Terms of Service

These Terms of Service ("Terms") govern your business's access to and use of the Digital Florists software-as-a-service platform and related products and services (the "Service"), provided by Digital Florists Ltd (company number 15423324) ("Digital Florists", "we", "us", "our").

By using the Service, you confirm that you are acting in a business capacity and have authority to bind the Customer entity. If you do not agree, do not use the Service.

1. Definitions

"Customer" / "you" / "your" means the business entity that agrees to these Terms.

"Authorised Users" means your employees, contractors and agents authorised to use the Service under your account.

"Customer Data" means any data (including personal data) submitted to the Service by or on behalf of Customer, including via Public Features.

"Public Features" means customer portals, delivery tracking links, public forms, and any other public-facing pages or experiences generated by the Service for Customer's end customers/recipients.

"Fees" means subscription fees and any additional usage-based fees (including consumables).

"Documentation" means user guides and technical documentation we make available.

"Business Day" means a day other than a Saturday, Sunday, or public holiday in England and Wales.

Other capitalised terms may be defined elsewhere in these Terms.

2. The Service

2.1 Description: The Service provides tools to manage florist business operations, including order management, inventory, analytics, integrations, communications, and event management, plus Public Features where enabled.

2.2 Changes: We may update or modify the Service (including features) to improve performance, security, compliance or functionality. Where changes materially reduce core functionality, we will use reasonable efforts to provide notice.

2.3 Availability: We may perform scheduled maintenance and emergency maintenance. We may suspend access where necessary for security, legal compliance, or to prevent harm. Any uptime percentage or availability target is a target only and not a guarantee unless agreed in a separate written SLA.

2.4 Trials: If we offer a trial, trial duration and limits will be as shown at signup or otherwise communicated. At the end of the trial, you must subscribe to continue using the Service and/or your access may be restricted or terminated.

3. Accounts, Access and Security

3.1 Account responsibility: You are responsible for:

• ensuring only Authorised Users access the Service;
• maintaining accurate account information;
• keeping credentials confidential and enforcing appropriate password/MFA practices where available.

3.2 Admin controls: Your administrators may configure settings, Public Features and integrations. You are responsible for the actions and omissions of Authorised Users.

3.3 Public Features security: Public Features may be accessible to anyone with the link or access method configured by Customer. Customer is responsible for:

• deciding what information is displayed via Public Features;
• distributing links securely and not encouraging public sharing;
• configuring expiry, access controls or authentication where the Service offers these options.

4. Acceptable Use

4.1 Compliance with law: You will use the Service in compliance with all applicable laws and regulations, including data protection and direct marketing rules (UK GDPR, PECR and equivalent laws where applicable).

4.2 Prohibited activities: You must not (and must not allow others to):

• interfere with the security or integrity of the Service;
• attempt unauthorised access to any system or data;
• transmit malware, unlawful, defamatory or infringing content;
• scrape, harvest or use automated tools to extract data except via documented APIs where permitted;
• reverse engineer, decompile, replicate, clone or create derivative works of the Service;
• use the Service to build or support a competing product;
• send unsolicited marketing messages or unlawful communications via the Service.

4.3 Suspension for misuse: If we reasonably suspect misuse, security risk, unlawful activity, or attempted replication/cloning, we may suspend access immediately. Where feasible, we will provide notice and an opportunity to remediate.

5. Subscriptions, Fees and Payments

5.1 Subscription term: Access requires a subscription unless otherwise agreed in writing. Subscriptions typically renew automatically unless cancelled in accordance with Section 10.

5.2 Fees and taxes: Fees are exclusive of VAT and other applicable taxes. You must pay without deduction or set-off. All Fees are denominated and payable in pounds sterling (GBP) unless we agree in writing to invoice you in an alternative currency. Where we offer pricing in a local currency, those prices may be reviewed and adjusted periodically to reflect exchange rate fluctuations. If you pay from a non-GBP account and no local currency pricing has been agreed, any foreign exchange conversion costs or fees charged by your bank or payment provider are your responsibility. Where you are a VAT-registered business outside the UK and provide us with a valid VAT registration number, we will apply the reverse charge mechanism and will not add UK VAT to your invoices. You are responsible for accounting for any applicable VAT in your jurisdiction.

