BACKGROUND A OutThink wishes to make available its cybersecurity human risk management platform (“OutThink Solution”) to the Client, for the benefit of the Client and Client’s Users. B The Client wishes OutThink to supply the OutThink Solution to support Client’s business operations on the agreed terms. THE PARTIES AGREE 1 Definitions and interpretation 1.1 In these SaaS T&Cs: Applicable Law means any and all applicable laws, statutes, orders, rules, treaties, decree, regulations, directives, edicts, bye-laws, schemes, warrants, other instruments made under or to be made under any statute; Business Day means a day other than a Saturday, Sunday or bank or public holiday in England; Commencement Date The date of signing the OutThink SaaS T&Cs; Confidential Information means any and all confidential information, (whether in oral, written or electronic form) including technical or other information imparted in confidence or disclosed by one party to the other or otherwise obtained by one party relating to the other’s business, finance or technology, know-how, Intellectual Property Rights, assets, strategy, products and clients, including information relating to management, financial, marketing, technical and other arrangements or operations of any person, firm or organisation associated with that party; Client Data means all information provided by the Client to OutThink when using the Service for the avoidance of doubt this shall not include personal data; Client Marks means the Client’s name and logo together with any trademarks registered or unregistered belonging to the Client; Documentation means the documents (in whatever media) provided to the Client to facilitate use of the Service by Users; Force Majeure means events beyond a party’s reasonable control (preventing or delaying it from performing its obligations, including war, revolution, terrorism, riot or civil commotion, strikes, lock outs or other industrial action, blockage or embargo; acts of or restrictions imposed by government or public authority; explosion, fire, corrosion, flood, natural disaster or adverse weather conditions. Force Majeure does not include inability to pay, mechanical difficulties, shortage or increase of price of raw materials; Infringing Data means information or data that (i) infringes Applicable Law; or (ii) infringes any third party Intellectual Property Rights; or (iii) includes any material which is obscene, indecent, pornographic, seditious, offensive, defamatory, threatening, liable to incite racial hatred, menacing or blasphemous; Intellectual Property Rights means copyright, patents, rights in inventions, rights in confidential information, know-how, trade secrets, trademarks, service marks, trade names, design rights, database rights, rights in data, semi-conductor chip topography rights, utility models, domain names, rights in computer software and all similar rights of whatever nature; Platform means the SaaS software listed in Appendix 1; Service means the remote provision of the Platform to the Client for the benefit of Users; Service Hours means 24 hours a day, five days a week (Monday to Friday); Support Services means the support services provided by OutThink to the Client and described in the Appendix 1; Uptime means 99.5% of Service Hours; Users means the employees, contractors, contingent workers, third parties, allowed access to the OutThink solution by the Client, authorised to use the Service as specified in Appendix 1 (Service). 2 Service and availability 2.1 OutThink shall make the Service available to Client during the Service Hours to achieve uptime of 99.5% but excluding: 2.1.1 scheduled maintenance which OutThink shall use reasonable endeavours to undertake at weekends only (Saturday and Sunday); 2.1.2 emergency maintenance; or 2.1.3 downtime caused in whole or part by Force Majeure. 2.2 OutThink will notify the Client 72 hours in advance of any scheduled maintenance 2.3 Support Services will be available to the Client through the helpdesk during the hours specified in Appendix 1. 2.4 The Client acknowledges that OutThink shall be entitled to modify the features and functionality of the Service as part of its ongoing development of the Platform. OutThink shall use reasonable endeavours to ensure that any such modification does not adversely affect the Client’s use of the Service. 3 OutThink Warranties 3.1 OutThink warrants to the Client that: 3.1.1 OutThink has the right, power and authority to enter into these SaaS T&Cs and grant to the Client the rights contemplated in these SaaS T&Cs and to supply the Service; and 3.1.2 the Service will be supplied: (a) with reasonable care and skill; and (b) subject to clause 2.4, in accordance in all material respects with the description of the Service provided in Appendix 1; 3.2 The warranties in this clause are subject to the Client giving notice to OutThink as soon as it is reasonably able upon becoming aware of the breach of warranty. 3.3 OutThink will not be liable under this clause or be required to remedy any problem arising from or caused by the Client’s use of the Service in a manner other than as directed by OutThink provided that the Client is informed of how to use the Service correctly. 