Contact Us

Legal Hub

Your central source for Incentivizer’s legal documentation.

Access our terms, policies and compliance information in one place for full transparency and clarity

Table of Contents

Terms of Service

Last updated: 23 January 2026

PLEASE READ THE TERMS OF THIS AGREEMENT CAREFULLY

This is a legally binding agreement (AGREEMENT) between (the Customer or you) and Essential Communications Ltd trading as “Incentivizer” whose registered address is 124 City Road, London EC1V 2NX, the Supplier, we or us), granting you the right to use and access the Incentivizer platform, including any Updates, Upgrades, patches, fixes or workarounds made available by us, and any data, media or documents associated with it (together, the Subscribed Services).

BY PURCHASING AN INCENTIVIZER SUBSCRIPTION, YOU AGREE TO AND ACCEPT THIS AGREEMENT AND THE FOLLOWING TERMS WHICH WILL BE BINDING ON YOU AND ANY OF YOUR AUTHORISED USERS WHEN ACCESSING OR USING THE SERVICES. PLEASE NOTE, IN PARTICULAR, THE LIMITATIONS ON LIABILITY IMPOSED AT CLAUSE 15.

THIS IS A BUSINESS TO BUSINESS AGREEMENT AND IS NOT TO BE ENTERED INTO BY CONSUMERS. YOU SHOULD ONLY COMPLETE THE PURCHASE OF A SUBSCRIPTION IF YOU ARE A BUSINESS.

IF YOU DO NOT AGREE TO ANY OF THE TERMS OF THIS AGREEMENT, YOU SHOULD NOT ACCESS OR USE THE SERVICES.

1 Definitions and interpretation

1.1 In the Agreement:

End User Terms

means the Supplier’s end user terms;
Affiliatesmeans, in respect of any entity, any entity that directly or indirectly controls, is controlled by or is under common control with that entity within the meaning set out in s 1124 of the Corporation Tax Act 2010;
Agreementmeans, together, the Payment Terms, the Subscribed Service Specific Terms, this Agreement and any policies referred to in either this Agreement, the Subscribed Service Specific Terms or the Payment Terms;
Authorised Usersmeans, in respect of the relevant Subscribed Service, the named users being employees, contractors or end customers of the Customer and/or Customer group companies authorised by you to use that Subscribed Service in accordance with the terms of this Agreement;
Business Daymeans a day other than a Saturday, Sunday or bank or public holiday in England;
Commencement Datemeans the date on which you click to accept this Agreement;
Confidential Informationmeans as defined in clause 16.1
Customer Datameans all data (in any form) that is provided to the Supplier or uploaded to any part of any Subscribed Service by the Customer or by any Authorised User);
Customer Systemsmeans all Customer or third party software and systems (other than Third Party Software) used by or on behalf of the Customer or any of its direct or indirect sub-contractors, or any Authorised User in connection with the provision or receipt of any of the Services or that the Services otherwise link, inter-operate or interface with or utilise (in each case whether directly or indirectly);
Data Protection Addendummeans the Supplier’s data protection addendum available here);
Feedbackhas the meaning given to it at clause 13.4;
Feesmeans the fees payable in advance by the Customer to the Supplier in consideration of the grant of rights to use and access the Services as detailed on our Pricing page and under the Payment Terms;
Force Majeuremeans an event or sequence of events beyond a party’s reasonable control preventing or delaying it from performing its obligations under the Agreement (provided that an inability to pay is not Force Majeure), including any matters relating to the transfer of data over public communications networks and any delays or problems associated with any such networks or with the internet;
Intellectual Property Rights

means any and all copyright, rights in inventions, patents, know-how, trade secrets, trade marks and trade names, service marks, design rights, rights in get-up, database rights and rights in data, semiconductor chip topography rights, utility models, domain names and all similar rights and, in each case:

(a) whether registered or not;

(b) including any applications to protect or register such rights;

(c) including all renewals and extensions of such rights or applications;

(d) whether vested, contingent or future; and

(e) wherever existing;

New Versionshas the meaning given to it at clause 9.1;
Payment Termsmeans the separate agreement that the Customer enters into with the Supplier containing the provisions on which the Customer takes a subscription for the supply of the Subscription Services;
Permitted Purposemeans the Customer’s internal business purposes in connection with its use of the Incentivizer platform and participation in or administration of incentive programs, and expressly excludes use of the Services for the provision of outsourcing services, service bureau services, or for the benefit of any third party other than Authorised Users;
Permitted Usage Rightsmeans the number of Authorised Users across the permitted number of simultaneous incentives and countries as detailed on the Pricing page for the Subscribed Services under the Agreement as set out at clause 5.3;
Privacy Policymeans the Supplier’s privacy policy available here;
Receiving Partyhas the meaning given to it in clause 21.1;
Relief Eventmeans any: (i) breach of the Agreement by the Customer; (ii) negligence of the Customer; (iii) other unlawful acts or omissions of the Customer; or (iv) any Force Majeure;
Servicesmeans the Subscribed Services and any support services provided in accordance with clause 8.1;
Standard Pricing Termsmeans the Supplier’s standard pricing terms for each part of the Services, as amended by the Supplier from time to time, and as at the date of this Agreement, the latest version available at https://incentivizer.ai/pricing/;
Subscribed Service Specific Termsmeans, in respect of each Subscribed Service, the specific additional or amended terms to be provided by us as relevant to that Subscribed Service (as updated from time to time) which are available at https://incentivizer.ai/pricing/;
Subscription Periodmeans the period set out under the relevant Subscribed Service Specific Terms;
Territorymeans worldwide;
Third Party Softwaremeans any third party software in the Subscribed Services;
Updatemeans a software maintenance update, patch or bug-fix which does not constitute an Upgrade;
Upgrademeans a version or release of software intended to have new or improved functionality or designated by the Supplier as an upgrade; and
VATmeans United Kingdom value added tax, any other tax imposed in substitution for it and any equivalent or similar tax imposed outside the United Kingdom.

1.2 In this agreement:

1.2.1 headings are included for convenience only and shall have no effect on interpretation;

1.2.2 a reference to a ‘party’ includes that party’s successors and permitted assigns;

1.2.3 a reference to a ‘person’ includes a natural person, corporate or unincorporated body (in each case whether or not having separate legal personality) and that person’s personal representatives, successors and permitted assigns;

1.2.4 words in the singular include the plural and vice versa;

1.2.5 any words that follow ‘include’, ‘includes’, ‘including’, ‘in particular’ or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words;

1.2.6 a reference to any legislation or legislative provision is a reference to it as amended, extended, re-enacted or consolidated from time to time.

1.3 Any obligation of the Supplier under the Agreement to comply or ensure compliance by any person or the Services with any law shall be limited to compliance only with laws within the Territory as generally applicable to businesses and to providers of software as a service solutions. Such obligations shall not be construed to create any obligation on the Supplier (or anyone acting on its behalf) or any part of the Services to comply with any laws or regulations which apply solely to specific commercial or other activities (such as insurance, legal advice or banking or other professional services) or which apply solely to a specific commercial or non-commercial sector (or part thereof) (such as the public, legal, accountancy, actuarial, insurance, banking or financial service sectors).

2 Legal documents

2.1 Each set of Payment Terms entered into by you form a separate agreement that incorporates the rights and obligations in this Agreement, as well as the rights and obligations in the Subscribed Service Specific Terms for the relevant Services, the Data Protection Addendum and any policies referred to in either this Agreement, the Subscribed Service Specific Terms or the Payment Terms themselves.

2.2 If there is any inconsistency in the rights and obligations set out in the Agreement and/or the documents referred to in them the following order of priority shall prevail (in descending order of priority):

2.2.1 the Payment Terms;

2.2.2 the Subscribed Service Specific Terms;

2.2.3 the Data Protection Addendum;

2.2.4 any policies referred to in this Agreement, the Subscribed Service Specific Terms or the Payment Terms;

2.2.5 this Agreement.

2.3 Subject to the order of precedence set out at clause 2.2, later versions of the documents listed at that clause will take priority over earlier versions if there is any conflict or inconsistency between them.

3 System requirements

3.1 The Subscribed Services require the following technical specifications to operate correctly (which the Customer shall ensure it complies with):

3.1.1 Internet connection (56 Mbps or faster recommended);

3.1.2 A modern web browser (released in 2024 or later recommended).

4 Rights of access and use

4.1 Subject to the terms of this Agreement and payment of the Fees in accordance with the Payment Terms, we hereby grant to you a limited, non-exclusive, non-transferable, non-sublicensable (other than as permitted under clause 4.2) right to access and use the paid for Subscribed Services for the Permitted Purpose only in the Territory and for the duration of the Subscription Period.

4.2 The rights granted at clause 4.1 include a right for you to grant sub-licences to the Authorised Users (where necessary), subject to the terms of the Agreement, including those at clause 6 of this Agreement.

