to or generated within the Services by or on behalf of the Customer or its Authorised Users, including site diary entries, daily reports, tasks and attachments. 

“DPA” the data processing agreement set out in Schedule 1, which forms an integral part of the Contract. 

“Fees” the subscription fees and any other charges payable by the Customer for the Services, as set out on the Pricing Page or in the applicable Order Form. 

“Free Plan” the free-of-charge plan described on the Pricing Page (currently designated “Standard”), subject to the functional and volume limitations stated on the Pricing Page (including, as at the date of these Terms, a maximum of three (3) projects and access to the diary module only). 

“Order Form” a written order document, quotation or proposal agreed and signed by both parties for the supply of the Services, typically used for the Enterprise Plan. 

“Plan” the subscription tier selected by the Customer (currently Standard, Premium or Enterprise), with the features, limitations and prices described on the Pricing Page or in the Order Form. 

“Pricing Page” the pricing page published on the Site Diary website at sitediary.com, as updated from time to time. 

“Service Description” the description of the Services and of the features, limitations and volumes of each Plan, as published on the Site Diary website (including the Pricing Page) at the date of subscription or renewal, or as set out in the applicable Order Form. 

“Services” the Site Diary software-as-a-service solution, comprising the web application and the mobile applications for Android and iOS, the associated hosting and standard support, and any related services described in an Order Form. 

“Subscription Period” the initial subscription period selected by the Customer (monthly or annual, or as set out in the Order Form) and each successive renewal period. 

“Trial” any time-limited free trial of a paid Plan offered by the Supplier. 

“Virus” any thing or device (including any software, code, file or programme) which may prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, or any service or data. 

2.2  Headings are for convenience only and do not affect interpretation. The words “including” and “in particular” are illustrative and do not limit the sense of the preceding words. A reference to legislation is a reference to it as amended, extended or re-enacted from time to time.

3. ORDERING PROCESS AND FORMATION OF THE CONTRACT 

3.1  Ordering process. For online subscriptions, the Customer subscribes through the following steps: (a) creation of an account and acceptance of these Terms by ticking the dedicated box; (b) selection of the Plan, of the number of Authorised Users and of the billing period (monthly or annual); (c) display of a summary of the order, enabling the Customer to review its order and to identify and correct any input errors before confirming; and (d) confirmation of the order and entry of payment details. These Terms are made available to the Customer before the order is placed, in a form which allows them to be downloaded, stored and reproduced.  

3.2  Formation of the Contract. Any order placed online by the Customer constitutes an offer to subscribe to the Services subject to these Terms. The Contract is formed only when the Supplier accepts the order, on the earlier of: (a) the Supplier sending an order or payment confirmation by e-mail; and (b) the Supplier making the subscribed Services available to the Customer. For the Enterprise Plan, the Contract is formed when both parties sign the Order Form. The Supplier may decline any order, including a new order or renewal placed by an existing or former customer, on reasonable grounds, including: sums remaining due and unpaid by the Customer or by any member of its group under any current or previous contract with the Supplier or its affiliates; a previous breach of contract by the Customer; suspected fraud or misuse; manifest pricing error; or non-business use. Where an order is declined, any sums already paid in respect of that order will be refunded and the Supplier shall have no further liability in connection with the declined order. 

3.3  The Contract comprises, in the following order of precedence in the event of conflict: (a) the Order Form (if any); (b) any special conditions agreed in writing between the parties; (c) the DPA, in respect of the processing of personal data; (d) these Terms; and (e) the Service Description. 

3.4  These Terms apply to the exclusion of any other terms that the Customer seeks to impose or incorporate, including any terms contained in or referred to in a purchase order, confirmation of order, supplier onboarding form or similar document, or which are implied by trade, custom, practice or course of dealing. The issue of a purchase order by the Customer is for its administrative convenience only. The signature, countersignature, acknowledgement or processing by the Supplier (including by any of its sales staff, employees or representatives) of any such document shall not constitute acceptance of the Customer’s terms, even where that document states that it prevails or that performance constitutes acceptance. No employee, sales representative or agent of the Supplier has authority to accept terms put forward by the Customer or to vary these Terms; the Customer’s terms shall apply, and these Terms may be varied, only by a written agreement expressly referring to this clause 3.4 and signed by a director or other duly authorised signatory of the Supplier.

4. THE SERVICES, FREE PLAN AND TRIALS 

4.1  Subject to the Customer paying the applicable Fees and complying with the Contract, the Supplier grants the Customer a non-exclusive, non-transferable, non-sublicensable right, for the duration of the Subscription Period, to permit its Authorised Users to access and use the Services solely for the Customer’s internal business operations. 

4.2  The Services are provided on a software-as-a-service basis. Nothing in the Contract transfers to the Customer any ownership of, or grants the Customer any right to receive a copy of, the software underlying the Services. 

4.3  Free Plan. The Free Plan is provided “as is” and “as available”, free of charge and without any commitment as to availability, support, functionality or continuity. The Supplier may modify, restrict, suspend or withdraw the Free Plan, or any account on the Free Plan, at any time on reasonable notice and without liability. Clauses 12 (IPR indemnity) and 15.1 do not apply to the Free Plan. 

4.4  Trials. Where the Supplier offers a Trial, the Trial is provided for evaluation purposes only , on the same basis as the Free Plan under clause 4.3. Unless otherwise stated at sign-up, the Trial does not convert automatically into a paid Subscription: at the end of the Trial, access to paid features ceases unless the Customer subscribes to a paid Plan. The Customer is responsible for exporting any data it wishes to retain before the end of a Trial or Free Plan account. 

4.5  Mobile applications and app stores. The Site Diary mobile applications are downloaded from third-party application stores (including the Apple App Store and Google Play). The download and the installation of the mobile applications are also subject to the applicable terms of the relevant store, which the Customer and its Authorised Users must comply with. The store operators are not parties to the Contract, have no obligation to provide the Services and bear no responsibility for them; in the event of conflict between these Terms and any mandatory minimum terms required by a store operator in respect of the mobile applications, the latter prevail to the extent strictly required.