3.4 The Client acknowledges and agrees that: 3.4.1 the Service has not been designed to meet the Client’s individual requirements and cannot be tested in every operating environment; and 3.4.2 it is the Client’s responsibility to ensure the facilities and functions of the Service meet the Client’s requirements. 4 Use of the Service 4.1 OutThink grants the Client a non-transferable, non-exclusive right for the term of these SaaS T&Cs to allow Users access to the Service. 4.2 Prior to providing Users with access to the Service, the Client shall: 4.2.1 Supply OutThink with the information required during the on boarding process, such as logo, background image, colour palette, a list of Users (or equivalent if single sign-on is used), in agreed format, authorised to receive access to the Service; and 4.2.2 sign-off, once Client’s branding and customisations have been applied; and 4.2.3 configure DNS records, whitelist OutThink IP address, set up subdomain (e.g. securityawareness.clientdomain.com), create email addresses or set up email server to provide Users with a login page and enable communications between Users and Client’s Administrator, as required; and 4.2.4 ensure that all relevant Users comply with any other user terms applicable to the Service and notified to the Client. 4.3 The Client shall comply, and shall procure that Users comply, with the following conditions of use: 4.3.1 the Service may only be used in connection with the Client’s own business purposes; and 4.3.2 to ensure optimal User experience and for all functionality to work as intended, the Service may only be used with compatible, up-to date Internet browsers as recommended by OutThink: ΙΕ, Firefox, Chrome, Safari, Opera. 4.4 The Client’s rights to benefit from the Service does not permit the Client, or the Users, to: 4.4.1 copy, cut and paste, email, reproduce, publish, distribute, modify, create derivative works of, sell or in any way commercially exploit any part of the Service; 4.4.2 use the Service to provide outsourced services to third parties or make it available to any third party; 4.4.3 attempt to decompile (as defined in section 50B of the Copyright, Designs and Patents Act 1988) the underlying software (or any part of it) that is used to provide the Service, except and only to the extent that such restriction is prohibited pursuant to section 50B of the Copyright, Designs and Patents Act 1988; and 4.4.4 to observe, study or test the functioning of the underlying software (or any part of it) that is used to provide the Service, except and only to the extent that such restriction is prohibited pursuant to section 50B of the Copyright, Designs and Patents Act 1988. 4.5 The Client warrants that it shall, and ensure that Users shall, keep confidential and not share with any third party their passwords or access details provided to facilitate access to the Service. OutThink shall provide training and support the Client Administrator to upload the initial list of Users. Thereafter it is the responsibility of the Client to disable former Users and enable new Users using the Platform’s User management functionality. OutThink will assist with importing new Users as required. 4.6 The Client shall not, and shall ensure that the Users shall not, introduce any malicious code that may infect or cause damage to the Service or OutThink’s systems, or other Users or otherwise disrupt the provision of the Service. 4.7 The Client shall not be permitted to frame or mirror any part of the Service other than as permitted by the Documentation or with OutThink’s express written consent (such consent not to be unreasonably withheld or delayed). 4.8 OutThink reserves the right to monitor usage by all Users during the term of these SaaS T&Cs for the purpose of ensuring compliance with the terms of these SaaS T&Cs. Any audit may be carried out by OutThink or a third party authorised by OutThink. If any audit reveals that the Client or any User performing activities that are in breach of the SaaS T&Cs, OutThink reserves the right to remove such account(s). 4.9 In the event of unauthorised use of the Service by the Client or Users, OutThink reserves the right to suspend the Client or Users’ access to the Service by disabling, without prior notification, the account(s) that the Client or Users used to access the Service. 5 Suspension of Access 5.1 OutThink may suspend access to the Service to all or some of the Users if: 5.1.1 OutThink suspects that there has been any misuse of the Service or breach of these SaaS T&Cs; or 5.1.2 Following thirty (30) business days from a written warning sent by OutThink or the Reseller to the Client Accounts Payable, the Client fails to pay any sums due to OutThink or the Reseller by the due date for payment. 5.2 OutThink will notify the Client immediately after suspending the Service. 5.3 Where the reason for the suspension is suspected misuse of the Service or breach of these SaaS T&Cs, OutThink will take steps to investigate the issue and may restore or permanently suspend access at its reasonable discretion. 