Q-Hub Enterprise Addendum Draft
📝 This is an example of an enterprise addendum used as the framework for a bespoke enterprise agreeement.
📝 This is an example of an enterprise addendum used as the framework for a bespoke enterprise agreeement.
Preamble
This Enterprise Addendum ("Addendum") is entered into between:
Intelligent Quality Ltd (trading as "Q-Hub"), a company registered in England ("Provider"); and
[CUSTOMER NAME], a company registered in [jurisdiction] with company number [number] ("Customer").
Effective Date: [date]
Contract Value: [annual subscription fees]
Subscription Plan: [plan name / Silver Support Plan]
Initial Subscription Term: [12 / 24 / 36] months
This Addendum supplements and, where it conflicts with, takes precedence over the following standard Q-Hub documents:
Q-Hub Terms & Conditions
Q-Hub Acceptable Use Policy (AUP)
Q-Hub Data Processing Agreement (DPA)
Q-Hub Service Level Agreement (SLA)
Where this Addendum is silent, the standard documents apply without modification. Capitalised terms used but not defined in this Addendum have the meanings given to them in the standard documents.
Document Hierarchy
The contractual documents shall be interpreted in the following order of precedence (highest first):
Order Form (only where it expressly states it prevails)
This Enterprise Addendum
Data Processing Agreement (in relation to data protection obligations only)
Service Level Agreement (in relation to service levels only)
Terms & Conditions
Acceptable Use Policy
Section 1 — Amendments to Terms & Conditions
1.1. Acceptance
These Terms and this Addendum shall be binding on the Customer only from the date an authorised signatory of the Customer accepts them in writing. Acceptance shall not be deemed by account creation, system usage, or any other means.
1.2. Modifications During Subscription Term
Any modification to the standard documents during an active Subscription Term shall be limited to non-material changes only. Material changes require the Customer's prior written consent. Section 17 of the Terms is amended accordingly.
1.3. Subscription Renewal
The Customer's Subscription shall auto-renew in accordance with Section 9.9 of the Terms, unless the Customer opts out of auto-renewal by providing written notice to the Provider not less than 60 days before the end of the then-current Subscription Term.
The Provider shall send the Customer a renewal offer (including any proposed changes to fees or terms) not less than 90 days before the end of the then-current Subscription Term. If the Customer has opted out of auto-renewal and does not accept the renewal offer in writing before the expiry of the Subscription Term, the Subscription shall terminate on the expiry date.
1.4. Subscription Fees
Subscription Fees shall be fixed for the Initial Subscription Term as set out in the Order Form. The Provider shall not increase fees during the Initial Subscription Term.
Upon renewal, the Provider may propose revised fees as part of the renewal offer under Section 1.3 above.
1.5. Excessive Usage
Section 9.7 of the Terms is amended as follows: before imposing any pricing change or usage restriction under Section 9.7, the Provider shall give the Customer not less than 30 days' written notice, specifying the nature of the excessive usage and the proposed restriction or pricing change. The Customer shall have 30 days from receipt of such notice to remedy the excessive usage before any restriction or pricing change takes effect.
1.6. Termination for Cause
Section 12.2 of the Terms is amended as follows: the cure period for material breach shall be not less than 30 days following written notice from the non-breaching party, except in the case of non-payment of undisputed fees, where the cure period shall be not less than 10 days.
1.7. Refund on Provider Breach
If the Customer terminates the Subscription as a result of the Provider's material breach under Section 12.2 (as amended by Section 1.6 above), the Customer shall be entitled to a pro-rata refund of any pre-paid Subscription Fees for the unused portion of the Subscription Term following the effective date of termination.
1.8. Suspension
Section 12.6 of the Terms is further amended as follows for this Customer:
(a) The Provider shall not suspend the Customer's Account or any User Profile for disputed charges where the Customer has paid all undisputed amounts and has notified the Provider in writing of the dispute.
(b) The Provider shall not suspend an entire Account as a result of the actions of a single User. Where a single User's conduct gives grounds for suspension, the Provider shall limit the suspension to that User's profile only, except where the conduct creates an immediate risk to the security, integrity, or availability of the Service.
1.9. Provider Assignment
Section 18.5 of the Terms is amended as follows: the Provider shall give the Customer not less than 30 days' prior written notice of any assignment of the Provider's rights or obligations under these Terms. If, acting reasonably, the Customer determines that the assignment materially increases the risk to the Customer's data or the continuity of the Service, the Customer may terminate the Subscription on written notice within 30 days of receiving the Provider's assignment notice, and shall be entitled to a pro-rata refund of any pre-paid Subscription Fees for the unused portion of the Subscription Term.