  5. SUBSCRIPTIONS, AUTHORISED USERS AND PLAN CHANGES 

5.1  Paid Plans are subscribed per Authorised User, monthly or annually, as selected by the Customer at the time of order. Each Subscription Period is a fixed, committed term. User accounts are personal to each Authorised User and may not be shared by, or transferred to, more than one individual; an Authorised User account may however be reassigned to a new individual replacing a former Authorised User who no longer requires access. 

5.2  Automatic renewal. Each Subscription renews automatically at the end of the current Subscription Period for successive periods of the same duration, at the rates then in force (subject to clause 9.5), unless: (a) for monthly Subscriptions, the Customer cancels at any time with effect from the end of the current monthly period; or (b) for annual Subscriptions, either party gives written notice of non-renewal at least thirty (30) days before the end of the current annual period. Cancellation may be effected through the account settings or by written notice to the Supplier. The renewal mechanism and the conditions for non-renewal are brought to the Customer’s attention at the time of subscription. 

5.3  Upgrades and additional users. The Customer may at any time upgrade its Plan or add Authorised Users. Additional Fees will be charged on a pro-rata basis for the remainder of the current Subscription Period and the renewal Fee adjusted accordingly. 

5.4  Downgrades. The Customer may reduce the number of Authorised Users or downgrade its Plan with effect from the start of the next Subscription Period only. No refund or credit is given for the current Subscription Period. The Customer acknowledges that a downgrade may result in the loss of features, capacity or access to certain Customer Data, and that it is responsible for exporting data beforehand where necessary. 

5.5  The Customer shall ensure that the number of individuals accessing the Services does not exceed the number of Authorised Users subscribed for. The Supplier may monitor usage of the Services for this purpose. If actual usage exceeds the subscribed entitlement, the Supplier may invoice the corresponding additional Fees from the date the excess usage began, without prejudice to its other rights.

6. CUSTOMER OBLIGATIONS AND ACCEPTABLE USE 

6.1  The Customer shall: (a) provide accurate, complete and up-to-date registration and billing information and keep it updated; (b) keep account credentials confidential and secure, and notify the Supplier without undue delay of any known or suspected unauthorised access or use; (c) be responsible for all activities carried out under its account and for its Authorised Users’ compliance with the Contract; (d) use the Services in accordance with the Service Description and all applicable laws and regulations; and (e) maintain the internet connectivity, devices and operating environments needed to access the Services, which remain its sole responsibility. 

6.2  The Customer shall not, and shall ensure that its Authorised Users do not: (a) use the Services to store, transmit or distribute any material that is unlawful, infringing, defamatory, obscene or otherwise objectionable, or any Virus; (b) attempt to gain unauthorised access to the Services, other customers’ data or the Supplier’s systems, or interfere with or disrupt the integrity or performance of the Services; (c) copy, modify, adapt, translate, create derivative works from, reverse engineer, decompile or disassemble the Services or any part of them, except to the extent such restriction is not permitted by applicable law (including sections 50B and 50BA of the Copyright, Designs and Patents Act 1988); (d) access the Services in order to build a competing product or service, or copy any of their features or functions; (e) rent, lease, sell, sublicense, distribute or otherwise make the Services available to any third party, including on a service bureau or outsourcing basis, except as expressly permitted in writing by the Supplier; or (f) circumvent any usage limits or security measures. 

6.3  The Customer acknowledges that the Services are a project documentation and collaboration tool. The Customer remains solely responsible for the accuracy and completeness of the entries made by its Authorised Users, for its own professional, contractual and regulatory obligations (including health and safety and record-keeping obligations on construction sites), and for the decisions made on the basis of information recorded in the Services. While the Services are designed to record time-stamped entries and reports, the Supplier does not warrant that any record, report or export generated through the Services will be admissible, sufficient or conclusive as evidence in any dispute, adjudication, arbitration or court proceedings, nor that it satisfies any record-keeping requirement applicable to the Customer, which remains responsible for its own evidential and archiving strategy.

7. CUSTOMER DATA 

7.1  As between the parties, the Customer owns all right, title and interest in and to the Customer Data. The Customer grants the Supplier a non-exclusive, royalty-free licence to host, copy, process, transmit, display and back up the Customer Data solely to the extent necessary to provide and support the Services, to comply with applicable law, and to maintain the security and integrity of the Services. 

7.2  The Customer is solely responsible for the legality, accuracy and quality of the Customer Data, and warrants that it has all rights, consents and authorisations necessary to upload and process the Customer Data within the Services, including in respect of photographs and any personal data they may contain. 

7.3  The Supplier shall implement and maintain appropriate technical and organisational measures to protect the Customer Data against accidental or unlawful destruction, loss, alteration and unauthorised access, and shall perform routine backups of the production environment. These backups are performed for service continuity and disaster recovery purposes; they do not constitute an archiving service for the Customer, which remains responsible for exporting and keeping its own copies of business-critical records (including via the PDF, Excel and CSV export features made available within the Services). 

7.4  Data retrieval and deletion. For thirty (30) days following expiry or termination of the Contract, the Supplier shall, upon the Customer’s written request, make the Customer Data available for export in a standard machine-readable format. After this period, the Supplier may permanently delete the Customer Data from its production systems, and from backups in accordance with its standard backup cycles, save where retention is required by applicable law.  

7.5  Fair use. Storage and bandwidth are subject to the limits stated on the Pricing Page or in the Order Form or, where none are stated, to reasonable fair use consistent with normal use of the Services for construction project reporting. The Supplier may contact the Customer to agree remedial measures or additional charges where usage materially and persistently exceeds fair use.  

7.6  Usage data. The Supplier may collect and use technical and statistical data regarding the operation and use of the Services (excluding the content of Customer Data) to operate, secure, benchmark and improve the Services, provided such data is aggregated or anonymised so that neither the Customer nor any individual can be identified.