5 Limitations on use

5.1 Except as expressly permitted under this Agreement or by law, you shall not:

5.1.1 use, copy, modify, adapt, correct errors, or create derivative works from, the Subscribed Services;

5.1.2 decode, reverse engineer, disassemble, decompile or otherwise translate, or make alterations to the Subscribed Services, convert the Subscribed Services, or otherwise seek to obtain or derive the source code, underlying ideas, algorithms, file formats or non-public APIs to the Subscribed Services, other than as expressly permitted under ss 50B and 296A of the Copyright Designs and Patents Act 1988 (and then only upon advance notice in writing to us);

5.1.3 assign, rent, transfer, provide or enable access, sub-licence, lease, resell, distribute, publish, broadcast, transmit, store, archive, display publicly to third parties, disclose or otherwise deal in or encumber the Subscribed Services (in each case, whether or not for charge);

5.1.4 remove or modify any copyright or similar notices, or any of the Supplier’s or any other person’s branding, that the Subscribed Services causes to be displayed when used;

5.1.5 access or use the Subscribed Services, or permit them to be accessed or used, by or on behalf of any third party, otherwise than for the Permitted Purpose;

5.1.6 interfere with any license key mechanism in the Subscribed Services or otherwise attempt to circumvent or interfere with any security features of the Subscribed Services or mechanisms intended to limit your use; or

5.1.7 make the Subscribed Services available over a network or any other method of remote access, or facilitate the same.

5.2 Access and use of the Subscribed Services shall be limited to the Permitted Usage Rights only. Each permitted Authorised User may access and use the Subscribed Services simultaneously on a maximum of [one] device owned or operated by them.

5.3 You shall not exceed the Permitted Usage Rights and you acknowledge that you shall be required, without prejudice to any other rights or remedies to which we may be entitled, to pay us in accordance with the provisions of clause 6.4.

5.4 You shall access and use the Subscribed Services at all times in accordance with any instructions or user guidance and all other terms of this Agreement.

5.5 You shall notify us in writing as soon as you become aware of any actual or suspected unauthorised use of the Subscribed Services (including any use in excess of the Permitted Usage Rights).

6 Authorised Users

6.1 You shall ensure that only Authorised Users use the Subscribed Services, and that such use is at all times in accordance with the Agreement. You shall ensure that Authorised Users are, at all times while they have access to the Subscribed Services, the employees, contractors or end customers of the Customer.

6.2 You shall keep a list of all Authorised Users and shall notify the Supplier of such list upon request.

6.3 You shall ensure that the number of Authorised Users for each Subscribed Service does not exceed the Permitted Usage Rights and the purchased number of Authorised Users for the relevant Subscribed Service at any time. You may remove one individual as an Authorised User and replace them with another individual in accordance with the terms of the Agreement, but Authorised User accounts cannot be shared or used by more than one individual at the same time.

6.4 Without prejudice to any other right or remedy we may have, in the event that you are in breach of clause 6.3 then you shall be liable to pay for the number of Authorised Users above the purchased number of Authorised Users as agreed in the Payment Terms for that Subscribed Service for the relevant period, in accordance with our Standard Pricing Terms.

6.5 You shall:

6.5.1 be liable for the acts and omissions of the Authorised Users as if they were your own;

6.5.2 only provide Authorised Users with access to the Services via invitation and shall not provide access to (or permit access by) anyone other than an Authorised User; and

6.5.3 procure that each Authorised User is aware of, and complies with, the obligations and restrictions imposed on you under this Agreement.

6.6 You shall (and shall ensure all Authorised Users shall) at all times comply with the End User Terms and all other provisions of this Agreement.

6.7 Clauses 6.5 to 6.7 (inclusive) shall survive termination or expiry of the Agreement.

7 Indemnity

7.1 YOU SHALL INDEMNIFY, KEEP INDEMNIFIED AND HOLD HARMLESS US FROM AND AGAINST ANY LOSSES, CLAIMS, DAMAGES, LIABILITY, DATA PROTECTION LOSSES (AS DEFINED IN THE DATA PROTECTION ADDENDUM), COSTS (INCLUDING LEGAL AND OTHER PROFESSIONAL FEES) AND EXPENSES INCURRED BY US, OUR AFFILIATES, RESPECTIVE OFFICERS, DIRECTORS AND/OR EMPLOYEES AS A RESULT OF YOUR BREACH OF THIS AGREEMENT.

7.2 THIS CLAUSE 7 SHALL SURVIVE TERMINATION OR EXPIRY OF THIS AGREEMENT.

8 Support

8.1 Support services shall be available for each paid for Subscribed Service for the duration of the Subscription Period, to the extent and in the manner specified in the relevant Subscribed Service Specific Terms.

8.2 We shall use reasonable endeavours to make the Services available in accordance with our published service availability targets (if any). You acknowledge that no service levels or availability commitments are guaranteed and that service credits are not offered in respect of any downtime, performance issue or failure to meet any target.

8.3 We shall use reasonable endeavours to provide advance notice of scheduled maintenance that may affect availability of the Services. You acknowledge that advance notice may not be possible in the event of emergency maintenance, security issues, third-party failures or Force Majeure events.

8.4 You acknowledge that the Services do not include:

8.4.1 any services, systems or equipment required to access the internet (and that you are solely responsible for procuring access to the internet and for all costs and expenses in connection with internet access, communications, data transmission and wireless or mobile charges incurred by it in connection with use of the Services);

8.4.2 data back up or disaster recovery facilities (and the Customer shall ensure it at all times maintains backups of all Customer Data) according to its requirements; or

8.4.3 legal, accounting or other professional or regulated services and that, except as expressly stated in this Agreement, no assurance is given that the Services will comply with or satisfy any legal or regulatory obligation of any person.

8.5 Support services are limited to assistance with use of the Services and do not extend to support for incentive-specific terms, third-party products or services, or issues arising from Customer-configured incentive programs.

9 Changes to services and terms

9.1 We may at our absolute discretion make, and notify you of, updated versions of the documents referred to in clause 2.1 or other documents referred to in any part of this Agreement (excluding in each case the Payment Terms) (New Versions) from time to time by notifying you of such update by e-mail (together with a copy of the update or a link to a copy of the update) or by any other means which we elect]. New Versions will replace the preceding version of the same document(s) for the purposes of the Agreement from the date ten Business Days after they are published on the Supplier’s platform (or at such later date as we may specify).We shall comply with our related obligations in the Data Protection Addendum (available here).

9.2 You acknowledge that, subject to the provisions of this clause, we are entitled to modify the features and functionality of the Services and may also establish new limitations on the Subscribed Services (or any part), including to the volume of data which may be used, stored or transmitted in connection with the Subscribed Service, access to application programming interfaces and changes to data retention periods. Changes that we introduce under this clause shall be introduced via a New Version and any modification shall not materially adversely affect the use of the relevant Subscribed Service(s) by our customers generally. We shall comply with our related obligations in the Data Protection Addendum.

10 Records and audit

10.1 During the Subscription Period and for seven years thereafter, you shall maintain accurate and complete records of the Customer’s and its Authorised Users’ access and usage of the Subscribed Services under the Agreement including:

10.1.1 the number of Authorised User accounts that you have purchased; and

10.1.2 the identity of any Authorised Users.

10.2 You shall allow and procure for the Supplier (and any authorised representatives of the Supplier) access to audit (and take copies of) the relevant records of the Customer and the Authorised Users, to the extent necessary (and legally permitted in the circumstances) to verify that the access and use of the Subscribed Services is in accordance with this Agreement.

10.3 Unless otherwise agreed in writing, the inspections and audits referred to in clause 10.2 shall be undertaken:

10.3.1 during your normal business hours on Business Days;

10.3.2 subject to the provision by us of a minimum of five Business Days’ notice; and

10.3.3 not more than twice in any calendar year during the Subscription Period.

10.4 You shall, at your own cost, provide all reasonable assistance and co-operation to us in conducting any inspection or audit undertaken under this clause 10. We will comply with your reasonable directions to minimise disruption to your business and to safeguard the confidentiality of the Customer Data.

10.5 At the Supplier’s request from time to time the Customer shall promptly (and in any event within two Business Days of such request) provide the Supplier with copies of the records referred to in clause 10.1.

10.6 The Supplier may monitor, collect, store and use information on the use and performance of the Services (including Customer Data) to detect threats or errors to the Services and/or Supplier’s operations and for the purposes of the further development and improvement of the Supplier’s services, provided that such activities at all times comply with the Privacy Policy.

10.7 The provisions of this clause 10 shall survive termination or expiry of this Agreement for a period of 12 months.

11 Warranty

11.1 We warrant that:

11.1.1 each Subscribed Service will operate materially in accordance with its description (maintained and published here https://incentivizer.ai/pricing/) when used in accordance with this Agreement under normal use and normal circumstances during the Subscription Period; and

11.1.2 we will provide each of the Services with reasonable care and skill.

11.2 If you receive any Update or Upgrade of the Subscribed Services under this Agreement, such Update or Upgrade will be covered under the warranty at clause 11.1.

