Terms & Conditions
This following note in RED to be read by CM and once agreed, it can be removed.
Certainly. Below are comprehensive draft versions suitable for a UK SaaS provider operating a fire risk assessment platform. They are written on the basis that:
- You are the owner/operator of RA7.
- Your customers are primarily businesses and professional fire risk assessors.
- Customer organisations upload information relating to buildings, responsible persons, occupiers, contractors, employees and other contacts.
- You act primarily as a Data Processor for customer data.
- You act as a Data Controller for your own customer account, billing and marketing information.
And
For a commercial launch of RA7, I would also recommend adding a Security Schedule (covering encryption standards, backups, RTO/RPO targets, penetration testing, MFA, incident response and vulnerability management) because many larger housing associations, managing agents and corporate customers now expect this alongside the DPA during procurement.
=======================
RA7 SOFTWARE-AS-A-SERVICE AGREEMENT
Terms and Conditions
Version: 1.0
Effective date: 01/06/2026
These Terms and Conditions ("Agreement") govern the provision and use of the RA7 software platform ("RA7") supplied by:
[YOUR COMPANY NAME]
Company Number: [NUMBER]
Registered Office: [ADDRESS]
("Provider", "we", "us" or "our")
and
The individual, company, organisation or other legal entity subscribing to or using RA7 ("Customer", "you" or "your").
1. Definitions
Authorised User
A person authorised by the Customer to access and use RA7.
Customer Data
Any information, documents, images, assessments, reports, records or other data uploaded to RA7.
Subscription
The paid access plan selected by the Customer.
Services
The provision of the RA7 software platform and associated support services.
2. Agreement
By creating an account, subscribing to RA7 or using the Services, the Customer agrees to be bound by this Agreement.
If the Customer is acting on behalf of an organisation, they warrant they have authority to bind that organisation.
3. Licence Grant
Subject to payment of applicable fees and compliance with this Agreement, the Provider grants the Customer a:
- non-exclusive
- non-transferable
- non-sublicensable
licence to access and use RA7 during the Subscription Term.
No ownership rights are transferred.
4. Ownership
The Provider retains all rights, title and interest in:
- RA7
- software code
- databases
- user interfaces
- workflows
- templates
- reports
- intellectual property
except for Customer Data.
The Customer retains ownership of Customer Data.
5. Customer Responsibilities
The Customer is solely responsible for:
- the accuracy of all information entered into RA7;
- ensuring assessments comply with applicable legislation;
- ensuring reports generated from RA7 are reviewed before issue;
- maintaining appropriate professional competence;
- compliance with PAS 79 (where adopted);
- compliance with relevant fire safety legislation;
- compliance with any accreditation requirements;
- maintaining professional indemnity insurance where required.
Use of RA7 does not replace professional judgement.
6. No Professional Advice
RA7 is a software tool only.
The Provider:
- does not provide fire risk assessments;
- does not provide legal advice;
- does not provide fire engineering advice;
- does not certify compliance with legislation.
Any reports generated by RA7 must be independently reviewed and approved by a competent person before issue.
The Customer remains solely responsible for any assessment, recommendation, opinion or conclusion produced using RA7.
7. Availability
The Provider will use reasonable efforts to make RA7 available.
The Provider does not guarantee:
- uninterrupted access;
- error-free operation;
- availability at all times.
Maintenance, upgrades and emergency works may result in temporary service interruption.
8. Support
Support will be provided during published support hours.
The Provider may amend support arrangements from time to time.
Support does not include:
- customer IT systems;
- third-party software;
- internet connectivity issues;
- bespoke consultancy.
9. Data Security
The Provider will implement reasonable technical and organisational measures to protect Customer Data.
However, the Customer acknowledges:
- no internet-based service can be completely secure;
- cybersecurity risks cannot be entirely eliminated.
The Customer remains responsible for:
- password security;
- account management;
- user access control.
10. Customer Warranties
The Customer warrants that:
- all uploaded data is lawful;
- they have authority to upload the data;
- uploaded data does not infringe third-party rights;
- use of RA7 complies with applicable laws.
11. Prohibited Activities
The Customer shall not:
- reverse engineer RA7;
- copy the software;
- resell the platform without permission;
- attempt unauthorised access;
- interfere with platform security;
- introduce malware;
- use automated scraping tools;
- use the platform unlawfully.
12. Fees
Subscription fees are payable in advance.
Unless stated otherwise:
- fees are exclusive of VAT;
- fees are non-refundable.
Failure to pay may result in suspension or termination.
13. Suspension
The Provider may suspend access immediately if:
- fees remain unpaid;
- security concerns arise;
- unlawful activity is suspected;
- these Terms are breached.
14. Limitation of Liability
Nothing in this Agreement excludes liability for:
- death or personal injury caused by negligence;
- fraud or fraudulent misrepresentation;
- any liability which cannot lawfully be excluded.
Subject to the above:
The Provider shall not be liable for:
- indirect losses;
- consequential losses;
- loss of profits;
- loss of business;
- loss of contracts;
- loss of reputation;
- loss of anticipated savings.
The Provider's total aggregate liability arising from the Services shall not exceed:
the total fees paid by the Customer during the preceding twelve (12) months.
15. Professional Reliance
The Customer acknowledges that:
- fire risk assessments involve professional judgement;
- RA7 provides assistance only;
- responsibility for conclusions remains with the Customer.
The Provider shall have no liability for:
- assessment findings;
- recommendations;
- risk ratings;
- action plans;
- compliance decisions;
- enforcement outcomes;
- prosecution outcomes;
- civil claims arising from assessments.
16. Indemnity
The Customer shall indemnify the Provider against claims arising from:
- Customer Data;
- misuse of RA7;
- breach of law;
- negligence by the Customer;
- professional advice provided by the Customer;
- assessments issued by the Customer.
17. Intellectual Property Infringement
The Customer shall immediately notify the Provider of any claim alleging infringement relating to RA7.
The Provider may:
- modify the software;
- obtain rights;
- terminate affected services.
18. Confidentiality
Each party shall keep confidential information confidential and shall not disclose it except:
- where required by law;
- with written consent;
- to professional advisers.
19. Data Protection
Both parties shall comply with:
- UK GDPR;
- Data Protection Act 2018;
- applicable privacy legislation.
Where personal data is processed, the parties shall enter into a separate Data Processing Agreement.
20. Term and Termination
This Agreement continues until terminated.
Either party may terminate:
- on expiry of a Subscription;
- for material breach;
- for insolvency.
21. Effect of Termination
Upon termination:
- licences cease immediately;
- access may be withdrawn;
- data may be deleted after any retention period notified by the Provider.
Customers should export required data before termination.
22. Force Majeure
Neither party shall be liable for delays caused by events beyond reasonable control.
23. Governing Law
This Agreement shall be governed by the laws of:
England and Wales
The courts of England and Wales shall have exclusive jurisdiction.