8. DATA PROTECTION 

8.1  Each party shall comply with its obligations under applicable data protection legislation, including the UK GDPR and the Data Protection Act 2018 and, where applicable, Regulation (EU) 2016/679 (the EU GDPR) (together, “Data Protection Legislation”). This clause 8 is in addition to, and does not relieve, remove or replace, either party’s obligations under Data Protection Legislation. 

8.2  In respect of personal data contained in the Customer Data, the parties acknowledge that the Customer acts as controller and the Supplier acts as processor. The subject matter, duration, nature and purposes of the processing, the types of personal data and the categories of data subjects are set out in the DPA (Schedule 1). The Supplier shall process such personal data only on the Customer’s documented instructions, as set out in the Contract and the DPA, unless required to do otherwise by applicable law, in which case the Supplier shall inform the Customer of that legal requirement before processing (unless prohibited by law). In the event of conflict between the DPA and these Terms with respect to the processing of personal data, the DPA prevails. 

8.2  In respect of personal data relating to the Customer’s contacts, account administrators and billing (account and relationship data), the Supplier acts as an independent controller and processes such data in accordance with its privacy policy available on the Site Diary website. 

8.3  The Customer warrants that: (a) it has a lawful basis for the processing of personal data carried out through the Services, including in respect of its Authorised Users and any individuals appearing in photographs or records uploaded to the Services (such as site personnel and third parties); (b) it has provided such individuals with the information required under Data Protection Legislation; and (c) its instructions to the Supplier comply with Data Protection Legislation.

9. FEES, PAYMENT AND TAXES 

9.1  The Fees are those published on the Pricing Page at the date of subscription or renewal or, where applicable, those set out in the Order Form. All Fees are stated exclusive of VAT and any other applicable taxes or duties, which shall be added at the prevailing rate and are payable by the Customer. 

9.2  Unless otherwise stated in an Order Form: (a) Fees for monthly Subscriptions are payable monthly in advance; (b) Fees for annual Subscriptions are payable annually in advance; and (c) payment is made by payment card or direct debit through the Supplier’s payment provider, the Customer authorising recurring charges for each Subscription Period and any additional users or upgrades. Where the Order Form provides for payment by invoice, invoices are payable within thirty (30) days of the invoice date, without deduction, withholding or set-off (except as required by law). 

9.3  No refunds. Except as expressly provided in the Contract or required by law, all Fees paid are non-refundable and committed Subscription Periods are non-cancellable; no refund or credit is given for partial periods, unused Authorised Users or features, or downgrades. 

9.4  Late payment. If any undisputed sum is not paid by its due date, the Supplier may: (a) charge interest on the overdue amount, and claim the fixed compensation for recovery costs, in accordance with the Late Payment of Commercial Debts (Interest) Act 1998; and (b) on not less than seven (7) days’ written notice, suspend access to the Services until payment in full is received, without such suspension constituting a breach by the Supplier and without prejudice to its right to terminate under clause 17. 

9.5  Price changes. The Supplier may revise the Fees at any time. Revised Fees never apply to a Subscription Period already commenced or paid: they take effect only from the start of the next Subscription Period (renewal), subject to written notice given to the Customer at least thirty (30) days before the renewal date. If the Customer does not accept the revised Fees, its sole remedy is to cancel or not renew the Subscription in accordance with clause 5.2 before the revised Fees take effect.

10. SCOPE OF THE SERVICES, AVAILABILITY, MAINTENANCE AND SUPPORT 

10.1  Scope of the Subscription. Each paid Subscription includes, for the duration of the Subscription Period and for the subscribed Plan: (a) access to and use of the Services (web application and iOS/Android mobile applications) by the subscribed number of Authorised Users, with the features of the relevant Plan as set out in the Service Description; (b) hosting of the Customer Data and routine backups as described in clause 7.3; and (c) corrective maintenance, updates and standard support to the extent, and only to the extent, described in clauses 10.5 to 10.7. No other services (including training, configuration, customisation, data migration, data recovery or custom development) are included in the Subscription, unless expressly agreed in an Order Form. 

10.2  Access and devices. Access to the Services is granted on a named-user basis, each Authorised User account being personal as set out in clause 5.1.  

10.3  The Supplier shall use commercially reasonable endeavours to make the Services available 24 hours a day, 7 days a week, except for:  

- (a) planned maintenance, for which the Supplier will endeavour to give reasonable advance notice and which will, where reasonably practicable, be scheduled outside UK business hours; and  

- (b) emergency maintenance required to protect the security or integrity of the Services.  

10.4  The Customer acknowledges that the Services rely on the internet and on third-party networks, devices and infrastructure outside the Supplier’s control, and that the Supplier does not warrant uninterrupted, error-free or fully secure transmission. The offline features of the mobile application depend on subsequent synchronisation and on the device’s local storage. 

10.5  Corrective maintenance. The Customer may report incidents through the support channels. The Supplier shall handle incident reports with reasonable care and skill, but does not commit to any severity classification, response time, resolution time, workaround or service credit, all communicated timeframes being indicative only. The Customer’s sole remedies in respect of any non-conformity of the Services are those set out in clause 15.1. Binding incident severity levels, response times and remedies, if any, are set out exclusively in an Order Form (Enterprise Plan). 

10.6  Updates. The Supplier is under no obligation to develop, release or provide any patch, update, upgrade, new version or new feature. Where the Supplier elects to make patches, updates or new versions generally available to customers on the relevant Plan, they are included in the Subscription at no additional charge.  

The content and timing of the product roadmap remain at the Supplier’s sole discretion. The Customer acknowledges that it has not relied on any statement, demonstration, roadmap or representation regarding future features or functionality, and that its Subscription is not conditional upon the delivery of any such future feature or functionality.  

The Supplier may update and modify the features of the Services at any time, provided that such changes do not materially degrade the core functionality of the Plan subscribed for during a paid Subscription Period. Where a change would materially and adversely affect that core functionality, the Supplier will use reasonable efforts to give the Customer prior notice. New modules, options or services may be offered at an additional charge. 