11.3 If there is a breach of the warranty in clause 11.1, provided that you notify us in writing within ten Business Days of the date you ought reasonably have become aware of the breach, we will, at our option:

11.3.1 use reasonable endeavours to rectify the breach within a reasonable time; or

11.3.2 terminate this Agreement in which case you will be entitled to a refund pursuant to the Payment Terms

To the maximum extent permitted by law, this clause 11.3 sets out the Customer’s sole and exclusive remedy (however arising, whether in contract, negligence or otherwise) for any breach of any of the warranties in clause 11.1.

11.4 The warranty in clause 11.1 is subject to the limitations and exclusions set out in clause 15. In addition, the warranty shall not apply to the extent that any error in the Subscribed Services arises as a result of:

11.4.1 incorrect access or use of the Subscribed Services by the Customer or any Authorised User;

11.4.2 access to or use of the Subscribed Services by the Customer or any Authorised User other than for the purposes for which it is intended;

11.4.3 modification or alteration of the Subscribed Services without our written consent;

11.4.4 access or use of the Subscribed Services with other software or on equipment with which it is incompatible;

11.4.5 attempted repair, rectification or maintenance by any person other than the Supplier or a third party authorised by the Supplier;

11.4.6 failure to install any Update or Upgrade recommended and made available by us; or

11.4.7 any Relief Event.

11.5 You acknowledge that we do not give any term, warranty, condition or representation and do not accept any liability (howsoever arising whether under contract, tort, in negligence or otherwise) in relation to:

11.5.1 the Subscribed Services meeting the Customer’s individual needs or business requirements, whether or not such needs or requirements have been communicated to us;

11.5.2 the Subscribed Services operating in a manner which is uninterrupted or free from minor errors or defects; or

11.5.3 the Subscribed Services being compatible with any software or with any particular hardware.

11.6 Subject to clause 15.5, the provisions of clauses 11.3 and 13.6 set out the Customer’s sole and exclusive remedy (howsoever arising, whether in contract, tort, negligence or otherwise) for any breach of clause 11.1 or for any other error or defect in, defective performance or inability to use the Subscribed Services or any part of them.

11.7 Other than as set out in this clause 11, and subject to clause 15.5, all warranties, conditions, terms, undertakings or obligations whether express or implied and including any implied terms relating to quality, fitness for any particular purpose, reasonable care and skill or ability to achieve a particular result are excluded to the fullest extent allowed by applicable law.

12 Your responsibilities

12.1 You shall (and shall ensure all Authorised Users shall) at all times comply with all applicable laws relating to the use or receipt of the Services, including laws relating to privacy, data protection and use of systems and communications.

13 Intellectual Property Rights

13.1 The Customer acknowledges that all Intellectual Property Rights in the Services are owned by or licensed to the Supplier, that the right to access and use the Subscribed Services is licensed (not sold) to the Customer and that the Customer shall have no other rights other than those granted under the terms of this Agreement. For the avoidance of doubt, the Customer shall have no right to access the Subscribed Services in source code form. To the extent that the Customer, any of its Affiliates or any person acting on its or their behalf acquires any Intellectual Property Rights in any part of the Services, the Customer shall assign or procure the assignment of such Intellectual Property Rights with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Supplier or such third party as the Supplier may elect. The Customer shall execute all such documents and do such things as the Supplier may consider necessary to give effect to this clause 13.1.

13.2 The Customer and Authorised Users may be able to store or transmit Customer Data using one or more Subscribed Services and the Subscribed Services may interact with Customer Systems. The Customer hereby grants a royalty-free, non-transferable, non-exclusive licence for the Supplier (and each of its direct and indirect sub-contractors) to use, copy and other otherwise utilise the Customer Data and Customer Systems to the extent reasonably necessary to perform or provide the Services or to exercise or perform the Supplier’s rights, remedies and obligations under the Agreement.

13.3 To the extent Third Party Software is made available to, or used by or on behalf of the Customer or any Authorised User in connection with the use or provision of any Subscribed Service, such use of Third Party Software shall be subject to any additional third party terms in accordance with clause 5.

13.4 The Supplier may use any feedback and suggestions for improvement relating to the Services provided by the Customer or any Authorised User without charge or limitation (Feedback). The Customer hereby assigns (or shall procure the assignment of) all Intellectual Property Rights in the Feedback with full title guarantee (including by way of present assignment of future Intellectual Property Rights) to the Supplier at the time such Feedback is first provided to the Supplier.

13.5 The Customer hereby waives (and shall ensure all relevant third parties have waived) all rights to be identified as the author of any work, to object to derogatory treatment of that work and all other moral rights in the Intellectual Property Rights assigned to the Supplier under this Agreement.

13.6 If the Supplier has reason to believe that a third-party claim may be (or if such a claim has been) brought by any third party alleging that the Subscribed Services infringe any Intellectual Property Rights of a third party (an IPR Claim), the Supplier may at its sole option and expense, and the Customer shall permit the Supplier to:

13.6.1 obtain the right for the Customer to continue to use the Subscribed Services; or

13.6.2 modify or replace the Subscribed Services to avoid infringement or alleged infringement without causing a material adverse impact to the Subscribed Services.

13.7 If we are unable to achieve either of the outcomes described in clause 13.6, having used reasonable endeavours, we may terminate this Agreement.

13.8 Subject to clause 15.5, the provisions of this clause 13 set out the Customer’s sole and exclusive remedy (howsoever arising, including in contract, tort, negligence or otherwise) for any IPR Claim.

13.9 This clause 13 shall survive the termination or expiry of this Agreement.

14 Relief

To the maximum extent permitted by law, we shall not be liable (under any legal theory, including negligence) for any breach, delay or default in the performance of the Agreement to the extent the same (or the circumstances giving rise to the same) arises or was contributed to by any Relief Event.

15 Limitation of liability

15.1 THE EXTENT OF THE SUPPLIER’S LIABILITY UNDER OR IN CONNECTION WITH THIS AGREEMENT (REGARDLESS OF WHETHER SUCH LIABILITY ARISES IN TORT, CONTRACT OR IN ANY OTHER WAY AND WHETHER OR NOT CAUSED BY NEGLIGENCE OR MISREPRESENTATION) SHALL BE AS SET OUT IN THIS CLAUSE 15.

15.2 SUBJECT TO CLAUSES 15.3 AND 15.5, THE SUPPLIER’S TOTAL AGGREGATE LIABILITY HOWSOEVER ARISING UNDER OR IN CONNECTION WITH THIS AGREEMENT SHALL NOT EXCEED THE GREATER OF:

15.2.1 AN AMOUNT EQUAL TO THE FEES PAID TO THE SUPPLIER BY THE CUSTOMER IN THE 12-MONTH PERIOD IMMEDIATELY PRECEDING THE INCIDENT FIRST GIVING RISE TO ANY CLAIM UNDER THIS AGREEMENT; OR

15.2.2 AN AMOUNT EQUAL TO 12 TIMES THE FEES DUE OR PAID TO THE SUPPLIER FOR THE FIRST MONTH OF THE SUBSCRIPTION PERIOD.

15.3 SUBJECT TO CLAUSE 15.5, THE SUPPLIER SHALL NOT BE LIABLE FOR CONSEQUENTIAL, INDIRECT OR SPECIAL LOSSES.

15.4 SUBJECT TO CLAUSE 15.5, THE SUPPLIER SHALL NOT BE LIABLE FOR ANY OF THE FOLLOWING (WHETHER DIRECT OR INDIRECT):

15.4.1 LOSS OF PROFIT;

15.4.2 LOSS OF REVENUE;

15.4.3 LOSS OR CORRUPTION OF DATA;

15.4.4 LOSS OR CORRUPTION OF SOFTWARE OR SYSTEMS;

15.4.5 LOSS OR DAMAGE TO EQUIPMENT;

15.4.6 LOSS OF USE;

15.4.7 LOSS OF PRODUCTION;

15.4.8 LOSS OF CONTRACT;

15.4.9 LOSS OF COMMERCIAL OPPORTUNITY;

15.4.10 LOSS OF SAVINGS, DISCOUNT OR REBATE (WHETHER ACTUAL OR ANTICIPATED);

15.4.11 HARM TO REPUTATION OR LOSS OF GOODWILL;

15.4.12 LOSS OF BUSINESS; AND

15.4.13 WASTED EXPENDITURE.

15.5 NOTWITHSTANDING ANY OTHER PROVISION OF THIS AGREEMENT, THE SUPPLIER’S LIABILITY SHALL NOT BE LIMITED IN ANY WAY IN RESPECT OF THE FOLLOWING:

15.5.1 DEATH OR PERSONAL INJURY CAUSED BY NEGLIGENCE;

15.5.2 FRAUD OR FRAUDULENT MISREPRESENTATION; OR

15.5.3 ANY OTHER LOSSES WHICH CANNOT BE EXCLUDED OR LIMITED BY APPLICABLE LAW.

15.6 THIS CLAUSE 15 SHALL SURVIVE THE TERMINATION OR EXPIRY OF THIS AGREEMENT.

16 Suspension

16.1 We may suspend access to the Services (or any part) to all or some of the Authorised Users if:

16.1.1 we reasonably suspect that there has been any misuse of the Services or material breach of this Agreement;

16.1.2 you fail to pay any sums due to us by the due date for payment; or

16.1.3 required by law, by court or governmental or regulatory order.

