Terms of Service 

DataSapien Terms of Service for Software as a Service Tiers  

Last Updated:  21 June 2025 
Effective Upon: Customer account creation and acceptance of these Terms. 

Contents: 

​​Master Agreement

Schedule A – Service Level Agreement (SLA) – DRAFT 

Schedule B – Pricing & Licensing 

Schedule C – Branding Guidelines 

Schedule D – Acceptable Use Policy (AUP) 

Schedule E – Data Processing Addendum (DPA) 

Master Agreement 

1. Agreement Overview 

These Terms of Service (“Agreement”) govern your use of the DataSapien Software Platform (“Software”), including the Orchestrator and SDK, provided by DataSapien Limited (“DataSapien”, “we”, “us”). 

By creating an account or using the Software, you (“Customer”, “you”, “your”) agree to be bound by this Agreement. 

2. Software & Services 

2.1 Platform Components 

  • Orchestrator: A cloud-based interface for low/no-code orchestration of the SDK (see below) functionality including APIs, data journeys, consent flows, and AI. 
  • Mobile Backend: A cloud-based API server that communicates with SDK instances  
  • SDK: A downloadable software library to be embedded into applications for enabling Private Personalisation and Zero-Shared Data, deployed on end-user devices. 

2.2 Subscription Services 

  • Access to the Orchestrator, Mobile BE and SDKs 
  • Support tier based on selected plan (Standard, Pro, or Enterprise) 
  • Optional professional services (training, onboarding, custom development), billed hourly 

Support terms are defined in Schedule A – Service Level Agreement (SLA)

3. Account Tiers 

Tier Includes 
Standard Email support, core platform access 
Pro Phone and email support during business hours 
Enterprise 24/7 support, technical account manager, and option for custom SLA via separate agreement 

4. SDK Licensing & Usage 

  • SDKs licensed in blocks of 100,000 
  • First 1,000 SDKs are free 
  • Each SDK is activated via a license key provided by DataSapien 
  • Adjustments to SDK volume require 30 days’ notice 

5. Pricing & Payment 

  • Subscription fees billed monthly in advance 
  • SDK usage and hourly services billed monthly in arrears 
  • Net 30 payment terms 
  • Late payment may result in suspension of service 

6. Intellectual Property 

  • All intellectual property rights in the DataSapien Software and related assets remain exclusively with DataSapien. No transfer or assignment of IP is implied or granted. 
  • You may not modify, sublicense, resell, reverse-engineer, or redistribute the Software or SDKs, except as explicitly permitted by this Agreement. 
  • Any jointly developed assets, adaptations, or derivative works incorporating the DataSapien platform shall be jointly scoped and governed by a separate written agreement. 
  • For clarity, any intellectual property developed independently by the Customer, including that which leverages or is built upon DataSapien technology, shall remain the sole and exclusive property of the Customer. 
  • Nothing in this clause shall prevent the Customer from independently developing, owning, or commercialising products or services that make use of permitted outputs of the DataSapien platform, provided that such use does not reverse engineer, duplicate, or disclose the proprietary workings of the DataSapien Software. 

7. Branding 

Use of the optional “DataSapien Inside” trustmark is governed by Schedule C and available via license. 

8. Privacy, Security & Data Protection 

8.1 Zero-Shared Data 

  • The Software processes personal data on-device by default 
  • End-user data is not shared with DataSapien. Data is only shared from the app the when explicitly consented as Zero Party Data 

8.2 Account Data 

  • DataSapien stores Account Data (e.g. admin info, billing, logs) securely 
  • Data is encrypted and access-controlled 

8.3 GDPR Compliance 

Customers subject to GDPR, UK GDPR, or similar data laws will have data processing governed by Schedule E – Data Processing Addendum (DPA), which includes: 

  • Role definitions 
  • Subprocessor transparency and objection rights 
  • Technical & organisational safeguards (aligned with ISO 27001 and SOC 2 Type II) 
  • Breach notification and audit rights 

9. Confidentiality 

Each party agrees to protect all confidential information shared under this Agreement. This obligation will remain in effect for five (5) years following termination. 