10.7  Support. Standard support for paid Plans consists of assistance with the use of the Services and the logging and handling of incident reports, through the channels and during the hours indicated on the Site Diary website from time to time, which the Supplier may modify. Support is provided on a reasonable endeavours basis, with no guaranteed response or resolution times. It does not include training, consultancy, on-site assistance, or the reconstruction or recovery of data lost due to causes attributable to the Customer. Dedicated support, onboarding and IT integration arrangements for the Enterprise Plan are set out in the Order Form. No support is owed in respect of the Free Plan or a Trial. 

10.8  Third-party data. Certain features of the Services rely on data automatically supplied by third-party sources, including the automatic weather data attached to diary entries and reports. Such data is provided for convenience and general information only; the Supplier does not control its production and gives no warranty as to its accuracy, completeness or timeliness. The Customer remains responsible for verifying any third-party data on which it intends to rely, in particular for the purposes of any claim, extension of time or dispute. 

10.9  Beta features. The Supplier may make available features identified as beta, pilot, preview or early access. Such features are provided “as is” for evaluation purposes, are excluded from the warranty in clause 15.1 and from any service commitments, and may be modified or withdrawn at any time.

11. INTELLECTUAL PROPERTY RIGHTS 

11.1  The Supplier and/or its licensors own all intellectual property rights in and to the Services, the underlying software, any user guides or materials made available by the Supplier, and the Site Diary names, logos and trade marks. Except for the limited rights of use expressly granted under the Contract, no rights are granted to, or vest in, the Customer. 

11.2  The Services may include open-source or third-party components, which are provided under, and remain subject to, their own licence terms. 

11.3  If the Customer or its Authorised Users provide suggestions, ideas or feedback regarding the Services, the Supplier may use and incorporate them without restriction or obligation, provided that it does not thereby acquire any rights in the Customer Data or disclose the Customer’s Confidential Information. 

12. INTELLECTUAL PROPERTY INDEMNITY 

12.1  The Supplier shall defend the Customer against any third-party claim that the Customer’s use of the Services in accordance with the Contract infringes a third party’s intellectual property rights enforceable in the United Kingdom (an “IPR Claim”), and shall indemnify the Customer against any damages finally awarded against the Customer, or amounts agreed in settlement by the Supplier, in respect of such IPR Claim, provided that the Customer: (a) notifies the Supplier promptly in writing of the IPR Claim; (b) gives the Supplier sole control of the defence and settlement of the IPR Claim; and (c) provides the Supplier with reasonable cooperation at the Supplier’s expense. 

12.2  If an IPR Claim is made or in the Supplier’s reasonable opinion is likely to be made, the Supplier may at its option and expense: (a) procure for the Customer the right to continue using the Services; (b) modify or replace the affected part of the Services so that it becomes non-infringing without material loss of functionality; or (c) if neither (a) nor (b) is reasonably achievable, terminate the Contract and refund the Fees paid in advance for the unexpired portion of the current Subscription Period. 

12.3  The Supplier shall have no obligation under this clause 12 to the extent the IPR Claim arises from: (a) the Customer Data; (b) use of the Services in breach of the Contract or in combination with software, data or processes not provided or approved by the Supplier; (c) modifications not made by the Supplier; or (d) continued use of an infringing version after the Supplier has made a non-infringing version available. This clause 12 states the Customer’s sole and exclusive remedy, and the Supplier’s entire liability, in respect of infringement of third-party intellectual property rights.

13. CUSTOMER INDEMNITY 

The Customer shall indemnify the Supplier against all liabilities, costs, expenses, damages and losses (including reasonable legal costs) suffered or incurred by the Supplier arising out of or in connection with any third-party claim relating to: (a) the Customer Data, including any claim that the Customer Data infringes third-party rights or breaches applicable law; or (b) use of the Services by the Customer or its Authorised Users in breach of the Contract or of applicable law; provided that the Supplier notifies the Customer promptly of any such claim and does not make any admission or settlement without the Customer’s prior consent (not to be unreasonably withheld).

14. CONFIDENTIALITY 

14.1 The Supplier (the “Receiving Party”) shall keep confidential all information of a confidential nature disclosed to it by the Customer  (the “Disclosing Party”) in connection with the Contract, including the Customer Data and the terms of any Order Form (“Confidential Information”), shall use it only for the purposes of performing the Contract, and shall disclose it only to those of its personnel, advisers and subcontractors who need to know it and who are bound by obligations of confidentiality no less protective. 

14.2 Security and Internal UseThe Receiving Party shall keep the Disclosing Party’s Confidential Information secure and apply at least the same degree of care as it uses for its own confidential information, and in any event no less than a reasonable and prudent business would use. 

The Receiving Party shall ensure that all permitted recipients (including directors, employees, advisers and subcontractors) are bound by written confidentiality obligations no less protective than those set out in this clause and shall be responsible for their compliance. 

The Receiving Party shall use the Disclosing Party’s Confidential Information solely for the purposes of performing its obligations or exercising its rights under this Agreement 

14.3 Breach Notification The Receiving Party shall immediately notify the Disclosing Party in writing upon becoming aware of any unauthorised access, use or disclosure of Confidential Information and shall cooperate fully with the Disclosing Party in investigating and mitigating any such breach. 

14.4  Exceptions Clause 14.1 does not apply to information which:  

(a) is or becomes publicly available other than through breach of the Contract;  

(b) was lawfully known to the Receiving Party before disclosure;  

(c) is lawfully received from a third party free of any obligation of confidence;  

(d) is independently developed without use of the Confidential Information; or  

(e) is required to be disclosed by law, a court or a regulatory authority, provided that, where lawful, the Receiving Party gives the Disclosing Party reasonable prior notice. 

Where disclosure is required under paragraph (e), the Receiving Party shall, to the extent legally permitted, provide the Disclosing Party with prior written notice and shall cooperate in seeking confidential treatment or protective measures. 