5.3 Consumables: Some features use consumables (e.g., SMS credits, AI tokens). Consumables may have usage limits, may expire, and are non-refundable unless required by law.

5.4 Fee Changes

5.4.1 Subscription Fees: We reserve the right to adjust subscription fees with at least ninety (90) days' prior written notice. No such adjustment shall take effect within the first six (6) months from your initial subscription commencement date.

5.4.2 Consumable Fees: We may adjust fees for consumable resources (e.g., SMS credits, AI tokens) at any time in response to supplier cost changes or other factors beyond our reasonable control. We will provide as much notice as is reasonably practicable before revised consumable fees take effect.

5.4.3 Plan Changes: If you upgrade, downgrade, change plans, or add new features, you will be charged at the then-current rates for the new plan or features from the date of the change. Your previous plan pricing does not carry over to a new plan.

5.4.4 Objections: Should you disagree with any fee adjustment, you may cancel your subscription in accordance with Section 10. Your existing rate will apply until your cancellation takes effect.

5.5 Invoicing: We will provide VAT invoices electronically for all Fees charged. Invoices will be issued at the time of charge or within a reasonable period thereafter and will be accessible via the Service or sent by email.

5.6 Failed payments: If a payment fails, we will notify you and attempt to collect payment again. You will have five (5) Business Days from the date of notification to resolve the payment issue before we exercise any suspension rights under Section 10.2. This grace period does not apply where we reasonably suspect fraud.

5.7 Late payment: Without prejudice to our other rights, overdue Fees may accrue interest at the rate prescribed by the Late Payment of Commercial Debts (Interest) Act 1998, calculated from the due date until payment is received in full.

6. Intellectual Property and Licence

6.1 Our IP: We (and/or our licensors) own all IP rights in the Service, Documentation, and related materials.

6.2 Licence to Customer: Subject to these Terms and payment of Fees, we grant Customer a limited, non-exclusive, non-transferable licence to access and use the Service for Customer's internal business operations during the subscription term.

6.3 Customer Data: Customer owns Customer Data. Customer grants us a licence to host, copy, transmit and otherwise process Customer Data solely to provide, maintain and secure the Service and as otherwise set out in these Terms and the DPA.

6.4 Feedback: If you provide feedback or suggestions, you grant us a perpetual, irrevocable, royalty-free right to use it without restriction.

7. Confidentiality

7.1 Confidential Information: Each party may receive non-public information from the other marked or reasonably understood to be confidential.

7.2 Obligations: The receiving party will:

• use Confidential Information only to perform under these Terms; and
• protect it using at least reasonable care.

7.3 Exclusions: Confidential Information excludes information that is public without breach, independently developed, lawfully received from a third party, or required to be disclosed by law (subject to notice where lawful).

8. Data Protection

Your use of the Service is also governed by our Privacy Notice, which explains how we collect, use, and protect your personal data.

8.1 Roles: Customer is the controller of Customer Data. We are the processor of Customer Data. We are an independent controller for certain account, billing, relationship and security data.

8.2 Data Processing Addendum: The Data Processing Addendum in Schedule 1 ("DPA") forms part of these Terms and applies to our processing of Customer Data.

8.3 Customer compliance: Customer will ensure it has a lawful basis to process Customer Data and to instruct us to process it, including for:

• SMS/email messages sent via the Service;
• Public Features such as portals, tracking links and public forms; and
• any tracking, analytics or advertising tags Customer chooses to deploy.

9. Warranties and Disclaimers

9.1 Mutual authority: Each party warrants it has authority to enter into these Terms.

9.2 Disclaimer: To the fullest extent permitted by law, the Service is provided "as is" and "as available" without warranties of any kind, including satisfactory quality, fitness for a particular purpose, or non-infringement.

We do not warrant that:

• the Service will be uninterrupted or error-free; or
• Public Features will not be shared by end users.

10. Termination and Cancellation

10.1 Cancellation by Customer: You may cancel by giving at least thirty (30) days' written notice. Cancellation takes effect at the end of your current billing period unless otherwise agreed. You remain responsible for Fees due through the effective cancellation date.

10.2 Termination by us: We may suspend or terminate immediately if:

• Fees are overdue;
• you breach these Terms;
• we reasonably suspect misuse, fraud or security risk;
• required by law.