Obligations with respect to trade secrets survive indefinitely. 

10. Term & Termination 

  • This Agreement remains in effect until terminated. 

10.1 Termination by Customer 

  • Monthly subscriptions may be cancelled with 30 days’ notice 
  • Annual subscriptions are cancellable at the end of the then-current term 
    No refunds or credits for early termination 

10.2 Termination by DataSapien 

  • 30 days’ written notice, or immediate termination for breach, fraud, or unlawful use 

10.3 Post-Termination 

  • SDKs must be deactivated 
  • Outstanding amounts become due 
  • Key terms (e.g., IP, confidentiality, liability, privacy, indemnity) survive 

11. Acceptable Use 

You may not: 

  • Use the Software unlawfully or harmfully 
  • Bypass access controls or license mechanisms 
  • Reverse-engineer SDK components 

See Schedule D – Acceptable Use Policy

12. Business Continuity 

DataSapien maintains operational and disaster recovery protocols to support service resilience. 

13. Indemnification by DataSapien 

We will defend and indemnify you against third-party claims alleging that the Software infringes a copyright, patent, or trademark. 

Our obligations under this section are conditional upon you providing us with: 

  • (a) Prompt written notice of the claim 
  • (b) Sole control of the defense and settlement 
  • (c) Reasonable cooperation 

If needed, we may modify or replace the Software or terminate your license with a refund of unused fees. 

This obligation excludes claims caused by: 

  • Your modifications or combinations 
  • Use contrary to the Agreement 

14. Limitation of Liability 

Total liability is limited to fees paid in the 12 months preceding the claim, except for: 

  • IP infringement indemnity (Section 13) 
  • Breach of confidentiality 
  • Gross negligence or willful misconduct 
  • Liability that cannot legally be excluded 

15. Force Majeure 

Neither party is liable for delays or failures caused by events beyond their reasonable control. 

16. Feedback 

You grant DataSapien a royalty-free license to use suggestions or feedback to improve our products or services. 

17. Audit & Compliance 

  • SOC 2 and ISO 27001 documentation available under NDA 
  • Additional audit rights are defined in the DPA 

18. Governing Law & Dispute Resolution 

  • This Agreement is governed by the laws of England and Wales 
  • Disputes follow this order: 
  • Good-faith negotiation 
  • Optional non-binding mediation 
  • English courts (exclusive jurisdiction) 

19. Schedules (Incorporated by Reference) 

  • Schedule A – Service Level Agreement (SLA) 

“The SLA metrics defined herein apply to all service tiers. Customers on the Enterprise plan may negotiate a custom SLA as part of a separate Master Services Agreement.” 

  • Schedule B – SDK Pricing & Licensing 
  • Schedule C – Branding Guidelines 
  • Schedule D – Acceptable Use Policy 
  • Schedule E – Data Processing Addendum (DPA) 

20. Enterprise Engagements 

For customers requiring a custom enterprise agreement, dedicated security reviews, or planning to license more than 500,000 SDKs, please contact our sales team. These engagements are governed by a separate Master Services Agreement (MSA). 

21. Contact 

DataSapien Limited 
Monomark House, 27 Old Gloucester Street, London WC1N 3AX, UK 
Email: [Insert contact address] 

Schedule A – Service Level Agreement (SLA) – DRAFT 

This Schedule A forms part of the DataSapien Enterprise SaaS Terms of Service and defines the service levels for use of the Software provided by DataSapien Limited

Scope of This SLA 

This SLA covers: 

  • The Orchestrator (cloud-based platform) 
  • The Mobile BE (cloud-based API) 
  • Access to SDK activation services and management APIs 

This SLA does not apply to: 

  • Customer infrastructure, devices, or internet access 
  • Professional services or SDK functionality on-device 

Definition: Scheduled Downtime 

Scheduled Downtime means: 

Downtime for maintenance or system upgrades where notice is provided at least: 

  • 72 hours in advance for Standard and Pro plans 
  • Performed during off-peak hours (typically 10:00 PM – 4:00 AM GMT) 
  • Shall not exceed 4 hours per calendar month 

Scheduled Downtime is excluded from uptime calculations. 

