TERMS OF SERVICE & DATA PROCESSING AGREEMENT

These Terms of Service and Data Processing Agreement govern the provision of services by DRYV-AI Ltd ("the Company", "we", "us").

By checking the agreement box, making a payment, or engaging our services, you ("the Client") agree to these terms in full. If you do not agree, you must not use our services.

PART A: TERMS OF SERVICE (B2B)

1. Services

DRYV-AI Ltd provides "Done For You" marketing automation and consulting services utilising third-party Customer Relationship Management (CRM) and telephony infrastructure (specifically GoHighLevel/LeadConnector).

Services include:

Website design, landing page creation, and hosting management.
QR-code and digital data capture systems.

Automated SMS review requests.

Ongoing SMS and/or email marketing automation and campaign broadcasts.

Promotional content creation and workflow design.

2. Client Responsibilities & Data Consent

Lawful Basis for Processing: The Client warrants that all customer data (including mobile numbers and email addresses) captured via the system or uploaded into the system by the Client has been obtained with explicit, lawful, and documented consent under UK data laws.

The Marketing Distinction: The Client explicitly acknowledges that under UK law, consent to receive an operational review request or transactional alert does not automatically grant consent for promotional texts. The Client warrants that any consumer targeted for ongoing promotions has specifically opted into marketing communications.

Website Intellectual Property & Hosting: Where the Company provides web design services, the Company grants the Client a non-exclusive licence to use the website and its assets for the duration of their active subscription. Full intellectual property ownership of any custom graphics or copy provided by the Client remains with the Client. The Company is not liable for website downtime, domain registration lapses, or third-party hosting disruptions.

Approval of Content: The Client retains final approval over all automation workflows, SMS message templates, and AI-generated outputs prior to live deployment.

3. Compliance, Telephony, and Network Carrier Rules

Infrastructure Compliance: DRYV-AI Ltd operates in alignment with UK GDPR and PECR. However, system functionality relies entirely on network carriers.

Regulatory Vetting: To ensure text delivery to UK mobile networks, the Client agrees to provide accurate corporate registration details (such as their Companies House Registration Number) to complete mandatory Regulatory Compliance (RC) / Know Your Customer (KYC) identity bundles.

Delivery Disclaimer: The Company is not liable for message delivery failures, signal dropouts, or carrier blocking caused by incomplete Client verification, strict telecom firewalls, or the Client's use of prohibited or unverified links.

Usage Costs: Telephony and system usage costs (including SMS transmission rates and phone number rentals) are currently included within the Client's flat-rate subscription fee up to reasonable usage limits determined by the Company. The Company reserves the right, upon providing thirty (30) days' written notice, to introduce fair-use caps, pass through carrier-imposed fees, or bill telephony costs separately as usage-based fees in the future. All paid fees remain strictly non-refundable.

4. Limitation of Liability & Indemnity

Indemnity: The Client agrees to fully indemnify, defend, and hold harmless DRYV-AI Ltd against any fines, losses, penalties, legal costs, or damages issued by the Information Commissioner’s Office (the ICO) or claimed by third parties arising from a breach of customer consent, misuse of systems, or illegal messaging practices by the Client.

Limitation: To the maximum extent permitted by law, DRYV-AI Ltd shall not be liable for any indirect or consequential losses, loss of revenue, data, profit, or business reputation. Our total liability under this agreement shall not exceed the total fees paid by the Client to us in the three (3) months preceding the claim.

5. Termination

Either party may terminate services by providing thirty (30) days' written notice. Upon termination, the Client’s access to the specific software sub-account, databases, and automated pipelines will be deactivated.

6. Governing Law

These terms are governed by and construed in accordance with the laws of England and Wales, and both parties submit to the exclusive jurisdiction of the courts of England and Wales.

PART B: DATA PROCESSING AGREEMENT (UK GDPR ARTICLE 28)

1. Scope, Relationship, and Instructions

This Data Processing Agreement (DPA) applies to all Personal Data processed by the Company on behalf of the Client while executing the Services.

The parties acknowledge and agree that the Client is the Data Controller and DRYV-AI Ltd is the Data Processor.

The Company shall process Personal Data strictly in accordance with the documented instructions of the Client, including instructions with respect to sending automated SMS and email broadcasts.

2. Details of Processing

Subject Matter & Purpose: Processing hospitality guest contact details to execute automated review requests and promotional marketing campaigns.

Duration: For the duration of the active business subscription.

Data Types: Names, mobile phone numbers, email addresses, transaction dates, and customer feedback.

Categories of Data Subjects: The Client's guests, patrons, and venue visitors.

3. Processor Obligations (DRYV-AI Ltd)

The Company covenants and agrees that it will:

Confidentiality: Ensure that all personnel authorised to handle the Personal Data have committed themselves to confidentiality.

Security: Implement appropriate technical and organisational measures to protect Personal Data against unauthorised access, loss, or alteration, utilising the secure cloud infrastructure of our underlying software vendors.

Sub-processors: The Client hereby grants generalised authorisation to the Company to engage sub-processors (specifically GoHighLevel/LeadConnector and approved telecom network operators) to deliver the Services.

Data Subject Rights: Reasonably assist the Client in responding to requests from individuals exercising their UK GDPR data rights (e.g., data erasure requests).

Breach Notification: Notify the Client without undue delay (and in any event within 48 hours) upon becoming aware of a personal data breach affecting the Client's customer data.

Data Deletion: Delete or return all Personal Data to the Client upon termination of the services, unless required by applicable law to retain copies.

4. Controller Obligations (The Client)

The Client shall ensure that a clear, functioning opt-out mechanism (e.g., "Reply STOP to unsubscribe") is actively maintained in all automated marketing steps.

The Client shall not instruct or attempt to force the Company or the platform software to bypass system-enforced Do Not Disturb (DND) or opt-out flags.

Company Information

Legal Entity: DRYV-AI Ltd

Registered Address: 203 West Street, Fareham, PO16 0EN, Hampshire, United Kingdom

Email: [email protected]

Website: https://www.dryv-ai.com