10.3 No refunds: Except where required by law or expressly agreed, Fees are non-refundable.

10.4 Data export and deletion: For two (2) months following the expiry or termination of this Agreement, Digital Florists will provide Customer with the ability to export Customer Data in a machine-readable format. The format of any such export will be as reasonably determined by Digital Florists (which may include formats such as CSV or JSON). Following expiry of that two (2) month period, Digital Florists will, at its determination, either delete or anonymise Customer Data from its live production systems, subject to any retention provisions set out in the Data Processing Addendum.

11. Limitation of Liability

11.1 Unlimited liability carve-outs: Nothing in these Terms limits liability for:

• death or personal injury caused by negligence;
• fraud or fraudulent misrepresentation; or
• any other liability which cannot be excluded under applicable law.

11.2 Exclusion of indirect losses: Subject to 11.1, neither party is liable for indirect or consequential losses, including loss of profits, revenue, business, goodwill, or anticipated savings.

11.3 Liability cap: Subject to 11.1, our total aggregate liability arising out of or related to the Service and these Terms will not exceed the Fees paid by Customer in the twelve (12) months preceding the event giving rise to the claim.

12. Force Majeure

12.1 Neither party is liable for delay or failure in performing its obligations (other than payment obligations) caused by events beyond its reasonable control, including natural disasters, war, terrorism, pandemic, government action, network or power outages, or failure of third-party services ('Force Majeure Event').

12.2 The affected party must notify the other party promptly and take reasonable steps to mitigate the impact.

12.3 If a Force Majeure Event continues for more than sixty (60) days, either party may terminate these Terms on written notice.

12.4 Customer's obligation to pay Fees is suspended to the extent that a Force Majeure Event prevents us from providing the Service.

13. Notices

Notices must be in writing and sent by email (or other agreed channel). You must keep your contact details up to date.

Notices to Digital Florists should be sent to:

Email: hello [at] digitalflorists.com
Post: Digital Florists Ltd (company number 15423324), 7 Booker Ave, Liverpool L18 4QY, United Kingdom

Notices sent by email are deemed received on the next Business Day after sending, provided no delivery failure notification is received. Notices sent by post are deemed received three (3) Business Days after posting by first-class post.

14. Assignment

Customer may not assign these Terms without our prior written consent. We may assign our rights and obligations without restriction.

15. Waiver and Severability

15.1 No waiver of any right under these Terms is effective unless in writing. A waiver of any right or remedy is not a waiver of any subsequent right or remedy.

15.2 If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

16. Affiliate Program

If we offer an affiliate/referral program, additional terms will apply. In the event of conflict, the affiliate terms prevail for that program.

17. Dispute Resolution

17.1 Escalation: If a dispute arises under these Terms, either party shall first notify the other in writing and the parties shall attempt to resolve the dispute through good-faith negotiation between senior representatives within thirty (30) days of notification.

17.2 Mediation: If the dispute is not resolved within thirty (30) days, either party may refer the dispute to mediation administered by the Centre for Effective Dispute Resolution (CEDR). The parties shall cooperate with CEDR and share the costs of mediation equally.

17.3 Litigation: If mediation does not resolve the dispute within sixty (60) days of referral, either party may commence court proceedings in accordance with the governing law clause below.

17.4 Urgent relief: Nothing in this section prevents either party from seeking urgent injunctive or interim relief from any court of competent jurisdiction.

18. Governing Law and Jurisdiction

These Terms are governed by English law and the courts of England and Wales have exclusive jurisdiction.

19. Entire Agreement

These Terms (including schedules and referenced policies) are the entire agreement and supersede prior discussions.

These Terms may only be amended by us posting updated Terms and providing notice in accordance with Section 13. Your continued use of the Service after such notice constitutes acceptance of the amended Terms.

These Terms are drafted in English and the English language version shall prevail. All communications between the parties shall be in English.

---

Schedule 1 - Data Processing Addendum (DPA)

1. Definitions

"Data Protection Laws" means UK GDPR, the Data Protection Act 2018, PECR, and any applicable equivalent laws, each as amended from time to time.

"Personal Data", "Processing", "Controller", "Processor" have the meanings given in Data Protection Laws.

"Sub-Processor" means any third party appointed by us to process Customer Data on our behalf.

"Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Customer Data.

2. Scope and Details of Processing

2.1 Subject matter: Processing of Customer Data by Digital Florists to provide the Service (including Public Features), maintenance and security.