5.4 In relation to suspensions under clause 5.1.2, access to the Service will be restored promptly after OutThink or the Reseller receive payment in full and cleared funds. 6 Intellectual Property Rights 6.1 All Intellectual Property Rights in and to the Platform and any part of the Service belong to and shall remain vested in OutThink. 6.2 OutThink shall indemnify the Client from and against all losses which are suffered by the Client in the event that its use of the Service infringes the Intellectual Property Rights of any third party (OutThink IPR Claim) provided that OutThink shall have no such liability if the Client: 6.2.1 has caused or contributed in any material way to OutThink IPR Claim by not using the Service in accordance with these SaaS T&Cs; 6.2.2 does not notify OutThink in writing setting out full details of any OutThink IPR Claim of which it has notice as soon as is reasonably possible; 6.2.3 makes any admission of liability or agrees any settlement or compromise of the relevant OutThink IPR Claim without the prior written consent of OutThink; 6.2.4 does not let OutThink at its request and own expense have the conduct of or settle all negotiations and litigation arising from the relevant OutThink IPR Claim; or 6.2.5 does not, at OutThink’s request and own expense, give OutThink reasonable assistance in the circumstances described above. 6.3 If any OutThink IPR Claim is made or is reasonably likely to be made against the Client, OutThink shall promptly and at its own expense either: 6.3.1 procure for the Client the right to continue using the Service; or 6.3.2 modify or replace the infringing part of the Service, and without adversely affecting the functionality of the Service so as to avoid the infringement, provided that if OutThink having used its reasonable endeavours, neither of the above can be accomplished on reasonable terms, OutThink shall refund the subscription fee paid by the Client in respect of the Service. Together with the indemnity given above, this shall be the Client’s sole and exclusive remedy in respect of the Service infringing Intellectual Property Rights. 6.4 Client grants to OutThink a non-transferable non-exclusive revocable licence to use Client Marks solely for customisation of the Service, solely for the duration of these SaaS T&Cs. 7 Client Data 7.1 The Client shall not use Infringing Data on the Service. 7.2 The Client grants a royalty-free, non-transferable, non-exclusive licence for the term of these SaaS T&Cs to OutThink to use the Client Data to the extent necessary to perform the Service. 7.3 The Client acknowledges that OutThink has no control over any Client Data hosted as part of the provision of the Service and does not actively monitor the content of the Client Data. 7.4 OutThink shall notify the Client immediately if it becomes aware of any allegation that any Client Data may be Infringing Data and OutThink shall have the right to remove Client Data from the Service provided that the Client has been informed of such removal. 7.5 The Client agrees that OutThink may use aggregated and anonymised Client Data (whereby no living individual can be identified) for billing and training content improvement purposes. 8 Information security 8.1 OutThink shall be responsible for taking reasonable and prudent measures to safeguard the security of the Client Data in its possession, including operating in line with ISO/IEC 27001 including maintaining appropriate information security controls such as policy, firewalls, encryption, anti-virus protection, employee training, etc. 8.2 OutThink shall notify the Client without undue delay upon discovery of a potential data security breach impacting the Client Data. 8.3 OutThink shall not be responsible for any loss or damage to Client Data to the extent that such loss or damage was caused by the Client or a third party. 9 Data protection 9.1 Each party agrees that, in the performance of its respective obligations under these SaaS T&Cs, it shall comply with the provisions of the Data Protection Act 2018 (2018 Act) to the extent it applies to each of them. Each party will also comply with its obligations under the European Union General Data Protection Regulation (GDPR). 9.2 This Clause11 is in addition to, and does not relieve, remove or replace, a party’s obligations under the 2018 Act and GDPR. All subsequent provisions of this Clause 9 are without prejudice to the generality of this clause. 9.3 For the purpose of this clause ‘data controller’, ‘data processor’, ‘data subject’, ‘Information Commissioner’, ‘personal data’ and ‘processing’ shall have the meanings given to them in the 2018 Act. 9.4 For the purpose of this clause “Sub-Contractor(s)” means those persons with whom OutThink enters into a Sub-Contract or its or their servants or agents, and any third party with whom that third party enters into a sub-contract or its servants or agents. 9.5 The parties agree that the Client is the data controller in respect of any personal data that OutThink, the data processor, handles in the course of providing services for the Client. This does not include the business contact data processed by OutThink to allow it to manage the Client’s account). 