BillingServ Legal Policies

Last updated: 29th November 2020
Terms and Conditions

1. Definitions 
1.1 In this Agreement the following words and expressions shall have the following meanings:
1.1.1 “downtime” means any service interruption in the availability to visitors of the Website;
1.1.2 “intellectual property rights” means patents, trade marks, design rights, applications for any of the foregoing, copyright, topography rights, database rights, rights in know-how, trade or business names and other similar rights or obligations, whether registrable or not in any country;
1.1.3 “IP address” stands for internet protocol address which is the numeric address for the server;
1.1.4 “ISP” stands for internet service provider;
1.1.5 “server” means the computer server equipment operated by the Supplier in connection with the provision of the Services;
1.1.6 “the Services” means web hosting, and any other services or facilities provided by the Supplier;
1.1.7 “spam” means sending unsolicited and/or bulk emails;
1.1.8 “virus” means a computer programme that copies itself or is copied to other storage media, including without limitation
magnetic tape cassettes, memory chips, electronic cartridges, optical discs and magnetic discs, and destroys, alters or corrupts data, causes damage to the user’s files or creates a nuisance or annoyance to the user and includes without limitation computer programs commonly referred to as “worms” or “trojan horses”;
1.1.9 “visitor” means a third party who has accessed the Website;
1.1.10 “the Website” means www.BillingServ.com.
1.2 Words denoting the singular shall include the plural and vice versa and words denoting any gender shall include all genders.
1.3 The headings of the paragraphs of this Agreement are inserted for convenience of reference only and are not intended to be part of or to affect the meaning or interpretation of this Agreement.

2. Introduction 
2.2 The Supplier provides software as a service and has agreed to host the Customer’s data upon the following terms and conditions.

4. Charges and Payment 
4.1 The Customer shall pay the Charges for the Services in accordance with the Terms of Payment as specified to this Agreement.
4.2 The Charges are exclusive of VAT (EU only), which if payable shall be paid by the Customer.
4.3 The Supplier shall be entitled to charge interest in respect of late payment of any sum due under this Agreement, which shall accrue from the date when payment becomes due from day to day until the date of payment.

5. IP Adresses 
5.1 The Supplier shall maintain control and ownership of the IP address that is assigned to the Customer as part of the Services and reserves the right in its sole discretion to change or remove any and all IP addresses.
5.2 Where the Supplier changes or removes any IP address it shall use its reasonable endeavours to avoid any disruption to the Customer.

6. Software License and Rights 
6.1 If the Customer requires use of software owned by or licensed to the Supplier (“the Supplier?s software”) in order to use the Services, the Supplier grants to the Customer and its employees, agents and third party consultants and contractors, a royalty-free, world-wide, non-transferable, non-exclusive licence to use the Supplier Software in object code form only, in accordance with the terms of this Agreement. For the avoidance of doubt, this Agreement does not transfer or grant to the Customer any right, title, interest or intellectual property rights in the Supplier Software.
6.2 The Customer undertakes that he will not himself or through any third party, sell, lease, license or sublicense the Supplier Software. If the Customer is permitted under this Agreement or by law to make any copies of the Supplier Software, the Customer must reproduce all proprietary notices of the Supplier, if any, on the copies.
6.3 The Supplier may make such copies of the Customer Content as may be necessary to perform its obligations under this Agreement, including back up copies of the Content. Upon termination or expiration of this Agreement, the Supplier shall destroy or deliver to the Customer all such copies of the Content and other materials provided by the Customer as and when requested by the Customer.

7. Service Levels 
The Supplier shall use its reasonable endeavours to make the server and the Services available to the Customer but because the Services are provided by means of computer and telecommunications systems, the Supplier makes no warranties or representations that the Service will be uninterrupted or error-free and the Supplier shall not, in any event, be liable for interruptions of Service or downtime of the server.