16.2 Where the reason for the suspension is suspected misuse of the Services or material breach of this Agreement, without prejudice to our rights under clause 17, we will take steps to investigate the issue and within ten Business Days notify you in writing of the outcome of the investigation, and either restore the Services or exercise our right to terminate the Agreement in accordance with 17

16.3 In relation to suspensions under clause 16.1.2, access to the Services will be restored promptly after we receive payment in full and cleared funds.

16.4 Fees shall remain payable during any period of suspension notwithstanding that you or some or all of the Authorised Users may not have access to the Services, however in cases where the investigation pursuant to clause 16.2 determines that you were not in breach, you shall be entitled to a refund of any Fees paid in advance in respect of the period of suspension.

17 Term and termination

17.1 This Agreement shall come into force on the Commencement Date and, unless terminated earlier in accordance with its terms, shall continue until there are no longer any Subscribed Service Specific Terms in force, after which it shall automatically expire.

17.2 We may terminate this Agreement at any time by giving you notice in writing if:

17.2.1 you commit a material breach of the Agreement and such breach is not remediable;

17.2.2 you commit a material breach of this Agreement which is not remedied within 10 Business Days of receiving written notice of such breach; or

17.2.3 you fail to pay any Fees due under the Payment Terms on the due date and such amount remains unpaid within 10 Business Days after you have received notification that the payment is overdue.

17.2.4 we, acting reasonably, determine, pursuant to the investigation carried out pursuant to clause 16.2 misuse of the Services or a material breach of the Agreement by you.

17.3 Any breach by you of the End User Terms or of clause 5 shall be deemed a material breach of this Agreement which is not remediable.

18 Consequences of termination

18.1 On termination or expiry of the Agreement (for any reason):

18.1.1 the licences and rights granted by us shall immediately terminate and you shall (and, if applicable, shall procure that each Authorised User shall) immediately stop accessing and using the Subscribed Services;

18.1.2 we may delete or suspend access to any accounts that you hold with us and any Authorised User accounts;

18.1.3 you are not entitled to a refund or other payment, except as otherwise stated in this Agreement or the relevant Payment Terms; and

18.1.4 Customer Data will be treated in accordance with clause 19.6.

18.2 You shall be responsible for backing up your data regularly and extracting it from the Subscribed Services prior to the termination or expiry of the Agreement. We shall not be obliged to provide you with any assistance in extracting or recovering data whether during or after the Subscription Period.

18.3 Termination or expiry of this Agreement shall not affect any accrued rights and liabilities of either party at any time up to the date of termination or expiry and shall not affect any provision of the Agreement that is expressly or by implication intended to continue beyond termination.

19 Customer Data

19.1 Customer Data shall at all times remain the property of you or your licensors.

19.2 Except to the extent the Supplier has direct obligations under data protection laws and/or the Data Protection Addendum, the Customer acknowledges that the Supplier has no control over any Customer Data hosted as part of the provision of the Services and may not actively monitor or have access to the content of the Customer Data. The Customer shall ensure (and is exclusively responsible for) the accuracy, quality, integrity and legality of the Customer Data and that its use (including use in connection with the Service) complies with all applicable laws and Intellectual Property Rights.

19.3 If the Supplier has a reasonable belief that any Customer Data does not comply with the End User Terms the Supplier shall have the right to (in respect only of that part of Customer Data which is not compliant, where it is possible to isolate this):

19.3.1 permanently delete or otherwise remove the relevant Customer Data from the Services;

19.3.2 suspend access to the relevant Customer Data from the Services in accordance with clause 16; and/or

19.3.3 disclose Customer Data to law enforcement authorities (in each case without the need to consult the Customer).

Where reasonably practicable and lawful the Supplier shall notify the Customer before taking such action.

19.4 Except as otherwise expressly agreed in the Agreement or required by Applicable Law, the Supplier shall not be obliged to provide the Customer with any assistance in extracting, transferring or recovering any data (including Customer Data) whether during or after the Subscription Period. The Customer acknowledges and agrees that it is responsible for maintaining safe backups and copies of any Customer Data, including as necessary to ensure the continuation of the Customer’s business. The Customer shall, without limitation, ensure that it backs up (or procures the back up of) all Customer Data regularly (in accordance with its and its Authorised User’s needs) and extracts it from each Subscribed Service prior to the termination or expiry of the Agreement or the cessation or suspension of any of the Services where it has received notice from the Supplier of the same.

19.5 The Supplier routinely undertakes regular backups of the Subscribed Services (which may include Customer Data) for its own business continuity purposes. The Customer acknowledges that such steps do not in any way make the Supplier responsible for ensuring the Customer Data does not become inaccessible, damaged or corrupted. To the maximum extent permitted by applicable law, the Supplier shall not be responsible (under any legal theory, including in negligence) for any loss of availability of, or corruption or damage to, any Customer Data.

19.6 Unless otherwise set out in the Payment Terms, the Subscribed Service Specific Terms or subsequently agreed by the parties in writing, the Customer hereby instructs that the Supplier shall within 60 days of the end of the provision of the Services (or any part) relating to the processing of the Customer Data securely dispose of such Customer Data processed in relation to the Services (or any part) which have ended (and all existing copies of it) except to the extent that any applicable laws requires the Supplier to store such Customer Data. The Supplier shall have no liability (howsoever arising, including in negligence) for any deletion or destruction of any such Customer Data undertaken in accordance with the Agreement.

20 Confidentiality and security of Customer Data

21.1 The Supplier shall maintain the confidentiality of the Customer Data in accordance with the provisions of clause 21 and shall not without the prior written consent of the Customer use, copy or disclose the Customer Data other than as necessary for the performance of the Subscribed Services or in accordance with its express rights and obligations under this Agreement or the Data Protection Addendum.

21 Confidential Information

21.1 Each party (the Receiving Party) shall:

21.1.1 keep confidential any information that is confidential in nature concerning the other party and/or its Affiliates (including (to the extent confidential) any details of its business, affairs, customers, clients, suppliers, plans or strategy) which is provided or made available by the other party to the Receiving Party under or in connection with this Agreement (Confidential Information); and

21.1.2 not use, or disclose to any person, the other party’s Confidential Information, except as permitted by clause 21.2;

21.2 The Receiving Party may:

21.2.1 subject to clause 21.4, disclose any Confidential Information to any of its employees, officers, representatives, subcontractors or advisers (Representatives) who need to know the relevant Confidential Information for the purposes of the performance of any obligations under this Agreement, provided that the Receiving Party must ensure that each of its Representatives to whom Confidential Information is disclosed is aware of its confidential nature and agrees to comply with this clause 21 as if it were the Receiving Party

21.1.2 disclose any Confidential Information as may be required by law, any court, any governmental, regulatory or supervisory authority (including any securities exchange) or any other authority of competent jurisdiction to be disclosed; and

21.2.3 subject to clause 21.4, use Confidential Information only to the extent reasonably necessary to perform its obligations under this Agreement

21.3 Each party recognises that any breach or threatened breach of this clause 21 may cause irreparable harm for which damages may not be an adequate remedy. Accordingly, in addition to any other remedies and damages, the parties agree that the non-defaulting party may be entitled to the remedies of specific performance, injunction and other equitable relief without proof of special damages.

21.4 To the extent that any Confidential Information is personal data, such Confidential Information may be disclosed or used only to the extent that such disclosure or use does not conflict with the Data Processing Addendum.

21.5 The obligations under this clause and clause 20 above shall survive the variation, expiry or termination of this Agreement for a period of two years thereafter.

22 Publicity

We may identify you by name and logo as a customer of the Services in our marketing and promotional materials in accordance with its standard marketing practices, unless you notify us in writing that you object to such use.

23 Entire agreement

23.1 This Agreement and any descriptions of the Services made available by the Supplier, constitute the entire agreement between the parties and supersede all previous agreements, understandings and arrangements between them in respect of its subject matter, whether in writing or oral.

23.2 Each party acknowledges that it has not entered into this Agreement in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in this Agreement.

23.3 Nothing in the Agreement shall limit or exclude any liability for fraud.

24 Notices

24.1 Any notice or other communication given by a party under the Agreement shall be:

24.1.1 in writing and in English;

24.1.2 signed by, or on behalf of, the party giving it (except for notices sent by email); and

24.1.3 where sent to the Supplier, sent to the address set out in the ‘contact us’ details on the Supplier’s website at https://incentivizer.ai/contact/;

24.1.4 where sent to the Customer, sent to the address provided to us by you when you subscribed to the Service.