9.6 Accordingly, OutThink agrees that it shall: 9.6.1 only carry out processing of the Client’s personal data on the Client’s instructions, such instructions at the date of these SaaS T&Cs as detailed in clause 9.8 or otherwise notified to OutThink and to process the personal data in order to provide the Services to the Client and the Users and to enable the Service to respond to automated requests by Users as part of their normal use of the Service; 9.6.2 implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing and accidental destruction or loss, so as to allow the Client to comply with the seventh data protection principle and the measures will take into account the factors specified in section 32(1) of the GDPR; 9.6.3 refer to the Client, within the relevant timescales as required by the Client, any requests, notices or other communication from data subjects, the Information Commissioner or any other law enforcement authority, for the Client to resolve. 9.7 The personal data processed will include the details of individual employees personal data which will include employee’s full name, email address and their job title within the Client’s organisation. and will relate to past and present employees only 9.8 OutThink shall maintain complete and accurate records and information to demonstrate its compliance with Clause 11 and Article 30 (2) of the GDPR and make available to the Client all information that the Client requests from time to time to enable the Client to verify that OutThink is in compliance with its obligations in this Clause 9. 9.9 OutThink, as data processor, will not transfer personal data processes on the Client’s behalf to countries outside the European Economic Area (EEA). 9.10 Notify the Client without undue delay on becoming aware of a personal data breach. 9.11 This clause shall only apply in relation to the Sub-Contracting of personal data processing under these SaaS T&Cs: 9.11.1 OutThink shall not engage or authorise a Sub-Contractor to process the personal data unless: 9.11.2 it has obtained the prior written consent of the Client (which may be granted or withheld in the Client sole discretion) before transferring the personal data to any Sub-Contractors in connection with the provision of the Service; and 9.11.3 the Sub-Contractor has either entered into a direct contract with the Client or a contract with OutThink which incorporates the provisions equivalent to those in this agreement in relation to confidentiality, data protection and security, and 9.11.4 where a Sub-contractor is appointed pursuant to this clause, OutThink shall remain liable for the acts and omissions of that Sub-Contractor as if they were the Outhink’s own. 9.12 In addition to the confidentiality obligations set out elsewhere in the SaaS T&Cs: 9.12.1 ensure that only those of the OutThink’s personnel who need to have access to the personal data are granted access and all personnel who have access to and/or process personal data are obliged to keep the personal data confidential; 9.12.2 notwithstanding this clause, in the event of written request from the Client, procure that each member of the OutThink’s personnel identified in the Client’s request signs a confidentiality undertaking in connection with these SaaS T&Cs; and 9.12.3 not publish, disclose or divulge any of the personal data to any third party (including for the avoidance of doubt the data subject itself) unless directed to do so in writing by the Client. 9.13 The Client acknowledges that OutThink is reliant on the Client alone for direction as to the extent OutThink is entitled to use and process the personal data. OutThink shall be entitled to relief from liability in circumstances where a data subject makes a claim or complaint with regards to OutThink’s actions to the extent that such actions directly result from instructions received from the Client. 9.14 On the expiry or termination of these SaaS T&Cs, OutThink shall, without prejudice to and in addition to its other obligations upon expiry or termination of these SaaS T&Cs, notify the Client of the personal data that it holds. If requested by the Client (or any replacement supplier as nominated by the Client), supply a copy of all personal data in a non-proprietary format. At the written direction of the Client OutThink shall promptly securely and permanently destroy all copies of personal data in its possession or control (other than any copy transferred to the Client in accordance with this paragraph) unless OutThink is required by law to retain any copies of such data. For the purposes of this clause, OutThink shall be the data controller in relation to any such retained personal data, and shall process it solely as necessary to comply with its obligations under the GDPR. 9.15 OutThink shall, at all times during and after the termination or expiry of the SaaS T&Cs, indemnify the Client and keep the Client indemnified against all losses, damages, costs or expenses and other liabilities (including legal fees) incurred by, awarded against or agreed to be paid by the Client arising from any breach of OutThink’s obligations under this clause, not exceeding 100% of the subscription fees due to OutThink in the 12–month period immediately preceding the first incident giving rise to the loss, except and to the extent that such liabilities have resulted directly from the Client instructions. 