8. Acceptible Use Policy 
8.1 The Website and use of the Services may be used for lawful purposes only and the Customer may not submit, publish or display any content that breaches any law, statute or regulation. In particular the Customer agrees not to:
8.1.1 use the Services or the Website in any way to send unsolicited commercial email or “spam”, or any similar abuse of the Services;
8.1.2 send email or any type of electronic message with the intention or result of affecting the performance of any computer facilities;
8.1.3 publish, post, distribute or disseminate defamatory, obscene, indecent or other unlawful material or information, or any material or information which infringes any intellectual property rights, via the Services or on the Website;
8.1.4 threaten, abuse, disrupt or otherwise violate the rights (including rights of privacy and publicity) of others;
8.1.5 engage in illegal or unlawful activities through the Services or via the Website;
8.1.6 make available or upload files to the Website or to the Services that the Customer knows contain a virus, worm, trojan or corrupt data; or
8.1.7 obtain or attempt to obtain access, through whatever means, to areas of the Supplier?s network or the Services which are identified as restricted or confidential.
8.2 The Customer has full responsibility for the content of the Website. For the avoidance of doubt, the Supplier is not obliged to monitor, and will have no liability for, the content of any communications transmitted by virtue of the Services.
8.3 If the Customer fails to comply with the Acceptable Use Policy outlined in Clause 8.1 the Supplier shall be entitled to withdraw the Services and terminate the Customer’s account.

9. Alterations and Updates 
All alterations and updates to the Website shall be made by the Customer using the online account management facility. The Customer will be issued with a user name and password in order to access the account. The Customer must take all reasonable steps to maintain the confidentiality of this user name and password. If the Customer reasonably believes that this information has become known to any unauthorised person, the Customer agrees to immediately inform the Supplier and the password will be changed.

10. Warranties 
10.1 The Customer warrants and represents to the Supplier that the Supplier’s use of the Content or the Customer Software in accordance with this Agreement will not infringe the intellectual property rights of any third party and that the Customer has the authority to license the Content and the Customer Software to the Supplier as set out in Clause 6.2.
10.2 All conditions, terms, representations and warranties that are not expressly stated in this Agreement, whether oral or in writing or whether imposed by statute or operation of law or otherwise, including, without limitation, the implied warranty of satisfactory quality and fitness for a particular purpose are hereby excluded. In particular and without prejudice to that generality, the Supplier shall not be liable to the Customer as a result of any viruses introduced or passed on to the Customer.

11. Indemnity 
The Customer agrees to indemnify and hold the Supplier and its employees and agents harmless from and against all liabilities, legal fees, damages, losses, costs and other expenses in relation to any claims or actions brought against the Supplier arising out of any breach by the Customer of the terms of this Agreement or other liabilities arising out of or relating to the Website.

12. Limitation of Liability 
12.1 Nothing in these terms and conditions shall exclude or limit the Supplier’s liability for death or personal injury resulting from the Supplier?s negligence or that of its employees, agents or sub-contractors.
12.2 The entire liability of the Supplier to the Customer in respect of any claim whatsoever or breach of this Agreement, whether or not arising out of negligence, shall be limited to the charges paid for the Services under this Agreement in respect of which the breach has arisen.
12.3 In no event shall the Supplier be liable to the Customer for any loss of business, loss of opportunity or loss of profits or for any other indirect or consequential loss or damage whatsoever. This shall apply even where such a loss was reasonably foreseeable or the Supplier had been made aware of the possibility of the Customer incurring such a loss.

13. Terms and Conditions 
13.1 This Agreement will become effective on the date you signup and thereafter shall continue until terminated by either party.
13.2 The Supplier shall have the right to terminate this Agreement with immediate effect by notice in writing to the Customer if the Customer fails to make any payment when it becomes due.
13.3 Either party may terminate this Agreement forthwith by notice in writing to the other if:
13.3.1 the other party commits a material breach of this Agreement and, in the case of a breach capable of being remedied, fails to remedy it within a reasonable time of being given written notice from the other party to do so; or
13.3.2 the other party commits a material breach of this Agreement which cannot be remedied under any circumstances; or
13.3.3 the other party passes a resolution for winding up (other than for the purpose of solvent amalgamation or reconstruction), or a court of competent jurisdiction makes an order to that effect; or
13.3.4 the other party ceases to carry on its business or substantially the whole of its business; or
13.3.5 the other party is declared insolvent, or convenes a meeting of or makes or proposes to make any arrangement or composition with its creditors; or a liquidator, receiver, administrative receiver, manager, trustee or similar officer is appointed over any of its assets.
13.4 Any rights to terminate this Agreement shall be without prejudice to any other accrued rights and liabilities of the parties arising in any way out of this Agreement as at the date of termination.