24.2 Notices may be given, and are deemed received:

24.2.1 by hand: on receipt of a signature at the time of delivery;

24.2.2 by Royal Mail Recorded Signed For post: at 9.00 am on the second Business Day after posting;

24.2.3 by Royal Mail International Tracked & Signed post: at 9.00 am on the fourth Business Day after posting; and

24.2.4 by email: on receipt of a delivery receipt email from the correct address.

24.3 This clause does not apply to notices given in legal proceedings or arbitration.

25 Variation

Except where provided for in clause 9, no variation of this Agreement shall be valid or effective unless it is in writing and is duly signed or executed by, or on behalf of, each party.

26 Assignment and sub-contracting

26.1 We may at any time assign, sub-contract, transfer, mortgage, charge, declare a trust of or deal in any other manner with any or all of the Supplier’s rights or obligations under this Agreement, provided that we give you prior written notice.

26.2 Except as expressly permitted by this Agreement, you shall not assign, transfer, sub-licence, mortgage, charge, declare a trust of or deal in any other manner with any or all of your rights or obligations under this Agreement (including the licence rights granted), in whole or in part, without the Supplier’s prior written consent.

27 Set off

Each party shall pay all sums that it owes to the other party under the Agreement without any set-off, counterclaim, deduction or withholding of any kind, save as may be required by law.

28 No partnership or agency

The parties are independent and are not partners or principal and agent and this Agreement does not establish any joint venture, trust, fiduciary or other relationship between them, other than the contractual relationship expressly provided for in it. Neither party shall have, nor shall represent that it has, any authority to make any commitments on the other party’s behalf.

29 Severance

29.1 If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable, the legality, validity and enforceability of any other provision of this Agreement shall not be affected.

29.2 If any provision of this Agreement (or part of any provision) is or becomes illegal, invalid or unenforceable but would be legal, valid and enforceable if some part of it was deleted or modified, the provision or part-provision in question shall apply with such deletions or modifications as may be necessary to make the provision legal, valid and enforceable. In the event of such deletion or modification, the parties shall negotiate in good faith in order to agree the terms of a mutually acceptable alternative provision.

30 Waiver

30.1 No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under this Agreement shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right, power or remedy.

31 Compliance with law

31.1 The Customer shall comply with all applicable laws and shall maintain such authorisations and approvals as required from time to time to perform its obligations under or in connection with this Agreement.

31.2 Without prejudice to the generality of clause 31.1, the Customer shall comply with all applicable laws, rules, and regulations governing export that apply to the Services and the Customer Data (or any part), and shall not export or re-export, directly or indirectly, separately or as a part of a system, the Services or the Customer Data (or any part) to, or access or use the Services or the Customer Data (or any part) in, any country for which an export licence or other approval is required, without first obtaining such licence or other approval. Without prejudice to the Supplier’s obligations under the Data Protection Addendum, the Customer shall be solely responsible for ensuring its access, importation or use of the Services and the Customer Data in or into any part of the Territory or elsewhere complies with all export laws.

32 Third party rights

A person who is not a party to this Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of its provisions.

33 Authority

Each party represents and warrants to the other that it has the right, power and authority to enter into this Agreement and grant to the other the rights (if any) contemplated in the Agreement and to perform its obligations under this Agreement.

34 Governing law and jurisdiction

34.1 This Agreement and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales.

34.2 The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, this Agreement, its subject matter or formation (including non-contractual disputes or claims).

Payment Terms

Last updated: 14 January 2026

These Payment Terms apply to customer subscriptions and payments to use the Incentivizer Service provided by Essential Communications Ltd trading as “Incentivizer”.

Subscription Payments

  1. All fees for a subscription’s billing cycle are payable in advance.
  2. Credit Card Payments:
    1. All monthly subscriptions must be paid by credit card.
    2. All monthly subscriptions incur a one off set up fee as detailed on the Pricing page.
    3. Monthly and annual subscription plans will be charged to the registered credit card at the start of each billing cycle.
    4. If payment fails, all Services will be suspended until payment is successfully processed. Customers will be notified immediately in the event of a payment failure.
  3. Annual subscriptions:
    1. Annual subscriptions may be invoiced instead of charged to a card, subject to prior agreement.
    2. Failure to pay within stated period may result in suspension of all Services.

Invoice Terms

  1. Payment terms for invoices are Net 30 days from the invoice date.
  2. For annual subscriptions, quarterly invoicing may be arranged by prior written agreement.
  3. All payments must be received within 30 days of invoice issue date to maintain uninterrupted access to Services.
  4. Customer’s end users will only be granted access to the platform once payment is received.

Cancellation

  1. A customer wishing to cancel their subscription must provide written notice of cancellation.
  2. The required notice period is 30 days for monthly subscriptions and 60 days for annual subscriptions.
  3. The subscription will remain active, and all fees will continue to apply, until the end of the applicable notice period.
  4. No refunds will be issued for any unused portion of the subscription, except as required by law or under any applicable cancellation policy.

Upgrading

  1. Customers may upgrade to a higher subscription tier at any time.
  2. The renewal date for the subscription will remain unchanged.
  3. The first payment for the upgraded subscription will be calculated on a pro-rata basis for the remainder of the current billing cycle.
  4. Thereafter, subsequent payments will be charged at the full rate for the selected billing cycle.

Downgrading

  1. To downgrade to a lower subscription tier, customers must provide written notice.
  2. The notice period is 30 days for monthly subscriptions and 60 days for annual subscriptions.
  3. The lower subscription tier will take effect at the next billing cycle payment date following the completion of the notice period.
  4. All fees for the current subscription tier will continue to apply until the downgrade becomes effective.

General Conditions

  1. Usage rights and features are governed by customer’s paid subscription plan, as detailed here.
  2. All fees are non-refundable, except as required by law or under any applicable cancellation policy.
  3. Prices are exclusive of applicable taxes, which will be added to invoices where required.
  4. Incentivizer reserves the right to suspend or terminate Services for non-payment.

Data Processing Addendum (DPA)

Last updated: 23 January 2026

This Data Processing Addendum (DPA) forms part of, and is incorporated into, the Terms of Service entered into between the Customer and the Supplier governing the provision of the Services by the Supplier to the Customer (the Agreement). This DPA applies to the extent the Supplier processes Personal Data on behalf of the Customer in connection with the Services.

Part A
Operative provisions

1 Definitions
1.1 In this DPA:

applicable lawmeans applicable law of the United Kingdom (or of a part of the United Kingdom);
Controllerhas the meaning given in applicable Data Protection Laws from time to time;
Data Protection Laws

means, as binding on either party or the Services:

(a)            the GDPR;

(b)            the Data Protection Act 2018; and

(c)            any laws that supplement, replace, extend, re-enact, consolidate or amend any of the foregoing;

Data Subjecthas the meaning given in applicable Data Protection Laws from time to time;
GDPRmeans the General Data Protection Regulation, Regulation (EU) 2016/679, as it forms part of domestic law in the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 (including as further amended or modified by the laws of the United Kingdom or of a part of the United Kingdom from time to time);
International Organisationhas the meaning given in applicable Data Protection Laws from time to time;
Personal Datahas the meaning given in applicable Data Protection Laws from time to time;
Personal Data Breachhas the meaning given in applicable Data Protection Laws from time to time;
processinghas the meaning given in applicable Data Protection Laws from time to time (and related expressions, including process, processed and processes shall be construed accordingly);
Processorhas the meaning given in applicable Data Protection Laws from time to time;
Protected Datameans Personal Data received from or on behalf of the Customer in connection with the performance of the Supplier’s obligations under the Agreement; and
Sub-Processormeans any Processor engaged by the Supplier (or by any other Sub-Processor) for carrying out any processing activities in respect of the Protected Data on behalf of the Customer.

2 Customer’s compliance with Data Protection Laws

2.1 The parties agree that the Customer is a Controller and that the Supplier is a Processor for the purposes of processing Protected Data pursuant to the Agreement.

2.2 The Customer shall, at all times, comply with all Data Protection Laws in connection with the processing of Protected Data.

2.3 The Customer shall ensure all instructions given by it to the Supplier in respect of Protected Data (including the terms of this DPA) shall at all times be in accordance with all Data Protection Laws.

2.4 Nothing in this DPA relieves the Customer of any responsibilities or liabilities under any Data Protection Laws.

2.5 Without prejudice to the generality of paragraph 2.2 of this Part A, the Customer shall ensure that it has all necessary appropriate consents and notices in place to enable the lawful transfer of Protected Data from its clients to end users to the Supplier and/or the lawful collection of the same by the Supplier for the duration and purposes of the Agreement.

3 Supplier’s compliance with Data Protection Laws

The Supplier shall process Protected Data in compliance with the obligations placed on it under Data Protection Laws and the terms of the Agreement.