14.5  Return / Destruction of Data Upon written request of the Disclosing Party or upon termination of the Agreement, the Receiving Party shall immediately cease use of the Confidential Information and shall return or destroy (at the Disclosing Party’s option) all Confidential Information, including any copies, extracts, notes, analyses or derivative materials in any form (including electronic data), in accordance with Schedule 1 (Data Processing Agreement) 

15. WARRANTIES AND DISCLAIMERS 

15.1  The Supplier warrants that, during each paid Subscription Period: (a) the Services will perform materially in accordance with the Service Description; and (b) the Services will be provided with reasonable skill and care. The Supplier’s sole obligation, and the Customer’s sole remedy, for breach of the warranty in clause 15.1(a) is for the Supplier to use commercially reasonable endeavours to correct the non-conformity within a reasonable time of written notice or, if it is unable to do so, for the Customer to terminate the affected Subscription and receive a pro-rata refund of Fees paid in advance for the unexpired remainder of the current Subscription Period. 

15.2  The warranty in clause 15.1 does not apply to the extent any non-conformity arises from: (a) use of the Services contrary to the Contract; (b) the Customer’s or a third party’s equipment, software, network or internet connectivity; or (c) modifications or configurations not made by the Supplier. 

15.3  Except as expressly set out in the Contract, and to the maximum extent permitted by law, all conditions, warranties, representations and other terms which might otherwise be implied by statute, common law or otherwise (including any implied terms as to satisfactory quality, fitness for a particular purpose or non-infringement) are excluded. The Customer acknowledges that the Services are a standardised documentation tool not developed for its specific requirements, and that the Supplier does not warrant that the Services will meet those requirements or be uninterrupted or error-free.

16. LIMITATION OF LIABILITY 

16.1  Nothing in the Contract limits or excludes either party’s liability for: (a) death or perso²nal injury caused by its negligence; (b) fraud or fraudulent misrepresentation; (c) the Customer’s obligation to pay the Fees; or (d) any other liability which cannot lawfully be limited or excluded. 

16.2  Subject to clause 16.1, neither party shall be liable to the other, whether in contract, tort (including negligence), breach of statutory duty or otherwise, for any: (a) loss of profits, revenue, business, contracts or anticipated savings; (b) loss of or damage to goodwill or reputation; (c) loss or corruption of data (without prejudice to the Supplier’s express obligations under clauses 7.3 and 8); or (d) indirect or consequential loss, in each case arising under or in connection with the Contract, even if advised of the possibility of such loss. 

16.3  Subject to clauses 16.1 and 16.2, the total aggregate liability of the Supplier arising under or in connection with the Contract, however arising, shall not exceed: (a) in respect of paid Plans, the total Fees paid or payable by the Customer for the Services in the twelve (12) months immediately preceding the event giving rise to the claim; and (b) in respect of the Free Plan or a Trial, one hundred pounds sterling (£100) . 

16.4  The Customer acknowledges that the Fees have been set, and the risk allocated between the parties, on the basis of the limitations and exclusions in this clause 16, and that these reflect a reasonable allocation of risk given the nature and price of a standardised, multi-tenant software-as-a-service product and the insurance reasonably available to each party. 

16.5  Unless a claim is notified to the other party within twelve (12) months of the date on which the claiming party became aware, or ought reasonably to have become aware, of the facts giving rise to it, the claim shall be deemed waived, save in respect of the matters listed in clause 16.1.

17. TERM, SUSPENSION AND TERMINATION 

17.1  The Contract commences on the date determined under clause 3.2 and continues for the duration of the Subscription Period(s), unless terminated earlier in accordance with this clause 17. Free Plan accounts are opened upon registration and continue until closed by the Customer or withdrawn by the Supplier under clause 4.3. 

17.2  Suspension. Without prejudice to its other rights, the Supplier may suspend access to all or part of the Services, with immediate effect and with notice given as soon as reasonably practicable, where: (a) reasonably necessary to address a security incident, a Virus or a serious threat to the Services or to other customers; (b) the Customer or an Authorised User is in serious breach of clause 6.2; (c) required by law or by order of a competent authority; or (d) permitted under clause 9.4(b). The Supplier shall limit any suspension to what is strictly necessary in scope and duration and restore access promptly once the grounds for suspension are resolved. Fees remain payable during a suspension caused by the Customer’s breach. 

The Customer acknowledges and agrees that the Services are provided on an “as is” and “as available” basis and that the Supplier does not warrant or guarantee that the Services will be uninterrupted, error-free or available at all times. 

17.3  Termination for cause. Either party may terminate the Contract with immediate effect by written notice if the other party: (a) commits a material breach of the Contract which is irremediable or, if remediable, is not remedied within thirty (30) days of written notice requiring it to be remedied; or (b) becomes insolvent, enters into administration, liquidation, receivership or any analogous procedure in any jurisdiction, or ceases or threatens to cease to carry on business. 

17.4  Consequences of termination. On expiry or termination of the Contract for any reason: (a) the rights granted under clause 4.1 cease immediately and the Customer and its Authorised Users shall stop using the Services; (b) all sums due to the Supplier become immediately payable and, where the Supplier terminates for the Customer’s material breach, Fees for the remainder of any committed Subscription Period remain payable as a debt; (c) Customer Data is handled in accordance with clause 7.4 and the DPA; and (d) any provision which expressly or by implication is intended to survive termination (including clauses 7.4, 8, 11, 13, 14, 16, 17.4 and 23) shall continue in force. Where the Customer terminates for the Supplier’s material breach under clause 17.3(a), the Supplier shall refund the portion of Fees paid in advance for the unexpired remainder of the current Subscription Period.

18. CHANGES TO THESE TERMS 

18.1  The Supplier may update these Terms at any time, in particular to reflect changes in law, in the Services or in its business practices. The version in force is published on the Site Diary website with its effective date. Each Subscription Period is governed by the version of the Terms in force, and notified where required under clause 18.2, at the start of that Subscription Period. 

18.2  Updated Terms apply only from the start of the next Subscription Period following their notification; they never modify a Subscription Period already commenced, except where the change is required by applicable law or is to the Customer’s exclusive benefit. Material changes will be notified to the Customer at least thirty (30) days before the next renewal date, by e-mail to the account administrator or by in-app notice. If the Customer does not accept a material change, its sole remedy is to give notice of non-renewal or cancel in accordance with clause 5.2 before the change takes effect; renewal of the Subscription after the effective date constitutes acceptance of the updated Terms.