14. Assignment 
14.1 The Supplier may assign or otherwise transfer this Agreement at any time.
14.2 The Customer may not assign or otherwise transfer this Agreement or any part of it without the Supplier’s prior written consent.

15. Force Majeure 
Neither party shall be liable for any delay or failure to perform any of its obligations if the delay or failure results from events or circumstances outside its reasonable control, including but not limited to acts of God, strikes, lock outs, accidents, war, fire, the act or omission of government, highway authorities or any telecommunications carrier, operator or administration or other competent authority, the act or omission of any Internet Service Provider, or the delay or failure in manufacture, production, or supply by third parties of equipment or services, and the party shall be entitled to a reasonable extension of its obligations after notifying the other party of the nature and extent of such events.

16. Severance 
If any provision of this Agreement is held invalid, illegal or unenforceable for any reason by any Court of competent jurisdiction such provision shall be severed and the remainder of the provisions hereof shall continue in full force and effect as if this Agreement had been agreed with the invalid illegal or unenforceable provision eliminated.

17. Notices 
Any notice to be given by either party to the other may be sent by either email, fax or recorded delivery to the address of the other party as appearing in this Agreement or such other address as such party may from time to time have communicated to the other in writing, and if sent by email shall unless the contrary is proved be deemed to be received on the day it was sent or if sent by fax shall be deemed to be served on receipt of an error free transmission report, or if sent by recorded delivery shall be deemed to be served 2 days following the date of posting.

18. Entire Agreement 
This Agreement contains the entire Agreement between the parties relating to the subject matter and supersedes any previous agreements, arrangements, undertakings or proposals, oral or written. Unless expressly provided elsewhere in this Agreement, this Agreement may be varied only by a document signed by both parties.

19. Governing Law and Jurisdiction 
This Agreement shall be governed by and construed in accordance with the law of England and the parties hereby submit to the exclusive jurisdiction of the English courts.

Privacy Policy

1. BillingServ is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the data protection legislation in the UK.

The purpose of this statement is to explain to you what personal information we collect and how we may use it.

2. When you order, we need to know your details. This allows us to process and fulfil your order. You have the option to withhold personal information that is not required for the order process.

3. We will only contact you with your consent.

4. We do not sell, rent or exchange your personal information with any third party for commercial reasons, beyond the essential requirement for credit/debit card validation during purchase.

5. We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access in accordance with the UK data protection legislation.

We do not collect sensitive information about you except when you specifically knowingly provide it. In order to maintain the accuracy of our database, you can check, update or remove your personal details by contacting us.

We use a technology called “cookies” as part of a normal business procedure to track patterns of behaviour of visitors to our site. A cookie is an element of data that our Website sends to your browser which is then stored on your system. You can set your browser to prevent this happening. Any information collected in this way can be used to identify you unless you change your browser settings.

6. In order to process credit/debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation outside the EEA (European Economic Area). Your information will not be transferred outside the EEA for any other purpose.

7. If you have any questions about privacy please contact us.

GDPR

BaseServ Limited is committed to providing a secure hosting environment and transparency towards our customers, how we handle data and what data we collect.

All data is by default only accessible by staff at BaseServ Limited, unless we specify otherwise.

As long as you’re a customer of BaseServ Limited, we log data such as your name, address, email address and telephone number. We also log your customer data, such as their name, address, phone number, email address, IP Address and last 4 digits of their card numbers. We also log login requests to various systems you access within the BaseServ Limited environments.

In case you agree to our data policy, the agreement is valid for the period you’re a customer of BaseServ and has existing products with us.

Information such as invoices issued to you as a customer is kept even after terminating the products or ending your time as a customer at BaseServ Limited. You can, however, change your contact details to something “random” at our Client Area. In case you need a random email added to your account, please let us know by contacting support@baseserv.com.

If you would like your account fully deleted you will need to email our DPA Team by emailing dpa-support@baseserv.com.

Below you will find different sections regarding the various products and tools we use as a company to function; you can click each title to read more:

We log and maintain your client’s data, we store their addresses, email address, phone number, company details, IP Address and login information. This is all stored in our secure databases.

We also save transaction details, such as price, line items, qty, addresses, payment details, transaction details, IP Addresses and sometimes recurring payment details.