Section 2 — Liability Framework
This Section 2 replaces Section 14 of the Terms in its entirety for this Customer.
2.1. Service Credits as Sole Downtime Remedy
Service credits provided under Section 5 of this Addendum (Amendments to SLA) are the Customer's sole and exclusive remedy in respect of any Service Unavailability. Claims for Service Unavailability may not be brought under this Section 2.
2.2. Tier 1 — General Liability
Subject to Section 2.5, the Provider's total aggregate liability for direct, proven financial losses suffered by the Customer, arising directly and solely from the Provider's failure to meet its obligations under the agreement, shall not exceed £250,000 (two hundred and fifty thousand pounds).
This tier applies to losses arising from circumstances within the Provider's direct operational control, including but not limited to:
(a) negligence or breach of professional duty by the Provider;
(b) the Provider's failure to implement or maintain the security measures described in the DPA;
(c) breach of confidentiality by the Provider's personnel; and
(d) breach of the Provider's obligations under the Data Processing Agreement.
For the avoidance of doubt, the liability cap under this Section includes all costs reasonably incurred by the Provider in investigating, defending, and settling any claim, and such costs shall not be recoverable by the Customer separately or in addition to the cap stated above.
2.3. Tier 2 — Exception Liability
Subject to Section 2.5, the Provider's total aggregate liability for direct, proven financial losses suffered by the Customer, arising from events or circumstances outside the Provider's direct operational control, where the Provider has taken reasonable and proportionate precautions, shall not exceed the lower of:
(a) the total Subscription Fees paid by the Customer in the 12 months preceding the event giving rise to the claim; or
(b) £25,000 (twenty-five thousand pounds).
This tier applies to losses arising from circumstances including but not limited to:
(a) sub-processor failures where the Provider has complied with its sub-processor due diligence and management obligations under the DPA;
(b) infrastructure or cloud provider outages affecting the Service;
(c) external cyber attacks or security incidents where the Provider had implemented the security measures described in the DPA and SLA at the time of the incident; and
(d) data loss or corruption caused by third-party systems or services.
2.4. Tier 3 — Excluded Liability
Neither party shall be liable to the other under or in connection with the agreement for any:
(a) indirect, consequential, special, or punitive losses of any nature;
(b) loss of profits, anticipated savings, revenue, goodwill, or business opportunity;
(c) loss of or damage to data, except to the extent recoverable under Tier 1 or Tier 2 above; or
(d) any loss that is not a direct and proven financial loss suffered by the Customer as a direct counterparty to this agreement,
in each case whether arising in contract, tort (including negligence), breach of statutory duty, or otherwise, and whether or not such loss was foreseeable.
2.5. Non-Excludable Liabilities
Nothing in this Section 2 limits or excludes either party's liability for:
(a) death or personal injury caused by its negligence;
(b) fraud or fraudulent misrepresentation; or
(c) any other liability that cannot be limited or excluded under applicable law.
2.6. Claims Process
Any claim under this Section 2 must:
(a) be direct and proven;
(b) be submitted in writing to the Provider within 90 days of the date on which the Customer first became aware, or ought reasonably to have become aware, of the loss;
(c) include reasonable evidence of the loss and its quantum; and
(d) specify the tier under which the Customer considers the claim falls.
The Provider shall determine the applicable tier in the first instance, acting reasonably and in good faith. If the Customer disagrees with the Provider's determination, the parties shall seek to resolve the disagreement through good faith discussion before either party commences formal proceedings.
2.7. No Double Recovery
The Customer may not recover the same loss under more than one tier, or under both this Section 2 and the service credit provisions in Section 5 of this Addendum. Service credits applied in respect of any period of Service Unavailability shall be taken into account when calculating any loss arising from the same incident.
2.8. No Admission of Liability
No payment, service credit, remedy, or other action taken by the Provider under this agreement (including this Addendum) shall constitute or be construed as an admission of liability, fault, or wrongdoing by the Provider.
2.9. Limitation Periods
All liability caps in this Section 2 are cumulative across all claims and not per incident. The caps apply to the total aggregate liability of the Provider, its affiliates, subcontractors, agents, and vendors (including third-party service providers) under or in connection with the agreement.
