TERMS AND CONDITIONS
Platinum Support Agreement

1. Interpretation

1.1 Definitions

• Agreement - this Platinum Support Agreement.
• Business Day - a day other than a Saturday, Sunday or public holiday in England.
• Customer - {{company_name}}.
• Kinetic - {{brand_company_name}}.
• Effective Date - the start date stated in the accepted proposal, or if not stated, the date Kinetic begins delivering Platinum services.
• Service Description / Platinum Service Description - the Platinum service page/description referenced in the proposal (scope, included tooling, hours, response approach, exclusions).
• Services - the Platinum support services provided by Kinetic as described in the proposal and Service Description.
• IT Users - supported users as defined and counted in the proposal.
• Supported Devices - servers, virtual servers, desktops, laptops and other devices in scope as defined in the proposal.
• Protected Identities - identities monitored/protected under ITDR including user, shared, guest, admin and service accounts.
• Project - change work outside normal day-to-day support as described in clause 5.
• Development Work - work involving code/database/report/integration build as described in clause 5.4.
• SaaS - third-party cloud software platforms (examples listed in clause 4.4 and 17.1).

1.2 Interpretation

• References to “including” are illustrative and do not limit meaning.
• Writing includes email.
• Headings are for convenience and do not affect interpretation.

2. Services Covered - Platinum

2.1 Kinetic will provide IT support services in line with the Platinum service package as described in the accepted proposal and/or Platinum Service Description.

2.2 Services may include (subject to scope and fair usage):

• Unlimited remote and onsite support (day-to-day operational support)
• Remote Monitoring and Management (RMM), system monitoring and alerting
• Vulnerability and patch management and health checks
• Managed cyber security tooling (such as AV, EDR, ITDR, SIEM, email security and SaaS protection where included)
• Security Awareness Training (SAT) and phishing simulation where included
• Helpdesk ticket handling and third-party liaison where reasonably required
• Backup monitoring where included and accepted in writing (see clause 4)

2.3 Kinetic provides layered security controls. However, no IT or cyber security solution can guarantee prevention of all security incidents.

3. Unlimited Support, Scope and Fair Usage

3.1 “Unlimited support” means support is not capped by ticket count or hours for in-scope, day-to-day operational support, but it remains subject to scope and fair usage.

3.2 In-scope day-to-day support typically includes: user issues, Microsoft 365 administration, device troubleshooting, printer and connectivity issues, permissions changes, routine admin, and remediation of alerts generated by managed tooling where included.

3.3 Work may be out of scope or reclassified as Project work where it involves significant change, redesign, migration, major remediation, large-scale rollouts, tenant-to-tenant moves, or similar non-routine change work.

3.4 Fair usage. Kinetic may review usage where:

• the same incidents recur due to known underlying causes (for example end-of-life hardware, unsupported software, refusal to implement agreed controls); or
• the volume/complexity of requests is materially above what is reasonable for the environment and plan.

3.5 Where fair usage concerns arise, Kinetic will discuss and may propose: remediation actions, reclassification of work, or a plan/scope adjustment.

4. Backup and SaaS Data Protection

4.1 Platinum includes monitoring and management of the Customer’s existing backup systems only where:

• the backup system is operational;
• administrative access has been formally handed over; and
• Kinetic has confirmed acceptance of management responsibility in writing (including email).

4.2 Until written acceptance occurs, backup responsibility remains with the Customer.

4.3 Platinum does not automatically include backup storage, SaaS backup licensing, or long-term off-platform retention unless expressly stated in the proposal.

4.4 Where backup services for SaaS platforms are not purchased, Kinetic is not responsible for permanent data loss resulting from deletion, retention expiry, user action, corruption, platform limitation, or third-party failure. SaaS examples include (but are not limited to):

• Microsoft 365
• Google Workspace
• Dropbox
• Adobe
• Apple iCloud
• Foxit
• Salesforce
• Xero
• Sage
• Slack
• Zoom
• HubSpot
• and other cloud providers used by the Customer

4.5 Where Kinetic manages or monitors backups, Kinetic does not guarantee that backups will be free from corruption or that all data will be recoverable unless expressly agreed in writing.

5. Projects and Development Work

5.1 Work outside normal day-to-day support may be classified as a Project. Projects are typically scoped, planned and agreed before work starts.

5.2 Where bundled project time is included, it is applied as described in the proposal/Service Description. Any work beyond the included allowance is chargeable at the rate stated in the proposal (or if not stated, £90/hour + VAT).

5.3 Kinetic may require written approval (including email approval) before commencing Projects or other chargeable work outside scope.

5.4 Development Work is excluded from bundled project time unless expressly agreed in writing. Examples include (but are not limited to):

• modification of source code
• database modifications or schema changes
• design/build/generation of custom reports (including report templates and integrations)
• integration development

6. Fees and Billing

6.1 Fees are billed monthly in advance unless otherwise agreed.

6.2 Charges are based on supported users, supported devices, protected identities and any metered/usage-based services, as defined in the proposal and Service Description.

6.3 The Customer must notify Kinetic in writing of additions or removals of users, devices, identities, onboarding or offboarding. If removals are not notified, charges continue until the next billing cycle following written notification.

6.4 Onboarding and Offboarding - Failure to notify Kinetic promptly of starters/leavers may result in continued licence and security charges. Kinetic is not liable for incidents arising from failure to notify leavers promptly.

6.5 ITDR Overage - Where ITDR is included:

• Charges are based on protected identities (not only IT Users).
• A protected identity includes user, shared, guest, admin or service accounts monitored/protected.
• Additional identities above contracted users are charged at £2.00 per identity per month plus VAT.
• Kinetic may calculate identity counts using monitoring tools and/or the relevant admin portal and will provide counts on request.