Shared SLA Principle 

“The SLA metrics defined herein apply to all service tiers. Customers on the Enterprise plan may negotiate a custom SLA as part of a separate **Master Services Agreement (MSA).” 

Tier: Standard 
Service Metric Commitment 
  
Support Hours Monday–Friday, 9:00 AM–6:00 PM GMT 
Initial Response Time Within 1 business day for all support tickets 
Support Channels Email: support@datasapien.com 
Incident Updates Within 48 hours 
Maintenance Notice 72 hours minimum 
Tier: Pro 
Service Metric Commitment 
  
Support Hours Monday–Friday, 8:00 AM–8:00 PM GMT 
Initial Response Time Critical: within 2 business hours 
Other: within 8 hours 
Support Channels Email + Phone Support 
Incident Updates Critical: updates provided hourly 
Other: updates within 24 hours 
Maintenance Notice 72 hours minimum 
Tier: Enterprise 

Customers on the Enterprise plan are entitled to: 

  • 24/7 support availability 
  • Dedicated Technical Account Manager (TAM) 
  • Option to define bespoke metrics (RPO, RTO, Uptime, Priority Definitions) 

Specific Enterprise SLA terms are defined in the Master Services Agreement (MSA)

Contact: 
📧 sales@datasapien.com 

SLA Exclusions 

This SLA does not apply to: 

  • Issues caused by Customer hardware, network, or software 
  • Force majeure events (e.g. power outage, war, internet failure) 
  • Downtime of third-party services not operated by DataSapien 
  • SDKs used outside licensed scope or in unsupported environments 
SLA Credits 

Available only for Pro and Enterprise tiers. 

Eligibility SLA breach resulting in less than promised uptime 
Credit Cap 10% of the monthly fee for the affected service 
Claim Deadline Must be submitted within 30 days of the incident 
Exclusive Remedy Credits are the sole and exclusive remedy for SLA breach 
Change Management 

We reserve the right to update this SLA periodically. Significant changes will be communicated at least 30 days in advance. 

Schedule B – Pricing & Licensing 

This Schedule B forms part of the DataSapien Enterprise SaaS Terms of Service and outlines the subscription pricing, SDK licensing model, and billing structure applicable to the Customer’s use of the Software and Services. 

1. Account Tiers 

Plan Base Platform Fee (Monthly) Included Support 
Standard £1,000 Email support (business hours) 
Pro £10,000 Email + phone (extended hours) 
Enterprise Custom (see Section 6) 24/7 + Dedicated Technical Manager 

2. SDK Licensing & Pricing 

2.1 Licensing Model 

  • SDKs are licensed on a monthly active basis 
  • Each SDK is tied to a unique activation key for a single user device 
  • SDK usage is tracked and billed based on monthly active deployments 
  • All SDK licenses are non-transferable and managed via the DataSapien Orchestrator 

2.2 SDK Unit Pricing 

Monthly Active SDKs Unit Price (Per SDK / Month) 
1 – 100,000 £0.10 
100,001 – 500,000 £0.09 
500,001 – 1,000,000 £0.08 
1,000,001 – 3,000,000 £0.07 
3,000,001 – 6,000,000 £0.06 
6,000,001 and above £0.05 

Billing Notes: 

  • The first 1,000 monthly active SDKs are provided free of charge for each billing period 
  • SDK pricing uses graduated tiers: monthly charges are calculated by applying the relevant unit rate to the number of SDKs within each tier 
  • Charges are calculated monthly in arrears based on actual usage 