19. PUBLICITY 

The Supplier may identify the Customer as a customer and use its name and logo, in a form approved by the Customer where reasonably requested, on the Supplier’s website and in its sales and marketing materials, unless and until the Customer objects by written notice, in which case the Supplier shall cease such use within a reasonable period. Any case study, quotation or other detailed reference requires the Customer’s prior written consent. 

20. FORCE MAJEURE 

Neither party shall be in breach of the Contract or liable for delay in performing, or failure to perform, any of its obligations (other than payment obligations) if such delay or failure results from events, circumstances or causes beyond its reasonable control, including acts of God, epidemics, war, terrorism, civil unrest, industrial disputes (other than involving its own workforce), failure of public utilities, telecommunications networks or hosting infrastructure, or acts of any governmental authority. The affected party shall notify the other as soon as reasonably practicable and use reasonable endeavours to mitigate the effects. If the event continues for more than sixty (60) consecutive days, either party may terminate the Contract , subject to a thirty (30) days’ notice period in which case the Supplier shall refund any Fees paid in advance for Services not provided.

21. NOTICES 

Any notice given under the Contract shall be in writing and in English, and shall be delivered: (a) to the Supplier, by e-mail to legal@scriptandgo.com or by post to its registered office; and (b) to the Customer, by e-mail to the address of the account administrator or billing contact registered on the account, by in-app notification, or by post to its registered or trading address. A notice is deemed received: if sent by e-mail, at the time of transmission on a Business Day (or, if not, the next Business Day), provided no delivery failure is received; if delivered by hand, on signature of a delivery receipt; and if sent by first-class or registered post, on the second Business Day after posting. This clause does not apply to the service of proceedings or other documents in any legal action.

22. GENERAL 

22.1  Assignment. The Customer may not assign, transfer, charge, subcontract or otherwise deal with any of its rights or obligations under the Contract without the Supplier’s prior written consent (not to be unreasonably withheld or delayed). The Supplier may assign or transfer the Contract to any member of its group or in connection with a merger, acquisition or sale of all or substantially all of its assets, and may subcontract its obligations (including hosting), remaining responsible for its subcontractors’ performance. 

22.2  Entire agreement. The Contract constitutes the entire agreement between the parties relating to its subject matter and supersedes all prior agreements, representations and understandings, whether written or oral. Each party agrees that it has no remedies in respect of any statement or representation not set out in the Contract, save in the case of fraud. 

22.3  Severance and waiver. If any provision of the Contract is held invalid or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid and enforceable or, if that is not possible, deleted, and the remainder of the Contract shall remain in force. No failure or delay by a party in exercising any right or remedy shall constitute a waiver of it. 

22.4  No partnership; third parties. Nothing in the Contract is intended to, or shall be deemed to, establish any partnership, joint venture, agency or employment relationship between the parties. A person who is not a party to the Contract has no rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of its terms. 

22.5  Evidence. The parties agree that records, logs, electronic acceptance flows and connection data held in the Supplier’s systems are admissible as evidence of the formation and performance of the Contract, subject to proof to the contrary. 

22.6  Export and anti-bribery. Each party shall comply with all applicable export control, sanctions and anti-bribery laws, including the Bribery Act 2010. 

22.7  E-Commerce Regulations. The parties, neither of whom is a consumer, agree that regulations 9(1), 9(2) and 11(1) of the Electronic Commerce (EC Directive) Regulations 2002 shall not apply to the Contract.

23. GOVERNING LAW AND JURISDICTION 

23.1  The Contract, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation, shall be governed by and construed in accordance with the law of England and Wales. 

23.2  Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with the Contract or its subject matter or formation. Before issuing proceedings, the parties shall first attempt in good faith to resolve the dispute through discussions between senior representatives for a period of thirty (30) days. 

SCHEDULE 1 - DATA PROCESSING AGREEMENT 

Article 1 – Purpose and Scope 

The present data processing clauses (the “Data Processing Agreement” or “DPA”) define the conditions under which the Client, acting under the General Terms and Conditions to which they are attached (hereinafter the “Agreement”), instructs Script&Go, acting as Processor, to carry out personal data processing operations as defined in Annex B – Purposes and Means of Processing (hereinafter “Annex B”), on behalf of the Client, acting as Data Controller (hereinafter the “Data Controller”), as defined in the Agreement. 

Article 2 – Definitions - Interpretation 

Where terms defined in Regulation (EU) 2016/679 (the “GDPR”) appear in these clauses, they shall have the meaning assigned to them under the GDPR. 

These clauses shall be interpreted in light of the provisions of the GDPR. 

They shall not be interpreted in a manner that conflicts with the rights and obligations provided for under the GDPR or that undermines the fundamental rights and freedoms of data subjects.

Article 3 – Term of the DPA 

This Data Processing Agreement (the “DPA”) enters into force retroactively as of the date of conclusion of the Agreement between the Parties, relating to the provision of the Diary, Task, and Supervision applications (hereinafter the “Applications”) as well as the operation of the “Site Diary” and “Site Supervision“ websites (hereinafter the “Websites”). 

It is concluded for a duration identical to that of the aforementioned Agreement.

Article 4 – Description of the Personal Data Processing 

For the purpose of performing its contractual obligations, Script&Go is authorised to collect and process personal data on behalf of the Data Controller and strictly in accordance with its instructions, insofar as necessary to provide the services covered by the Agreement. 

The purposes and means of processing are determined by the Data Controller and described in Annex B. 

The Client acts as Data Controller. 

Where the Client uses personal data for purposes other than those agreed, it does so at its own risk. Script&Go shall not be held liable for any damage or consequences resulting from any breach by the Client of applicable regulations. 

The purposes of processing, the categories of personal data processed, and the categories of data subjects are recorded in the processing registers established respectively by the Data Controller and the Processor, the latter having no control over the data collected or stored. 