4 Instructions

4.1 The Supplier shall only process (and shall ensure Supplier Personnel only process) the Protected Data in accordance with Section 1 of Part B of this DPA and the Agreement (including with regard to any transfer to which paragraph 8 of this Part A relates), except to the extent:

4.1.1 that alternative processing instructions are agreed between the parties in writing; or

4.1.2 otherwise required by applicable law (and shall inform the Customer of that legal requirement before processing, unless applicable law prevents it doing so on important grounds of public interest).

4.2 Without prejudice to paragraph 2 of this Part A, if the Supplier believes that any instruction received by it from the Customer is likely to infringe the Data Protection Laws it shall promptly inform the Customer and be entitled to cease to provide the relevant Services until the parties have agreed appropriate amended instructions which are not infringing. The Charges payable to the Supplier shall not be discounted or set-off as a result of any delay or non-performance of any obligation in accordance with this paragraph 4.2.

5 Security

5.1 The Supplier shall implement and maintain the technical and organisational measures set out in Section 2 of Part B of this DPA to protect the Protected Data against accidental, unauthorised or unlawful destruction, loss, alteration, disclosure or access.

5.2 The Customer confirms that it has reviewed and confirms that the measures set out in Section 2 of Part B of this DPA are appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures.

6 Sub-processing and personnel

6.1 The Customer hereby provides its prior, general authorisation for the Supplier to appoint sub-processors to process Protected Data provided that the Supplier:

6.1.1 ensures that the terms on which it appoints such sub-processors comply with Data Protection Laws and are consistent with the obligations imposed on the Supplier in this DPA;

6.1.2 remains responsible for the acts and omissions of any such sub-processors as if they were acts or omissions of the Supplier; and

6.1.3 informs the Customer of any intended changes concerning the addition or replacement of the sub-processors, thereby giving the Customer the opportunity to object to such changes provided that if the Customer objects to the changes and cannot demonstrate, to the Supplier’s reasonable satisfaction, that the objection is due to an actual or likely breach of Data Protection Laws, the Customer shall indemnify the Supplier for any losses, damages, costs (including legal fees) and expenses suffered by the Supplier in accommodating the objection.

7 Assistance

7.1 The Supplier shall (at the Customer’s cost and expense) assist the Customer in ensuring compliance with the Customer’s obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of the processing and the information available to the Supplier.

7.2 The Supplier shall (at the Customer’s cost and expense) and taking into account the nature of the processing, assist the Customer (by appropriate technical and organisational measures), insofar as this is possible, for the fulfilment of the Customer’s obligations to respond to requests for exercising the Data Subjects’ rights under Chapter III of the GDPR in respect of any Protected Data.

7.3 The Supplier shall (at the Customer’s cost and expense) refer to the Customer all requests it receives for exercising any Data Subjects’ rights under Chapter III of the GDPR which relate to any Protected Data. It shall be the Customer’s responsibility to reply to all such requests as required by applicable law.

8 International transfers

The Customer hereby provides its prior, general authorisation for the Supplier to process and/or transfer, or otherwise directly or indirectly disclose, any Protected Data in or to any country or territory outside the United Kingdom or to any International Organisation provided that the Supplier ensures that such transfers are effected in accordance with the Data Protection Legislation. For these purposes, the Customer shall promptly comply with any reasonable request of the Supplier, including any request to enter into standard contractual clauses as adopted by the UK Information Commissioner from time to time.

9 Audits and processing

The Supplier shall, in accordance with Data Protection Laws, make available to the Customer on request such information that is in its possession or control as is necessary to demonstrate the Supplier’s compliance with the obligations placed on it under this DPA and to demonstrate compliance with the obligations on each party imposed by Article 28 of the GDPR, and allow for and contribute to audits, including inspections, by the Customer (or another auditor mandated by the Customer) for this purpose (subject to a maximum of one audit request in any 12 month period under this paragraph 9).

10 Breach

The Supplier shall notify the Customer without undue delay and in writing on becoming aware of any Personal Data Breach in respect of any Protected Data.

11 Deletion/return

11.1 On the end of the provision of the Services relating to the processing of Protected Data (the Processing End Date), at the Customer’s cost and expense and the Customer’s option, the Supplier shall either return all of the Protected Data to the Customer or securely dispose of the Protected Data (and thereafter promptly delete all existing copies of it) except to the extent that any applicable law requires the Supplier to store such Protected Data. To the extent the Customer has not notified the Supplier within 30 days of the Processing End Date that it requires the return of any Protected Data the Supplier is irrevocably authorised to securely dispose of the Protected Data at the Customer’s cost and expense.

12 Survival

12.1 This DPA shall survive termination or expiry of the Agreement:

12.1.1 indefinitely in the case of paragraphs 4 and 11 of this Part A; and

12.1.2 in the case of all other paragraphs and provisions of this DPA, until the later of:

(a) the termination or expiry of the Agreement; or

(b) return or secure deletion or disposal of the last of the Protected Data in the Supplier’s (or any of its Sub-Processor’s) possession or control in accordance with the Agreement.

Part B

Data processing and security details

Section 1 – Data processing details

Processing of the Protected Data by the Supplier under the Agreement shall be for the subject-matter, duration, nature and purposes and involve the types of Personal Data and categories of Data Subjects set out in this Section 1 of this Part B

1 Subject-matter of processing:

Provision of the Incentivizer SaaS platform, including user account management, administration of incentive programs operated by the Customer, platform analytics, support services and related technical operations.

2 Duration of the processing:

For the duration of the Agreement and any applicable subscription term, plus any post-termination retention period required to comply with applicable law or as otherwise agreed in the Agreement, after which Personal Data shall be returned or securely deleted in accordance with the DPA.

3 Nature and purpose of the processing:

Processing activities include collecting, recording, organising, structuring, storing, hosting, retrieving, using, disclosing, and deleting Personal Data as necessary to:

  • provide and operate the Incentivizer platform;
  • enable Customers to configure and run incentive programs;
  • allow Authorised Users to access and use the platform;
  • manage authentication, access control, and platform security;
  • provide customer and technical support;
  • monitor platform performance, usage, and service improvement; and
  • comply with legal and regulatory obligations.

4 Type of Personal Data:

Depending on the Customer’s use of the Services, Personal Data may include:

  • identification and contact details (e.g. name, email address, username, job title);
  • account credentials and authentication data;
  • platform usage data (e.g. login activity, user actions, audit logs);
  • business and sales-related information linked to identifiable individuals;
  • communications and support request content; and
  • limited financial or commercial deal-related information entered by the Customer and Authorised Users.

5 Categories of Data Subjects:

  • Authorised Users of the Customer (including employees, contractors, partners, or invited third-party users);
  • Customer administrators and account contacts.

6 Specific processing instructions:

  • The Supplier shall process Personal Data only on documented instructions from the Customer, including as set out in the Agreement, this DPA, and the Customer’s configuration and use of the Services.
  • The Customer is responsible for determining the content of Personal Data uploaded to the platform and for ensuring that appropriate notices, consents, and lawful bases are in place.
  • The Supplier shall not use Personal Data for its own independent purposes and shall not determine the purposes or means of processing.
  • Payment processing is carried out by third-party providers (such as Stripe) acting under their own terms; the Supplier does not store or process full payment card details.

Section 2 – Minimum technical and organisational security measures

The Supplier shall implement and maintain the following technical and organisational security measures to protect the Protected Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Protected Data, including:

  1. Governance and policies
    • documented information security and data protection policies reviewed on a regular basis;
    • role-based access controls and the principle of least privilege; and
    • confidentiality obligations for all personnel with access to Protected Data.
  2. Access controls
    • unique user IDs and strong password requirements;
    • multi-factor authentication for access where appropriate; and
    • regular review and revocation of access rights.
  3. Data security
    • encryption of Protected Data in transit using industry-standard protocols (e.g. TLS);
    • encryption of Protected Data at rest where technically feasible; and
    • segregation of customer data within the platform environment.
  4. Infrastructure and network security
    • secure hosting environments with firewalls and intrusion detection/prevention controls;
    • vulnerability management, patching and regular security updates; and
    • protection against malware and unauthorised network access.
  5. Operational security and resilience
    • monitoring and logging of system access and activity;
    • incident management and response procedures, including escalation and remediation; and
    • regular backups and disaster recovery measures designed to ensure availability and integrity of data.
  6. Supplier and personnel management
    • security due diligence on sub-processors;
    • contractual security and data protection obligations imposed on sub-processors; and
    • security awareness training for relevant personnel.
  7. Testing and assurance
    • periodic testing and assessment of technical and organisational measures; and
    • remediation of identified risks in a timely manner, taking into account the nature of the data and processing.

End User Terms

Last updated: 14 January 2026

These End User Terms apply to your use of the Service provided by Essential Communications Ltd trading as “Incentivizer”. You are accessing the Service under the authority of an Incentivizer customer that holds an active subscription with Incentivizer. The Service enables the collection, processing and sharing of business, incentive-related and related transactional information for the purpose described in the Incentivizer documentation and the relevant customer configuration from time to time (the Permitted Purpose).