9.16 Without prejudice to OutThink’s obligations under the GDPR, OutThink shall take such remedial measures as may be necessary to ensure that it meets the Client security requirements at all times. In the event that OutThink is unable or unwilling to agree a remediation plan with the Client which is to the Client’s reasonable satisfaction, the Client shall be entitled to terminate these SaaS T&Cs, without liability to OutThink, upon not less than 30 days notice in writing to OutThink, during which time the Client shall be entitled, but not obliged to require OutThink to suspend the Service pending termination. 9.17 Either party may, at any time on not less than 30 days’ notice, request the other party to agree to revise this clause (such agreement not to be unreasonably withheld or delayed) by replacing it with any applicable data controller to data processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when replaced by attachment to these SaaS T&Cs with such attachment signed by both parties). 10 Confidentiality 10.1 Each party agrees that it may use the other party’s Confidential Information only in the performance of its rights and obligations under these SaaS T&Cs and that it shall not disclose the other party’s confidential information except in accordance with this clause 10. 10.2 Each party may disclose the other party’s Confidential Information to those of its employees, officers, advisers, agents or representatives who need to know the other party’s confidential information in order to perform the disclosing party’s rights and obligations under these SaaS T&Cs provided that the disclosing party shall ensure that each of its employees, officers, advisers, agents or representatives to whom confidential information is disclosed is aware of its confidential nature and complies with this clause 10 as if it were a party. 10.3 Each party may disclose any Confidential Information required by law, any court, any governmental, regulatory or supervisory authority (including any regulated investment exchange) or any other authority of competent jurisdiction. 10.4 The Client may use Deliverables derived from the Platform and share them with any holding company or subsidiary of the Client (as defined by Section 1159 of the Companies Act 2006). Client will not share such Deliverables with third parties without the written consent of OutThink, such consent not to be unreasonably withheld. 11 Limitation of liability 11.1 The extent of the parties’ liability under or in connection with these SaaS T&Cs (regardless of whether such liability arises in tort, contract or in any other way and whether or not caused by negligence or misrepresentation) shall be as set out in this clause 11. 11.2 Subject to clause 6.2, 9.5 11.6 and Schedule One, OutThink’s total liability shall not exceed: 11.2.1 100% of the subscription fees due to OutThink in relation with these SaaS T&Cs, or 11.2.2 for incidents occurring in the first 12 months of these SaaS T&Cs, an amount equal to 100% of the pro-rata subscription fees due to OutThink for that period. 11.3 Subject to clause 6.2, 9.5, 11.6 and Schedule One, neither party shall not be liable for consequential, indirect loss. 11.4 Subject to clause 11.6, neither party shall not be liable for any of the following: loss of profit, , loss of use, loss of production, , loss of opportunity, loss of savings, discount or rebate (whether actual or anticipated). 11.5 The Client’s maximum aggregate liability under these SaaS T&Cs for all breaches, including indemnities shall be limited to 100% of the Subscription Fee. 11.6 Notwithstanding any other provision of these SaaS T&Cs, the liability of the parties shall not be limited in any way in respect of the following: 11.6.1 death or personal injury caused by negligence; 11.6.2 fraud or fraudulent misrepresentation; 11.6.3 any other losses which cannot be excluded or limited by applicable law; 12 Term and Termination 12.1 These SaaS T&Cs will begin on the Commencement Date and continue for a period of twelve (the Initial Licence Term), unless otherwise terminated earlier in accordance with the provisions of these SaaS T&Cs. Following the Initial Licence Term and any renewed term, this licence shall automatically renew for successive one-year term including any fee increase notified to the Client unless either party provides written notice of its decision not to renew the licence to the other at least 30 days prior to the expiry of the then current term. 12.2 Without affecting any other right or remedy available to it, the Client may terminate these SaaS T&Cs on giving not less than 30 days written notice to OutThink. 