When sending emails, the emails get sent via an external SMTP relay called Mailgun – Mailgun is an outgoing SMTP Relay solution used to send our invoices, account emails and password resets.

The Mailgun software stores sender address, the receiver address and the email subject of individual emails.

If you want to prevent transmitting any data via Mailgun, we advise you to use an alternative outgoing mail-server than ours.

Our databases are secured to make sure your data is safe. Only our server engineers have access to the database servers. No one on our staff have access to your data. This is all hosted on our encrypted servers.

Databases are permanently stored and are only removed once the customer deletes their BillingServ Account, the customer gets terminated, or you request our BaseServ Limited Support Staff.

Access logs and error logs only available to the BaseServ Limited staff.

There’s no defined rotation policy for access or FTP logs; data gets removed during account termination or cleaned up by staff on a regular interval. Customers can contact BaseServ Limited’s support department to request deletion of the logs.

Backups are stored on external backup servers managed by BaseServ Limited; data is backed up over a secure connection and is stored in encrypted storage which our staff can restore if you contact our support team at support@baseserv.com.

Backups include all data, including business data (Logos, images and invoices) databases, cronjobs, DNS zones, account statistics.

Backups do get rotated out automatically after termination of your account within one month or less.

In case you use our support, you at the same time have to agree our support department accessing the required information about your account to resolve the issue.

We might require access to files (web files, emails, cache files), databases, logs, backups, statistics and/or IP information about logged in accounts.

In case you do not allow us to access any of the data, be aware that resolution of your problem might get prolonged or not possible to resolve.

When you create a support ticket, ticket information gets stored in our support software (support.baseserv.com) indefinitely and temporary for less than 24 hours on our Email provider (GSuite).

Any emails coming from our support system gets sent via GSuite via secure connections.

Requesting deletion of data from our ticketing system requires you to contact support@baseserv.com.

We are partnered with a variety of Payment Gateways. When one of your clients checks out on our platform some of their personal data is shared with these third party payment gateways.

PayPal: We use the PayPal Standard & Pro API’s to facilitate payments on your behalf. We send the clients name, address, email address, phone number and the purchase amount.

WorldPay: We use the WorldPay UK/US API’s to facilitate payments on your behalf. We send the clients name, address, email address, phone number and the purchase amount.

Stripe: We use the Stripe API’s to facilitate payments on your behalf. We send the clients name, address, email address, phone number and the purchase amount.

PYMTPro: We use our sister companies (PYMTPro) UK/US API’s to facilitate payments on your behalf. We do not send your clients name, address, email address, phone number or contact information. We only send the purchase amount via the API’s.

BluePay: Is only available for US Customers.

Merchant Focus: Is only available for US Customers.

GoCardless: We use the GoCardless API’s to facilitate payments on your behalf. We send the clients name, address, email address, phone number and the purchase amount.

ISO 27001 Policy

1.3       ISMS POLICY

It is the policy of BaseServ Limited to maintain an information management system designed to meet the requirements of ISO 27001 in pursuit of its primary objectives, the purpose and the context of the organisation.

It is the policy of BaseServ Limited to:

  • make the details of our policy known to all other interested parties including external where appropriate and determine the need for communication and by what methods relevant to the business management system.
  • comply with all legal requirements, codes of practice and all other requirements applicable to our activities; therefore, as a company, we are committed to satisfy applicable requirements related to information security and the continual improvement of the ISMS.
  • provide all the resources of equipment, trained and competent staff and any other requirements to enable these objectives to be met;
  • ensure that all employees are made aware of their individual obligations in respect of this information security policy;
  • maintain a management system that will achieve these objectives and seek continual improvement in the effectiveness and performance of our management system based on “risk”.

This information security policy provides a framework for setting, monitoring, reviewing and achieving our objectives, programmes and targets.

To ensure the company maintains its awareness for continuous improvement, the business management system is regularly reviewed by “Top Management” to ensure it remains appropriate and suitable to our business.  The Business Management System is subject to both internal and external annual audits.

Scope of the Policy

The scope of this policy relates to use of the database and computer systems operated by the company in pursuit of the company’s business of providing online billing/invoicing services to the SME, B2B and B2C sectors. It also relates where appropriate to external risk sources including functions which are outsourced.

Top Management

Jordan Smith
Company Director

Dated: 06/09/2023