2.2 Duration: For the subscription term plus the deletion/return period in these Terms.

2.3 Nature and purpose: Hosting, storage, transmission, retrieval, organisation, access control, and other processing necessary to provide the Service, plus security monitoring, incident prevention and support.

2.4 Types of personal data: May include names, contact details, addresses, delivery information, order details, portal content, communications content, identifiers, and any other personal data Customer chooses to upload or generate through use of the Service.

2.5 Categories of data subjects: Customer's end customers, recipients, employees, contractors, suppliers, and other individuals whose personal data Customer processes using the Service.

3. Processing Instructions

We will process Customer Data only on documented instructions from Customer, including as needed to provide the Service. Customer instructs us to process Customer Data by using the Service and configuring settings. If, in our opinion, any instruction from Customer infringes applicable Data Protection Laws, we will promptly inform Customer.

4. Confidentiality

We will ensure personnel authorised to process Customer Data are subject to confidentiality obligations.

5. Security

We will implement appropriate technical and organisational measures designed to protect Customer Data, taking into account the state of the art, implementation cost, and risks.

6. Sub-Processors

6.1 Use of sub-processors: Customer authorises us to use sub-processors to provide the Service.

6.2 Responsibilities: We will impose data protection obligations on sub-processors consistent with this DPA and remain responsible for their performance as required by law.

6.3 List and updates: We will maintain a list of current sub-processors, available on request. We will provide at least thirty (30) days' prior written notice of any new or replacement sub-processor. Customer may object in writing within that period on legitimate data protection grounds.

7. International Transfers

Where Customer Data is transferred outside the UK, we will ensure a valid transfer mechanism is in place (e.g., adequacy, UK IDTA, UK Addendum, or other lawful mechanism).

8. Assistance

Taking into account the nature of processing, we will provide reasonable assistance to Customer with:

• data subject rights requests; and
• security, breach notifications, and DPIAs/risk assessments,

in each case to the extent required by Data Protection Laws and where Customer cannot reasonably fulfil obligations without our assistance.

9. Personal Data Breaches

We will notify Customer without undue delay and in any event within such time as to enable Customer to comply with its obligation to notify the supervisory authority within 72 hours of becoming aware of a personal data breach affecting Customer Data and provide information reasonably required for Customer to meet breach notification obligations.

10. Deletion or Return

After termination/expiry, we will make Customer Data available for export for two (2) months, then delete or anonymise Customer Data from live systems unless legally required to retain it longer.

Backups: Customer Data may remain in backups for up to twelve (12) months before permanent erasure/overwrite.

11. Audit Rights

11.1 The Customer may audit our compliance with this DPA by requesting relevant security and compliance documentation, including our data protection policies, internal security summaries, and available third-party audit reports (such as SOC 2 Type II or ISO 27001 certifications). We will make such documentation available within a reasonable time of a written request.

11.2 Where the Customer reasonably considers that the documentation provided under clause 11.1 is insufficient to demonstrate compliance with this DPA, the Customer may request a further audit. Any such audit is subject to the following conditions:

• (a) the Customer provides at least thirty (30) days' prior written notice specifying the scope, proposed dates, and identity of any proposed auditor;
• (b) audits may only take place during our normal business hours and no more than once in any rolling twelve (12)-month period;
• (c) the scope of any audit is limited to our processing of Personal Data under this DPA and does not extend to our systems, infrastructure, or data belonging to other customers;
• (d) the Customer's proposed auditor must execute a confidentiality agreement in a form acceptable to us before being granted access to any of our systems, personnel, or documentation;
• (e) we reserve the right to object to the appointment of a proposed auditor where we reasonably consider that auditor to have a conflict of interest (including where they are a competitor of ours), and in such case the Customer shall appoint an alternative auditor acceptable to both parties;
• (f) we may satisfy the audit obligation by engaging an independent third-party auditor of our choosing to conduct the audit on the Customer's behalf, in lieu of direct Customer access; and
• (g) the Customer shall bear all costs associated with any audit conducted under this clause 11.2, including our reasonable internal costs and staff time.

11.3 Any information obtained during an audit shall be treated as our Confidential Information and used solely for the purpose of verifying compliance with this DPA.

12. Precedence

If there is a conflict between this DPA and the Terms, this DPA prevails in relation to processing of Customer Data.