  1. In consideration of you agreeing to comply with these End User Terms, and because the Incentivizer customer with an active subscription has allowed you to use the Service under that subscription, Incentivizer grants you a limited, non-exclusive and non-transferable sub-license to access and use the Service for the Permitted Purpose.
  2. By clicking agree, you confirm that you are authorised by the Incentivizer customer to use the Service under their subscription and that you agree to these End User Terms.
  3. You agree to provide accurate, complete and up-to-date information when registering for and using the Service, and to promptly update such information where it changes.
  4. You may use the Service solely for lawful business purposes connected with your participation in incentive programs made available to you by the relevant Incentivizer customer, and strictly in accordance with the Permitted Purpose.
  5. You are responsible for all access to the Service using your Internet connection, even if the access is by another person. You are responsible for safeguarding your login credentials at all times and for all activity carried out through your account, whether authorised by you or not.
  6. Your permission to use the Service is personal to you and non-transferable, and you may not use the Service for your own commercial purposes. Your use of the Service is conditional on your compliance with the rules of conduct set out in these End User Terms and, except as set out in these End User Terms or as permitted by local law, you agree that you will not:
    • misrepresent your eligibility for, or entitlement to, any incentive, or submit false, misleading or inaccurate claims in connection with any incentive program;
    • use the Service for any fraudulent or unlawful purpose;
    • use the Service to defame, abuse, harass, stalk, threaten or otherwise violate the rights of others, including without limitation others’ privacy rights or rights of publicity;
    • impersonate any person or entity, falsely state or otherwise misrepresent your affiliation with any person or entity in connection with the Service; or express or imply that Incentivizer endorses any statement you make;
    • interfere with or disrupt the operation of the Service or the servers or networks used to make the Service available; or violate any requirements, procedures, policies or regulations of such networks;
    • transmit or otherwise make available in connection with the Service any virus, worm, Trojan horse or other computer code that is harmful or invasive or may or is intended to damage the operation of, or to monitor the use of, any hardware, software, or equipment;
    • duplicate, copy, sell, resell, reproduce or otherwise exploit for any commercial purposes, any portion of, use of, or access to the Service other than what is needed for normal use or for back up or security;
    • modify, adapt, translate, screen scrape, develop, create any derivative work, reverse engineer, decompile or disassemble any portion of the Service or aggregate data from the Service, or attempt to do so;
    • access any part of the Service for the purpose of creating a product or service that competes with the Service;
    • remove any copyright, trade mark or other proprietary rights notice from the Service or materials originating from the Service;
    • create a database by systematically downloading and storing Service content;
    • use any manual or automatic device in any way to gather Service content or reproduce or circumvent the navigational structure or presentation of the Service without our express prior written consent; or
    • share your access credentials with anyone else or allow another person to use your account.

    Incentivizer reserves the right to revoke these exceptions either generally or in specific instances.

  7. You are responsible for ensuring that your use of the Service and participation in any incentive program complies with all applicable laws and regulations and any internal policies of the relevant Incentivizer customer and your employer, including (where applicable) anti-bribery, corruption, gifts and hospitality or similar compliance policies.
  8. All intellectual property rights in the Service belong to Incentivizer or its licensors. The Service is licensed to you, not sold. You have no rights other than the right to use the Service in line with these End User Terms.
  9. The Service may provide links to other websites and online resources. Incentivizer is not responsible for and does not endorse such external sites or resources. Your use of third party websites and resources is at your own risk.
  10. Incentivizer will use reasonable efforts to ensure that the Service is available at all times. However, Incentivizer cannot guarantee that the Service or any individual function or feature of the Service will always be available and/or error free. In particular, the Service may be unavailable during periods when Incentivizer is implementing upgrades to or carrying out essential maintenance on the Service.
  11. You agree that You use the Service on an as is basis. All warranties, conditions and terms, whether express or implied, including any implied terms about quality, fitness for a purpose, completeness, accuracy of any content made available or ability to achieve a specific result, and any liability to you, whether arising under these End User Terms or otherwise in connection with your use of the Service, are excluded to the fullest extent allowed by law.
  12. The foregoing is a comprehensive limitation of liability that applies to all damages of any kind, including (without limitation) compensatory, direct, indirect or consequential damages, loss of data, income or profit, loss of or damage to property and claims of third parties. Notwithstanding the foregoing and except for liability that cannot be excluded by law, including liability for death or personal injury caused by negligence or for fraud, Incentivizer excludes all liability to you that arises from your use of the Service.
  13. Incentivizer may amend these End User Terms at any time by posting an update on https://incentivizer.ai or by email or other communication method. Your continued use of the Service means you accept and agree to be bound by the amended End User Terms. You can determine when Incentivizer last changed these End User Terms by referring to the “Last updated” statement above.
  14. Incentivizer may use any data you input into the Service for research, benchmarking, product development, service improvement, insights and other commercial or development purposes. Any public disclosure will only be in anonymised and aggregated form. Incentivizer will not publicly disclose any personal data within your data or use it for any purpose other than providing the Service under these End User Terms (and any subscription, as applicable).
  15. Incentivizer reserves the right to monitor use of the Service to assess compliance with these End User Terms and may investigate suspected breaches. Incentivizer may report unlawful activity to the relevant customer, regulators or law enforcement authorities where required or appropriate.
  16. If you breach any part of these End User Terms, Incentivizer may suspend your access to the Service by giving written notice.
  17. Incentivizer reserves the right to restrict your access to the Service or part of it. Access to restricted areas of the Service may be subject to registration and other conditions. If Incentivizer grants you permission to access a restricted area, Incentivizer may withdraw that permission at any time (including where you breach any of these End User Terms).
  18. These End User Terms are effective until terminated. Incentivizer may, at any time and for any reason, terminate your access to or use of the Service. If Incentivizer terminates your access to the Service you will not have the right to bring claims against us or our affiliates with respect to such termination. Incentivizer and its affiliates shall not be liable for any termination of your access to the Service.
  19. The Incentivizer Privacy Policy applies to any personal data you provide or input into the Service. By continuing to use the Service, you agree to Incentivizer processing your personal data as described in the Privacy Policy. The terms process and personal data have the meaning set out in the Privacy Policy.
  20. These End User Terms and any dispute that arises out of them or their subject matter, including any non-contractual disputes or claims, are governed by the laws of England and Wales. The parties submit to the exclusive jurisdiction of the English courts.

Privacy Policy

Last updated: 23 January 2026

https://incentivizer.ai/ (our website) is provided by Essential Communications Ltd trading as “Incentivizer” (‘we’, ‘our’ or ‘us’). We are the controller of personal data obtained via our website, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your personal data) in connection with your use of our website. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR).

This privacy policy is divided into the following sections:

  • What this policy applies to
  • Personal data we collect about you
  • How your personal data is collected
  • How and why we use your personal data
  • Marketing
  • Who we share your personal data with
  • How long your personal data will be kept
  • Transferring your personal data out of the UK
  • Cookies and other tracking technologies
  • Your rights
  • Keeping your personal data secure
  • How to complain
  • Changes to this privacy policy
  • How to contact us

What this policy applies to

This privacy policy relates to your use of our website only.

Throughout our website we may link to other websites owned and operated by certain trusted third parties to make additional products and services available to you. Those third party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to those third party websites, please consult their privacy policies as appropriate.

Personal data we collect about you

The personal data we collect about you depends on the particular activities carried out through our website. We will collect and use the following personal data about you:

  • your name, address, company/employer and contact information, including email address and telephone number
  • any delivery addresses specified for an order or reward
  • location data, if you choose to give this to us
  • your company billing information and transaction information
  • your company bank account and payment details
  • details of any information, feedback or other matters you give to us by phone, email, post or via social media
  • your account details, such as username and login details
  • files you upload on our website
  • your activities on, and use of, our website
  • your professional online presence, e.g. LinkedIn profile
  • information about the services we provide to you
  • your contact history and purchase history
  • information about how you use our website and technology systems
  • your responses to surveys, competitions and promotions

You must provide this personal data to use our website and the services on it unless we tell you that you have a choice.

Sometimes you can choose if you want to give us your personal data and let us use it. Where that is the case, we will tell you and give you the choice before you give the personal data to us. We will also tell you whether declining to share that personal data will have any effect on your use of our website or any services on it.

We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below.

How your personal data is collected

We collect personal data from you:

  • directly, when you enter or send us information, such as when you register with us, contact us (including via email), send us feedback, purchase products or services via our website, post material to our website and complete customer surveys or participate in competitions via our website, and
  • indirectly, such as your browsing activity while on our website; we will usually collect information indirectly using the technologies explained in the section on ‘Cookies and other tracking technologies’ below

We also collect personal data about you from other sources as follows:

  • our Payment Services provider, Stripe, and
  • our Rewards provider, Giftsenda LLC.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a proper reason e.g.:

  • where you have given consent
  • to comply with our legal and regulatory obligations
  • for the performance of a contract with you or to take steps at your request before entering into a contract, or
  • for our legitimate interests or those of a third party

A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ below).