3. Billing & Payment Terms 

  • Platform fees are billed monthly in advance 
  • SDK usage fees are billed monthly in arrears 
  • SDK fees are not prorated; SDKs are billed as active if telemetry is received in the period 
  • Payment terms: Net 30 days from invoice date 

4. Upgrades, Downgrades & Term Changes 

  • Upgrades (e.g., from Standard to Pro) may be requested at any time and take effect at the next billing cycle 
  • Downgrades require 30 days’ notice and are processed at the end of the current billing period 
  • Enterprise usage commitments or custom pricing are governed under separate agreement 

5. SDK License Duration 

  • SDK licenses are active only during the billing month in which they are used 
  • SDKs not in use during a billing period are not charged 
  • SDK activation keys may be deactivated for misuse or excessive churn per the Acceptable Use Policy 

6. Enterprise Pricing & Volume Licensing 

Enterprise Customers may negotiate: 

  • Annual or multi-year platform access 
  • Custom SDK pricing tiers 
  • Committed usage discounts and payment schedules 
  • Tailored invoicing or reporting requirements 

These terms are documented in a Master Services Agreement (MSA)
📧 Contact: sales@datasapien.com 

7. Taxes 

All fees are quoted exclusive of taxes. VAT, sales tax, or other required taxes will be added based on Customer location and applicable laws. 

8. Price Changes 

DataSapien may update pricing with 60 days’ written notice. Changes apply only to SDK usage and platform fees after the notice period

9. Professional Services 

Optional services such as advanced training, onboarding, and integration support are available upon request. 

Unless otherwise agreed in a separate Statement of Work (SOW)

  • Professional services are billed at £200 per hour  
  • Minimum billing increment: 1 hour 
  • Travel, accommodation, and related expenses (if applicable) will be invoiced separately 

Schedule C – Branding Guidelines 

This Schedule C forms part of the DataSapien Enterprise SaaS Terms of Service and governs the permitted use of the DataSapien brand, including its logos, SDK attribution, and the optional “DataSapien Inside” trustmark. 

1. Licensing & Scope of Use 

You are granted a limited, non-exclusive, revocable license to use DataSapien brand assets under the following conditions: 

  • Tier 1: Pre-Approved Use (No Approval Needed) 
    You may use brand assets for the standard uses listed in Section 2, provided you adhere to these guidelines. 
  • Tier 2: Custom Use (Approval Required) 
    All other uses — including public press releases, joint marketing campaigns, advertisements, and case studies — require prior written approval from DataSapien. 

2. Pre-Approved Uses 

The following uses do not require prior approval if brand assets are used unaltered and within the styling rules defined in Section 4: 

  • In-app or on-device attribution (e.g. “Powered by DataSapien” or “DataSapien Inside”) 
  • References in user-facing help documentation or privacy notices 
  • Internal stakeholder or B2B client presentations 
  • Trust-building UX elements (e.g. privacy settings screens, onboarding flows) 

These uses must not suggest partnership, endorsement, or certification unless explicitly approved. 

3. Prohibited Uses 

You may not: 

  • Alter, distort, animate, or modify any DataSapien logo or wordmark 
  • Use the brand in your company name, product name, or domain 
  • Imply endorsement, certification, or official partnership without written agreement 
  • Display brand assets alongside illegal, misleading, or offensive content 
  • Use DataSapien brand assets in any context that disparages DataSapien, its technology, or its services 

4. Visual & Technical Guidelines 

All brand assets must: 

  • Maintain minimum clear space equal to 1× the height of the logo 
  • Use approved versions (no cropping, color inversion, or overlay effects) 
  • Follow the color and sizing rules defined at our Brand Resource Center 

You can find logos, icons, and implementation guides at: 

🔗 datasapien.com/brand-resources 

5. Messaging & Attribution 

5.1 Pre-Approved Messaging 

You may use the following approved phrases in your UI, documentation, or marketing assets: 

  • “Powered by DataSapien” 
  • “Private Personalisation by DataSapien SDK” 
  • “User data protected with DataSapien Inside” 
  • “Privacy-enhanced by DataSapien” 
  • “On-device intelligence enabled by DataSapien” 

You may not imply that DataSapien is responsible for your end-user data practices, unless your implementation has been reviewed and approved. 