Section 3 — Amendments to Acceptable Use Policy
3.1. Permitted Automations and API Use
For the avoidance of doubt, the restrictions on automated use in Section 3 of the AUP do not prohibit the Customer from:
(a) using the Q-Hub API in accordance with the Terms and applicable developer guidelines;
(b) configuring standard business automations, scheduled reports, and integrations within the normal functionality of the Service;
(c) using reasonable internal scripting for data import, export, or workflow automation in connection with the Customer's authorised use of the Service; or
(d) conducting automated data quality checks or validation processes within the Customer's own Account.
3.2. Penetration Testing
The Customer may conduct penetration testing or vulnerability scanning of the Service, provided that:
(a) the Customer gives the Provider not less than 30 days' written notice of the proposed testing, including the scope, methodology, and expected timing;
(b) the testing is conducted by a suitably qualified and insured third party approved by the Provider (such approval not to be unreasonably withheld);
(c) the testing does not intentionally disrupt the Service for other customers; and
(d) the Customer shares the results of the testing with the Provider within 14 days of completion.
3.3. Suspension Process
Section 6 of the AUP is further amended as follows for this Customer:
(a) Before suspending any User or Account under the AUP, the Provider shall provide the Customer with written evidence of the alleged breach and not less than 14 days to respond and remedy the issue, except where immediate suspension is necessary to protect the security, integrity, or availability of the Service.
(b) The Customer may appeal any suspension decision by providing a written response to the Provider within 14 days of the suspension taking effect. The Provider shall review the appeal and respond within 7 business days.
(c) The Provider shall not suspend an entire Account as a result of the actions of a single User, except where the conduct creates an immediate risk to the security, integrity, or availability of the Service.
3.4. User Activity Logs
The Provider shall make available to the Customer, as a separate commercial arrangement, access to user activity logs for the Customer's Account. The scope, format, retention period, and pricing for user activity logs shall be agreed between the parties and documented in the Order Form or a separate service schedule.
Section 4 — Amendments to Data Processing Agreement
4.1. Breach Notification
Section 12 of the DPA is amended as follows: the Processor shall notify the Controller without undue delay, and in any event within 24 hours, of becoming aware of a confirmed Personal Data breach. All other requirements of DPA Section 12 (content of notification, ongoing updates, cost reimbursement) continue to apply.
4.2. Data Retention Post-Termination
Section 7 of the DPA is confirmed as follows for this Customer: the Processor shall maintain Customer Data within the Service in a form accessible to the Controller for a minimum of 90 days following the effective date of termination or expiry.
The Processor shall give the Customer not less than 30 days' written notice before deleting any Customer Data following the expiry of the 90-day retention period. The Processor shall not delete Customer Data without confirmation from the Customer that all required data has been exported, or without the expiry of the 30-day notice period, whichever is later.
4.3. Certificate of Deletion
Upon final deletion of Customer Data from active production systems, the Processor shall provide the Customer with a written certificate of deletion confirming that Customer Data has been removed from active systems. The certificate shall be signed by an authorised representative of the Processor and provided within 30 days of the Customer's request.
Where Customer Data remains in backup systems pending overwrite in the ordinary course of business, a further certificate will be issued once deletion from backup systems is complete.
4.4. Audit Rights
Section 9 of the DPA is amended as follows for this Customer:
(a) The Customer may conduct up to one audit per year. One additional audit may be conducted in the event of a confirmed Personal Data breach affecting the Customer's data.
(b) The Customer shall give the Processor not less than 30 days' written notice of a proposed audit, including the proposed scope and timing.
(c) The scope of any audit shall be limited to the processing of the Customer's Personal Data and compliance with this DPA. The Customer may not audit the Processor's operations in respect of other customers' data.
(d) A representative of the Processor shall be present during any on-site audit activity.
(e) Where the Customer engages a third-party auditor, the auditor must enter into a confidentiality agreement with the Processor on terms reasonably satisfactory to the Processor before the audit commences.
(f) The cost of audits shall be borne by the Customer, unless the audit identifies material non-compliance with the DPA, in which case the Processor shall bear the reasonable costs of the audit.
(g) The Processor shall review any recommendations resulting from an audit and will implement those which it considers, acting reasonably, to be appropriate and proportionate.
4.5. Sub-Processor Termination
If the Customer objects to a new sub-processor in accordance with the DPA and the parties are unable to agree a resolution within 30 days, the Customer may terminate the affected Service on written notice. Upon such termination, the Customer shall be entitled to a pro-rata refund of any pre-paid Subscription Fees for the unused portion of the Subscription Term.