The table below explains what we use your personal data for and why.

What we use your personal data forOur reasons
Creating and managing your account with usTo perform our contract with you or to take steps at your request before entering into a contract
Providing products and/or services to youTo perform our contract with you or to take steps at your request before entering into a contract
Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or usTo comply with our legal and regulatory obligations
Enforcing legal rights or defend or undertake legal proceedings

Depending on the circumstances:

—to comply with our legal and regulatory obligations

—in other cases, for our legitimate interests, ie to protect our business, interests and rights

Customising our website and its content to your particular preferences based on a record of your selected preferences or on your use of our website

Depending on the circumstances:

—your consent as set by you via the cookie banner on our website —see ‘Cookies and other tracking technologies’ below

—where we are not required to obtain your consent and do not do so, for our legitimate interests, ie to be as efficient as we can so we can deliver the best service to you at the best price

If you have provided such a consent you may withdraw it at any time by changing your preferences via the cookie banner on our website (this will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn)

Retaining and evaluating information on your recent visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive or to check our website is working as intended

Depending on the circumstances:

—your consent as set by you via the cookie banner on our website —see ‘Cookies and other tracking technologies’ below

—where we are not required to obtain your consent and do not do so, for our legitimate interests, ie to be as efficient as we can so we can deliver the best service to you at the best price

If you have provided such a consent you may withdraw it at any time by changing your preferences via the cookie banner on our website (this will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn)

Communications with you not related to marketing, including about changes to our terms or policies or changes to the products and/or services or other important notices

Depending on the circumstances:

—to comply with our legal and regulatory obligations

—in other cases, for our legitimate interests, ie to be as efficient as we can so we can deliver the best service to you at the best price

Protecting the security of systems and data used to provide the services

To comply with our legal and regulatory obligations

We may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests, ie to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us

Statistical analysis to help us understand our customer baseFor our legitimate interests, ie to be as efficient as we can so we can deliver the best service to you at the best price
Updating and enhancing customer records

Depending on the circumstances:

—to perform our contract with you or to take steps at your request before entering into a contract

—to comply with our legal and regulatory obligations

—where neither of the above apply, for our legitimate interests, eg making sure that we can keep in touch with our customers about existing orders and new products

Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business, e.g. to record and demonstrate evidence of your consents where relevantTo comply with our legal and regulatory obligations
Marketing our services to existing and former customers

For our legitimate interests, ie to promote our business to existing and former customers

See ‘Marketing’ below for further information

To share your personal data with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency

In such cases information will be anonymised where possible and only shared where necessary

Depending on the circumstances:

—to comply with our legal and regulatory obligations

—in other cases, for our legitimate interests, ie to protect, realise or grow the value in our business and assets

How and why we use your personal data-sharing

See ‘Who we share your personal data with’ for further information on the steps we will take to protect your personal data where we need to share it with others.

Marketing

We will use your personal data to send you updates (by email, text message, telephone or post) about our products and/or services, including exclusive offers, promotions or new products and/or services.

We have a legitimate interest in using your personal data for marketing purposes (see above ‘How and why we use your personal data’). This means we do not need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

You have the right to opt out of receiving marketing communications at any time by:

We may ask you to confirm or update your marketing preferences if you ask us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.

For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.

Who we share your personal data with

We routinely share personal data with:

  • third parties we use to help deliver our products and/or to you, e.g. payment service providers, warehouses and delivery companies
  • other third parties we use to help us run our business, e.g. marketing agencies or website hosts and website analytics providers

We or the third parties mentioned above occasionally also share personal data with:

  • our and their external auditors, e.g. in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations
  • our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations
  • law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations
  • other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised, but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations

Who we share your personal data with—further information

If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).

How long your personal data will be kept

We will not keep your personal data for longer than we need it for the purpose for which it is used. Different retention periods apply for different types of personal data. To understand more, please contact us (see ‘How to contact us’ below).

Transferring your personal data out of the UK

Countries outside the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.

It is sometimes necessary for us to transfer your personal data to countries outside the UK. In those cases we will comply with applicable UK laws designed to ensure the privacy of your personal data.

We will transfer your personal data to our service providers located outside of the UK in Europe and the USA. Under data protection laws, we can only transfer your personal data to a country outside the UK where:

  • the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of UK GDPR. A list of countries the UK currently has adequacy regulations in relation to is available here.
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
  • a specific exception applies under relevant data protection law

Where we transfer your personal data outside the UK we do so on the basis of an adequacy regulation or (where this is not available) or legally-approved standard data protection clauses recognised or issued further to Article 46(2) of UK GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.

Any changes to the destinations to which we send personal data or in the transfer mechanisms we rely on to transfer personal data internationally will be notified to you in accordance with the section on ‘Changes to this privacy policy’ below.

Transferring your personal data out of the UK—further information

If you would like further information about data transferred outside the UK, please contact us (see ‘How to contact us’ below).

Cookies and other tracking technologies

A cookie is a small text file which is placed onto your device (eg computer, smartphone or other electronic device) when you use our website. We use cookies on our website. These are used to recognise you as a user, to track your current visit and how you navigate the site, so we can enhance your user experience. We also store your data to record information about your preferences or past actions.

For further information on our use of cookies and other tracking technologies, when we will request your consent before placing them and how to disable them, please see our Cookie Policy.

Your rights

You generally have the following rights, which you can usually exercise free of charge:

Access to a copy of your personal data

The right to be provided with a copy of your personal data

A more detailed explanation of this right under UK law is available here

Correction (also known as rectification)

The right to require us to correct any mistakes in your personal data

A more detailed explanation of this right under UK law is available here

Erasure (also known as the right to be forgotten)

The right to require us to delete your personal data—in certain situations

A more detailed explanation of this right under UK law is available here

Restriction of use

The right to require us to restrict use of your personal data in certain circumstances, eg if you contest the accuracy of the data

A more detailed explanation of this right under UK law is available here

Data portability

The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party, in certain situations

A more detailed explanation of this right under UK law is available here

To object to use

The right to object:

—at any time to your personal data being used for direct marketing (including profiling)

—in certain other situations to our continued use of your personal data, eg where we use your personal data for our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims

A more detailed explanation of this right under UK law is available here

Not to be subject to decisions without human involvement

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

We do not make any such decisions based on data collected by our website

A more detailed explanation of this right under UK law is available here

The right to withdraw consents

If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time

You may withdraw consents by contacting us at privacy@incentivizer.ai and informing us.

Withdrawing a consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn

For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below). You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under UK GDPR.

If you would like to exercise any of those rights, please email us—see below: ‘How to contact us’. When contacting us please:

  • provide enough information to identify yourself (e.g. your full name, company and address) and any additional identity information we may reasonably request from you, and
  • let us know which right(s) you want to exercise and the information to which your request relates

Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine need to access it.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your personal data and other information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

How to complain

Please contact us if you have any queries or concerns about our use of your personal data (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner. They may be contacted using the details at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.

Changes to this privacy policy

We may change this privacy policy from time to time—when we make significant changes we will take steps to inform you, for example by including a prominent link to a description of those changes on our website for a reasonable period or by other means, such as email.

How to contact us

You can contact us by email at privacy@incentivizer.ai if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.

List of Sub-Processors

Last updated: 23 January 2026

Sub-ProcessorNature and Purpose of ProcessingCategories of personal dataLocation of ProcessingSecurity Measures
Evenly Odd IncInfrastructure and application hosting.Customer & End User Personal Data, created by customer and end user and stored in customer’s incentivizer.ai tenant.Germany, EU.

Two Factor Authentication.

Encryption in Transit: Data sessions are always protected with TLS 1.2 or higher protocols and 2,048-bit keys.

Encryption at Rest: Data is also encrypted when not being used, utilising encrypted storage with AES256 encryption algorithms to further protect data.

MicrosoftCloud storage, data processing, email communicationsCustomer & End User Personal Data.United Kingdom, EU.

BitLocker Drive Encryption.

Service Encryption (per-file Advanced Encryption Standard (AES) 256-bit key). Transparent Data Encryption (TDE)

Transport Layer Security (TLS/SSL).

Internet Protocol Security (IPSec).

Secure Real-Time Transport Protocol (SRTP).

Giftsenda LLCFulfilment of physical and digital rewards.End User Personal Data, including email address, delivery address and contact phone number.US.

Data is encrypted in transit and at rest using AES-256.

All communication occurs via HTTPS using TLS 1.2 or above.

Celonis, Inc.Webhooks, data transfers and automations to provision instant reward. End User Personal Data, including email address, delivery address and contact phone numberUS, Germany, EU.

Data is encrypted in transit and at rest using AES-256.

All communication occurs via HTTPS using TLS 1.2 or above.