6. Co-Branded Campaigns & Approvals 

If you wish to use brand assets in a joint go-to-market campaign, press release, customer case study, or advertising collateral, you must request approval via: 

📧 design@datasapien.com 

Requests should include a mockup or example of the proposed use and be submitted at least 10 business days before planned publication. 

7. Termination & Revocation 

All rights to use DataSapien branding terminate immediately upon: 

  • Expiry or termination of your Agreement 
  • Breach of these guidelines 
  • Written revocation of permission by DataSapien 

Upon termination, you must remove or disable all brand references within 7 days

Schedule D – Acceptable Use Policy (AUP) 

This Acceptable Use Policy (“AUP”) forms part of the DataSapien Enterprise SaaS Terms of Service (“Agreement”) between DataSapien Limited (“DataSapien”) and the Customer. 

By accessing or using the Software, SDKs, APIs, or services, you agree to comply with this AUP. 

1. Prohibited Conduct 

You may not use the Software or related services to: 

1.1 Illegal or Harmful Activity 

  • Transmit or store material that is illegal, defamatory, deceptive, or otherwise unlawful 
  • Publish or disseminate content that constitutes hate speech, harassment, misinformation, or incites or promotes violence 
  • Engage in or facilitate phishing, spamming, or the distribution of unsolicited bulk messages 
  • Promote or support malware, ransomware, or other malicious code 

1.2 Security Violations 

  • Attempt to gain unauthorized access to any DataSapien or third-party system, network, or data 
  • Probe, scan, or test for vulnerabilities without explicit written permission 
  • Bypass, disable, or interfere with authentication, access controls, or licensing mechanisms 

1.3 Interference with Service 

  • Disrupt, degrade, or overload platform performance 
  • Launch denial-of-service (DoS) or similar disruptive attacks 
  • Use automated systems (bots, scripts) to mine, scrape, or stress-test platform APIs 

2. SDK-Specific Restrictions 

You may not

  • Reverse engineer, decompile, or disassemble the SDK 
  • Attempt to activate SDKs without valid activation keys issued by DataSapien 
  • Redistribute SDKs to third parties without prior written consent 
  • Use SDKs outside their licensed device or agreed usage scope 

3. Data Misuse 

You are solely responsible for your relationship with your end-users. This includes providing clear, transparent notice and obtaining all necessary rights and consents for the data you process using the Software. 

You may not: 

  • Collect, process, or share personal data without a lawful basis or valid consent 
  • Mislead users about what data is being used or shared 
  • Circumvent or modify SDK defaults to extract personal insights without opt-in 
  • Attempt to bypass the Zero-Shared Data model or simulate platform impersonation 

4. Brand & Platform Integrity 

You may not: 

  • Misrepresent your use of the Software, including falsely implying affiliation, partnership, or certification by DataSapien 
  • Remove, alter, or obscure legal notices, attribution marks, or licensing information 
  • Use the Software to build or support a competing product 
  • Conduct any performance, vulnerability, or benchmark testing, or publish any analysis or comparison of the Software without prior written consent from DataSapien 

5. Enforcement & Consequences 

DataSapien may suspend or terminate your account or specific components thereof, without notice, if: 

  • This AUP is violated 
  • There is a credible security or legal risk 
  • Your use threatens the reliability or integrity of the platform 

Where appropriate, DataSapien will provide notice and an opportunity to cure violations, unless immediate action is necessary to protect systems or comply with law. 

6. Reporting Violations 

To report misuse or suspected violations of this AUP, please contact: 

Email: [Insert compliance/legal contact] 

7. Updates 

This AUP may be updated periodically. Material changes will be communicated through your registered account or displayed on our website. 