For the purposes of compliance with these terms, each Party shall provide the other with the necessary information set out in Annex A (hereinafter “Annex A – Identification of the Parties”).

Article 5 – Data Retention Period 

The Client determines the retention period for Users’ personal data. 

Article 6 – Obligations of the Parties 

6.1 Obligations of the Client 

Throughout the duration of the contractual relationship between the Parties, the Client shall: 

• determine, as Data Controller, the nature and categories of personal data subject to processing;  

• ensure that all required formalities or procedures under applicable regulations have been completed prior to any disclosure of personal data to Script&Go;  

• guarantee the lawful and fair collection of personal data and ensure that data subjects are informed and have given consent where such consent is required to enable Script&Go to carry out the processing;  

• declare that personal data used under the Agreement is processed on the basis of one of the legal grounds set out in Article 6 of the GDPR;  

• ensure that personal data is processed solely for the purposes described in Annex B;  

• provide only lawful, accurate, complete, and up-to-date personal data to Script&Go;  

• as Data Controller, document in writing any instruction relating to processing activities carried out by Script&Go;  

• inform Script&Go of any relevant information concerning compliance with Applicable Regulations and the exercise of data subject rights.

6.2 Obligations of Script&Go 

Throughout the duration of the contractual relationship between the Parties, Script&Go undertakes to: 

• process personal data solely for the purposes defined by the Client and set out in Annex B;  

• process personal data strictly in accordance with the Client’s documented instructions. Where an instruction appears to infringe applicable regulations, Script&Go shall immediately inform the instructing Party;  

• ensure that persons authorised to process personal data under the Agreement are bound by confidentiality obligations or are subject to an appropriate legal duty of confidentiality;  

• delete or, at the Client’s choice or request, return personal data at the end of the contractual relationship, subject to applicable legal retention obligations.

Article 7 – Security of Processing 

Script&Go undertakes to implement all appropriate technical and organisational measures to ensure the security of Users’ personal data. 

The Client acknowledges that the measures described in Annex D (hereinafter “Annex D – Security and Organisational Measures”) are satisfactory.

Article 8 – Use of Sub-processors 

Script&Go is granted general authorisation by the Client to engage sub-processors at any time during the term of the Agreement for the performance of specific processing activities. 

Where applicable, Script&Go shall notify the Client in advance, in writing, of any intended addition or replacement of a sub-processor, with reasonable notice, and shall provide the information necessary to allow the Client to exercise its right to object. 

The Client shall have a maximum period of seven (7) business days from receipt of such information to raise objections. 

In the event of objection, the processing entity reserves the right to terminate the Agreement by simple written notice, without compensation or indemnity. 

Each sub-processor shall be bound by obligations equivalent to those set out in this Agreement, acting on behalf of and in accordance with the instructions of the Client. 

Script&Go ensures that such sub-processors provide sufficient guarantees regarding the implementation of appropriate technical and organisational measures to ensure compliance with the GDPR. 

If a sub-processor fails to comply with its obligations, Script&Go shall remain fully liable for their performance. 

The list of sub-processors is set out in Annex C (hereinafter “ANNEX C – LIST OF SUB-PROCESSORS”).

Article 9 – Data Transfers to Third Countries 

The Client hereby authorises Script&Go to carry out, where applicable, transfers of personal data to a third country or an international organisation within the meaning of Chapter V of Regulation (EU) 2016/679 (the “GDPR”), including via its sub-processors, in strict compliance with the provisions of said Chapter. 

This authorisation constitutes documented instructions within the meaning of Article 28(3) of the GDPR. 

Script&Go undertakes to carry out such transfers only where one of the mechanisms provided for under the GDPR applies, including in particular: 

• transfers to a country benefiting from an adequacy decision adopted by the European Commission;  

• transfers based on Standard Contractual Clauses adopted by the European Commission pursuant to Article 46(2) of the GDPR;  

• or any other mechanism recognised as ensuring an adequate level of protection.  

Where applicable, Script&Go shall notify the Client in writing in advance of any planned transfer, whether direct or via a sub-processor, with reasonable prior notice. The Client shall then receive all necessary information to exercise its right to object, within a maximum period of seven (7) business days from receipt of such information. 

In the event of objection, Script&Go reserves the right to terminate the Agreement by simple written notification, without any indemnity or compensation payable to the Client.

Article 10 – Assistance from Script&Go 

10.1 Exercise of Data Subject Rights 

To the extent possible, Script&Go SAS undertakes to provide reasonable assistance to the Client to enable it to comply with its obligations to respond to requests from Data Subjects exercising their rights, namely: 

• right of access;  

• right to rectification;  

• right to erasure;  

• right to object;  

• right to restriction of processing;  

• right to data portability;  

• right not to be subject to automated individual decision-making, including profiling.  

Where Data Subjects submit requests directly to Script&Go, the latter undertakes to forward such requests to the Client no later than forty-eight (48) hours after receipt. 

Upon receipt, the Client undertakes to respond directly to Data Subjects within the time limits required under Applicable Regulations. 

Script&Go shall not respond directly to such requests unless expressly instructed to do so in writing by the Data Controller.

10.2 Notification of Personal Data Breaches 

In the event of a Personal Data Breach, the Parties agree that Script&Go SAS shall notify the Client without undue delay after becoming aware of the breach. 

Such notification shall, where possible, include the following information: 

• the nature of the Personal Data Breach;  

• the categories and approximate number of Data Subjects concerned;  

• the categories and approximate number of records affected;  

• the likely consequences of the Personal Data Breach;  

• the measures taken or proposed to address the breach and, where applicable, to mitigate its adverse effects.  

Where some of this information is not available at the time of the initial notification, it shall be provided as soon as it becomes available. 

The Client undertakes to notify the Personal Data Breach to the Commission Nationale de l’Informatique et des Libertés (CNIL) or any other competent supervisory authority no later than seventy-two (72) hours after becoming aware of the breach, unless otherwise agreed between the Parties. 