Section 5 — Amendments to Service Level Agreement
5.1. Service Credits
The following service credit provisions apply to this Customer in place of any standard SLA availability remedies:
Uptime-Based Service Credits (calculated monthly):
Monthly Uptime | Credit (% of Monthly Fees) |
|---|---|
99.0% – 99.9% | 5% |
98.0% – 99.0% | 10% |
95.0% – 98.0% | 15% |
Below 95.0% | 20% |
Planned Maintenance carried out during the Maintenance Window (22:00–04:00 GMT daily) is excluded from the service credit calculation. Uptime data is made available to the Customer via the Q-Hub status page.
It is the Customer's responsibility to submit any service credit claim in writing within 30 days of the end of the calendar month in which the qualifying shortfall occurred. Approved credits shall be applied to the Customer's next invoice.
The total of all service credits in any calendar month shall not exceed 20% of Monthly Fees for that month.
5.2. Service Credits Are Not Sole Remedy
Service credits under this Section 5 are the Customer's sole and exclusive remedy for Service Unavailability, as confirmed in Section 2.1 of this Addendum. However, service credits do not limit the Customer's other rights under the agreement in respect of losses that are not caused by Service Unavailability (for example, data breach, confidentiality breach, or other non-availability-related failures).
5.3. Enhanced Response and Resolution Times
Section 7 of the SLA is amended as follows for this Customer:
Response Times:
Critical Issues: Service Unavailability — Response or public update provided within 1 hour.
Major Issues: Major functionality in the Core Service is impacted, or the Core Service performance is significantly degraded, or the Error is persistent and affects many Users. No reasonable workaround is available. — Response or public update within 2 hours.
Minor Issues: Service performance issue or a material bug affecting some Users or some functionalities. Reasonable workaround is available. — Response within 12 hours.
Resolution Times:
Critical Issues: Resolution within 4 hours.
Major Issues: Resolution within 1 business day.
Minor Issues: Resolution within 10 business days where a reasonable workaround cannot be sufficiently provided.
5.4. Read-Only Mode Threshold
Section 8.2.4 of the SLA is amended as follows: a duration of up to twenty (20) consecutive minutes in which the Service was available in Read-Only Mode shall not be regarded as Service Unavailability. Read-Only Mode exceeding twenty (20) consecutive minutes will be regarded as Service Unavailability.
5.5. SLA Term
This SLA may not be terminated independently of the Customer's Subscription. The SLA shall remain in force for the duration of the Subscription Term and shall terminate automatically on the same date as the Subscription.
5.6. SLA Amendments
No material amendment to the SLA shall take effect during an active Subscription Term without the Customer's prior written agreement.
Section 6 — Off-Boarding Plan
6.1. Retention Period
Upon termination or expiry of the Subscription, the Provider shall maintain Customer Data within the Service in a form accessible to the Customer for a minimum of 90 days (the "Retention Period"), as confirmed in Section 4.2 of this Addendum and Section 7 of the DPA.
6.2. Data Export
During the Retention Period, the Customer may export its data using the standard export tools described in SLA Section 9.5, which include:
(a) PDFs of all entries produced on the application (forms, processes, audits, Qdocs);
(b) CSV downloads of all customer-facing data tables; and
(c) zipped file of all documents held on the system with accompanying CSV of file metadata.
6.3. Managed Export Assistance
The Provider shall, if requested by the Customer, provide reasonable assistance with the data export process. The scope and pricing of any managed export assistance shall be agreed between the parties and documented in the Order Form or a separate service schedule.
6.4. Certificate of Deletion
Following the Retention Period and the Customer's confirmation that all required data has been exported (or the expiry of the 30-day deletion notice under Section 4.2), the Provider shall delete Customer Data and provide a certificate of deletion in accordance with Section 4.3 of this Addendum.
6.5. Extended Retention
The Customer may request an extension to the Retention Period beyond 90 days. Extended retention is available as a commercial arrangement and shall be priced and documented in the Order Form or a separate service schedule.
Section 7 — Signatures
This Addendum has been entered into on the date stated at the beginning of this document.
Signed for and on behalf of Intelligent Quality Ltd:
Name: ___________________________
Title: ___________________________
Signature: ___________________________
Date: ___________________________
Signed for and on behalf of [CUSTOMER NAME]:
Name: ___________________________
Title: ___________________________
Signature: ___________________________
Date: ___________________________
Ready to try it? Get started