Schedule E – Data Processing Addendum (DPA) 

This Data Processing Addendum (“DPA”) forms part of the DataSapien Enterprise SaaS Terms of Service (“Agreement”) between DataSapien Limited and the Customer (each a “Party” and collectively, the “Parties”). 

This DPA applies only where DataSapien processes personal data on behalf of the Customer under the Agreement, in accordance with the UK GDPR, EU GDPR, or similar data protection laws. 

1. Definitions 

Controller: The Customer, determining the purposes and means of processing personal data. 

Processor: DataSapien, acting on behalf of the Customer in processing personal data. 

Personal Data, Data Subject, Processing, and other capitalised terms shall have the meanings given in GDPR. 

2. Roles & Scope 

DataSapien acts as a processor only for: 

Account-level data (e.g. admin user names, emails, billing contact information, and system logs) 

Metadata related to the Customer’s use of the Software 

DataSapien does not process personal data generated through SDK deployment unless explicitly configured by the Customer and agreed in writing. 

3. Customer Responsibilities 

The Customer: 

Acts as a data controller 

Confirms it has a lawful basis to collect and share personal data 

Is solely responsible for end-user disclosures and obtaining consent where required 

4. Processor Obligations 

DataSapien agrees to: 

Process personal data only on documented instructions from the Customer (including via Agreement and configuration) 

Ensure personnel are subject to confidentiality obligations 

Implement and maintain appropriate technical and organisational measures (see Section 7) 

Provide assistance to the Customer in: 

Responding to data subject rights requests 

Reporting data breaches 

Data protection impact assessments, where required 

Delete or return personal data upon termination of the Agreement, at Customer’s request 

5. Subprocessors 

5.1 Appointment 

DataSapien uses certain subprocessors for hosting and system delivery. These are listed in the DataSapien Privacy Policy. 

5.2 Notification & Objection 

DataSapien will notify the Customer 30 days before adding a new subprocessor 

The Customer may object on reasonable data protection grounds 

If unresolved, the Customer may terminate the impacted services 

6. International Transfers 

Where personal data is transferred outside the UK/EEA: 

Transfers will be subject to the Standard Contractual Clauses (SCCs) approved by the European Commission or UK ICO 

DataSapien will implement supplementary safeguards (e.g. encryption, access controls) 

7. Security Measures 

DataSapien maintains security measures appropriate to the risk, including: 

Encryption at rest and in transit 

Role-based access control 

Regular penetration testing 

Secure development practices 

SOC 2 Type II and ISO 27001-aligned procedures 

Details are available under NDA upon written request. 

8. Personal Data Breaches 

In the event of a confirmed breach affecting Customer personal data: 

DataSapien will notify the Customer without undue delay, and in any case within 48 hours 

The notice will include a description of: 

The nature and impact of the breach 

Measures taken or proposed 

Contact details for further inquiries 

9. Audit & Information Access 

DataSapien will provide documentation necessary to demonstrate compliance with this DPA 

Upon reasonable written request and subject to confidentiality, the Customer may: 

Receive security audit reports (e.g. SOC 2) 

Conduct an on-site or third-party audit (max. once per year), at Customer’s cost 

10. Duration 

This DPA remains in effect for as long as DataSapien processes personal data on behalf of the Customer under the Agreement. 

11. Precedence 

In the event of a conflict between this DPA and the Agreement, the DPA shall prevail to the extent of such conflict. 

12. Contact 

Questions or concerns related to this DPA may be directed to: 

Data Protection Officer 
DataSapien Limited 
Email: [Insert DPO or compliance contact] 

Annex 1: Details of Processing 

Subject Matter Provision of access and support services to Customer 
Duration of Processing For the term of the Agreement 
Nature of Processing Hosting, support, billing, diagnostics 
Categories of Data Account Data: name, email, billing contact info 
Data Subjects Customer staff and administrators