Where required, the Client shall inform Data Subjects directly without undue delay, in the event of a high risk to their rights and freedoms. 

Such notification shall, at a minimum, clearly and precisely include: 

• the nature of the Personal Data Breach;  

• the likely consequences of the breach;  

• contact details of the Data Protection Officer (DPO) or other contact point;  

• the measures taken or proposed to address the breach and mitigate its effects. 

10.3 Other Obligations 

In addition to the assistance obligations set out above, the Processor shall also assist the Client in ensuring compliance with the following obligations, taking into account the nature of the processing and the information available to Script&Go: 

• the obligation to carry out a Data Protection Impact Assessment (DPIA) where processing is likely to result in a high risk to the rights and freedoms of natural persons;  

• the obligation to consult the competent supervisory authority prior to processing where a DPIA indicates that the processing would result in a high risk in the absence of mitigating measures;  

• the obligation to ensure that personal data are accurate and up to date, by informing the Client without delay where Script&Go becomes aware that processed data are inaccurate or outdated;  

• the obligations set out in Article 32 of Regulation (EU) 2016/679.

Article 11 – Documentation and Compliance 

Script&Go shall make available to the Client all information strictly necessary to demonstrate compliance with its obligations under Article 28 of the GDPR. 

An audit may be carried out by the Client or by an independent auditor, provided that such auditor does not directly or indirectly compete with the activities of Script&Go or any company within its group, limited to one (1) audit per year. 

The independent auditor shall be selected by the Client and approved by Script&Go. The auditor must have the required professional qualifications and shall be bound by a confidentiality agreement. 

Script&Go shall be notified at least fifteen (15) business days prior to the audit. 

The audit shall take place during Script&Go’s normal business hours and in a manner that does not disrupt its operations. 

The audit shall not include access to any systems, information, or data unrelated to the processing carried out under the Agreement, nor any physical access to servers hosting or storing Script&Go’s software solutions. 

All costs related to the audit shall be borne by the Client, including but not limited to auditor fees, and the Client shall reimburse Script&Go for any expenses incurred in connection with the audit. 

Article 12 – Return and Deletion of Personal Data 

For any reason whatsoever, Script&Go undertakes, upon request by the Client, to delete or return all personal data within a period of thirty (30) days following termination of the Agreement. 

For this purpose, data export shall be provided in a standard, machine-readable, and reasonably usable format. 

Upon expiry of this period, the Processor may permanently delete personal data from production systems and remove them from backups, in accordance with its standard retention and backup rotation cycles described in Annex D. 

Such operations may generate costs for Script&Go, which may be invoiced to the Client. A quotation shall be provided by Script&Go prior to any data return. 

ANNEX A – LIST OF PARTIES 

DATA CONTROLLER : 

The Client 

DATA PROCESSOR  

43 Square de la Mettrie – 35700 RENNES – France 

Rennes Trade and Companies Register (RCS) No. 530 649 250  

Represented by Mr. Benoît Jeannin, acting in his capacity as President  

DATA PROTECTION OFFICER (DPO) OF THE PROCESSOR:  

Ms Marie Hombert legal@scriptandgo.com 

ANNEX B- DESCRIPTION OF THE PROCESSING 

ANNEX C – LIST OF SUB-PROCESSORS

ANNEX D - TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE DATA SECURITY

Script&Go implements appropriate organisational, technical, and physical measures to ensure the security of the Client’s personal data, in accordance with the requirements of the GDPR. 

General Security Measures Implemented by Script&Go 

Physical Measures: 

• Secure access to premises via keys and access codes;  

• Hosting of servers in data centres with strict physical access controls and continuous monitoring;  

• Active alarm system designed to prevent any intrusion. 

Organisational Measures: 

• IT and AI usage policies governing the use of digital tools;  

• Confidentiality clauses included in employment contracts;  

• Internal policies on security and personal data breach management;  

• Mandatory training for all employees on data protection and cybersecurity. 

Technical Measures: 

• Secure sessions and tools protected by strong passwords;  

• Automatic session locking after inactivity;  

• Secure remote access via VPN;  

• Administrator accounts granted only where necessary, with restricted SSH access based on personal keys and authorised IP addresses. 

Specific Technical Measures for the Solutions 

Data Hosting: 

Data is hosted by recognised cloud service providers with a high level of cybersecurity maturity and holding relevant certifications, including ISO 27001 standard certification. 

Backups: 

Data is backed up regularly under the following conditions: 

• Daily differential backups;  

• Monthly full backups.  

Retention policy is organised as follows: 

• Daily: 7 days;  

• Weekly: 4 weeks;  

• Monthly: 6 months. 

Data Portability: 

Data may be exported, except for data strictly necessary for the operation of the Solutions. 

Exports are available in PDF format via the application or as ZIP archives per project, upon request by the Client. 

Availability 

Script&Go undertakes to ensure optimal availability of its Solutions under an obligation of means. 

Measures are implemented to minimise service interruptions. Any major maintenance operation is subject to prior notification. 

Authentication and Access Management 

The following measures are implemented to secure access to the Solutions: 

• Strong password authentication in accordance with ANSSI recommendations;  

• Role and access rights management configurable by the Client;  

• Regular access rights reviews to ensure appropriateness of permissions.  

Access to accounts and data is strictly reserved for authorised Script&Go personnel, exclusively for maintenance or support purposes, and performed from the internal network. 

Traceability 

To ensure reliable monitoring of operations, the following measures are implemented: 

• Log retention for six (6) months, followed by secure archival for a period of one (1) year;  

• Comprehensive logging of all actions (creation, modification, deletion), as well as connections and access attempts. 

Operational Security and Data Confidentiality 

Script&Go implements the following measures to ensure infrastructure security and data confidentiality: 

• Password encryption and strengthened password complexity requirements;  

• Secure communications via HTTPS and SSH protocols;  

• Server protection through reverse proxy, firewalls, antivirus, and anti-DDoS systems;  

• Traffic monitoring through a control matrix;  

• Automatic patch deployment in case of critical vulnerabilities;  

• Continuous security monitoring to identify emerging threats.