12.3 Either Party may terminate these SaaS T&Cs at any time by giving notice in writing to the other party if: 12.3.1 either party or commits a material breach of these SaaS T&Cs and such breach is not remediable; 12.3.2 either party commits a material breach of these SaaS T&Cs which is not remedied within 30 days of receiving written notice of such breach; 12.3.3 the Client has failed to pay any amount due in relation to these SaaS T&Cs on the due date and such amount remains unpaid within 30 days after the Client has received notification that the payment is overdue; or 12.4 Either party may terminate these SaaS T&Cs at any time by giving notice in writing to the other party if that other party ceases carrying on business, enters into administration, receivership, liquidation or company voluntary arrangement or is unable to pay its debts as they fall due. 12.5 Termination or expiry of these SaaS T&Cs shall not affect any accrued rights and liabilities of either party at any time up to the date of termination. 13 Exit and Return of Client Data 13.1 In the event of termination of these SaaS T&Cs for any reason: 13.1.1 the right to access the Service provided under these SaaS T&Cs shall terminate immediately on expiry of such required notice; and 13.1.2 The Client shall, within thirty days, destroy all OutThink’s Confidential Information or Documentation in its possession or under its control. 13.2 On the termination or expiry of these SaaS T&Cs, OutThink shall destroy all Client Data from its production systems within 30 days from such termination or expiry. Client Data will continue to reside in backups for up to 12 months after termination. Such data will be retained for the life of the backup of 12 months and then destroyed. 14 Entire agreement 14.1 The parties agree that these SaaS T&Cs constitutes the entire agreement between them and supersedes all previous agreements, understandings and arrangements between them, whether in writing or oral in respect of its subject matter. 14.2 Each party acknowledges that it has not entered into these SaaS T&Cs in reliance on, and shall have no remedies in respect of, any representation or warranty that is not expressly set out in these SaaS T&Cs. No party shall have any claim for innocent or negligent misrepresentation on the basis of any statement in these SaaS T&Cs. 15 Force majeure Neither party shall have any liability under or be deemed to be in breach of these SaaS T&Cs for any delays or failures in performance of these SaaS T&Cs which result from any event beyond the reasonable control of that party. The party affected by such an event shall promptly notify the other party in writing when such an event causes a delay or failure in performance and when it ceases to do so. If such an event continues for a continuous period of more than 3 months, either party may terminate these SaaS T&Cs by written notice to the other party. 16 Notices 16.1 Notices under these SaaS T&Cs shall be in writing and sent to a party’s registered address or by email. Notices may be given, and shall be deemed received: 16.1.1 by hand: on delivery. 16.1.2 by email to office@outthink.io on delivery. 16.1.3 by email to clients registered email address on delivery. 16.2 This clause does not apply to notices given in legal proceedings or arbitration. 17 Severability 17.1 Each clause of these SaaS T&Cs is severable and distinct from the others. If any clause in these SaaS T&Cs (or part thereof) is or becomes illegal, invalid or unenforceable under applicable law, but would be legal, valid and enforceable if the clause or some part of it was deleted or modified (or the duration of the relevant clause reduced): 17.1.1 the relevant clause (or part thereof) will apply with such deletion or modification as may be required to make it legal, valid and enforceable; and 17.1.2 without limiting the foregoing, in such circumstances the parties will promptly and in good faith seek to negotiate a replacement provision consistent with the original intent of these SaaS T&Cs as soon as possible. 18 Waiver No failure, delay or omission by either party in exercising any right, power or remedy provided by law or under these SaaS T&Cs shall operate as a waiver of that right, power or remedy, nor shall it preclude or restrict any future exercise of that or any other right or remedy. No single or partial exercise of any right, power or remedy provided by law or under these SaaS T&Cs shall prevent any future exercise of it or the exercise of any other right, power or remedy. 19 Set off Each party must pay all sums that it owes to the other party under these SaaS T&Cs without any set-off, counterclaim, deduction or withholding of any kind, save as may be required by law provided that such sum is an undisputed amount. 20 Assignment No party may assign, subcontract or encumber any right or obligation under these SaaS T&Cs, in whole or in part, without the other’s prior written consent (such consent not to be unreasonably withheld or delayed). 21 Third party rights Except as expressly provided for in these SaaS T&Cs, a person who is not a party to these SaaS T&Cs shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any of the provisions of these SaaS T&Cs. 22 Governing law These SaaS T&Cs and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales. 23 Jurisdiction The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, these SaaS T&Cs, its subject matter or formation (including non-contractual disputes or claims).