6.6 All fees are exclusive of VAT, which will be charged where applicable.

6.7 Non-payment - Kinetic may suspend services for non-payment on reasonable notice. Continued non-payment may lead to termination under clause 8.

7. Supplier and Third-Party Price Increases

7.1 Kinetic may pass on supplier or third-party price increases where those services form part of the Customer’s solution.

7.2 If pricing materially changes, Kinetic may:

• pass through the increase;
• offer an alternative solution; or
• remove the affected service on reasonable notice where continuation is commercially unviable.

7.3 Where a third-party service has a minimum term, the Customer remains responsible for those charges even if this Agreement ends (see clause 11).

8. Term, Renewal and Termination

8.1 This Agreement starts on the Effective Date and continues for the fixed term selected in the proposal (the “Initial Term”).

8.2 After the Initial Term, this Agreement continues on a rolling monthly basis unless terminated in accordance with this clause.

8.3 The Customer may terminate by giving at least 30 days’ written notice, effective no earlier than the end of the Initial Term, and after the Initial Term by giving at least 30 days’ written notice.

8.4 Kinetic may terminate by giving at least 30 days’ written notice.

8.5 Kinetic may suspend or terminate immediately where invoices remain unpaid after the due date and reasonable notice has been given, or where continued service presents unacceptable security, legal or operational risk (see clause 19).

8.6 Termination does not remove liability for third-party minimum terms, early termination charges or committed subscriptions (see clause 11).

9. 90-Day Guarantee (New Agreements Only)

9.1 The 90-day money-back guarantee applies only where expressly included in the proposal (typically for new agreements / “new logo” customers).

9.2 Where applicable, the guarantee covers support fees only. It excludes third-party licences, hardware, projects, backup storage/licensing, usage-based charges and other third-party services.

9.3 To claim under the guarantee, the Customer must give written notice within the first 90 days and allow Kinetic a reasonable opportunity to remedy service issues.

10. Customer Responsibilities

10.1 The Customer will provide reasonable cooperation, timely responses, and access required to deliver the Services.

10.2 Staffing changes - The Customer must notify Kinetic promptly of starters, leavers, role changes and contractors.

10.3 Infrastructure changes - The Customer must notify Kinetic of network changes, hosting changes, ISP changes, security configuration changes, hardware relocation and system additions.

10.4 Third-party attendance - The Customer must notify Kinetic before third-party engineers attend site to work on supported systems. Kinetic is not responsible for faults or incidents caused by unauthorised changes or actions by third parties.

10.5 The Customer remains responsible for maintaining legal licensing rights for all systems and services in use.

10.6 The Customer is responsible for its users’ behaviour and internal policies (including acceptable use, password hygiene and safe handling of data).

11. Third-Party Services and Minimum Terms

11.1 Kinetic may supply, configure, manage or liaise with third-party services. Kinetic does not control third-party networks or platforms.

11.2 Minimum terms, renewals, early termination charges and price increases from third-party providers remain the Customer’s responsibility even if this Agreement ends.

11.3 Examples include (but are not limited to): leased lines, broadband/FTTP, mobile SIMs, hosted telephony, Microsoft licensing/commitments, cloud hosting, backup storage/licensing, SaaS subscriptions, and internet provision.

11.4 Kinetic is not liable for third-party outages or failures.

12. Confidentiality

12.1 Each party will keep confidential information confidential and use it only to perform obligations under this Agreement, unless disclosure is required by law.

12.2 Confidential information may be disclosed to employees/contractors/subcontractors who need to know, provided they are bound by confidentiality obligations.

13. Data Protection

13.1 The Customer remains the Data Controller for its data. Kinetic acts as Data Processor where applicable.

13.2 Each party will comply with applicable UK data protection laws. Where required, a separate data processing agreement may apply.

13.3 Kinetic is not liable for regulatory fines, penalties or enforcement action arising from:

• the Customer’s internal data handling practices;
• user behaviour;
• failure to follow security recommendations; or
• third-party system compromise.

14. Liability and Business Interruption

14.1 Nothing in this Agreement limits or excludes liability for death or personal injury caused by negligence, fraud, or any liability that cannot be excluded by law.

14.2 Kinetic is not liable for indirect or consequential loss.

14.3 Kinetic is not liable for: loss of revenue, loss of profit, loss of goodwill, loss of business opportunity, or business interruption.

14.4 Total aggregate liability arising under or in connection with this Agreement is limited to the fees paid by the Customer to Kinetic for the Services in the three (3) months immediately preceding the event giving rise to the claim.

14.5 These exclusions apply whether arising from security incidents, system failure, SaaS outage, backup failure, or delayed response. Nothing in this clause limits liability that cannot legally be excluded.

15. Security Controls and Ransomware Events

15.1 Kinetic provides layered cyber security tooling and monitoring as described in the Service Description. However, no cyber security solution can guarantee prevention of all security incidents.

15.2 Kinetic does not warrant that the Services will prevent: ransomware, malware infection, phishing compromise, credential theft, data exfiltration, or zero-day exploits.

15.3 In the event of a security incident, Kinetic will provide reasonable assistance in containment, remediation and recovery, but is not responsible for ransom payments, loss of revenue, reputational damage, regulatory penalties, or third-party claims.

15.4 The Customer remains responsible for maintaining appropriate cyber insurance coverage.

16. Mandatory Security Controls and Refusal of Advice

16.1 Kinetic may make security recommendations including (but not limited to): enabling MFA, replacing end-of-life systems, applying critical patches, implementing backup services, and removing unsupported software.

16.2 Where the Customer refuses or delays implementation of recommended security controls, Kinetic shall not be liable for any loss, damage, breach or incident arising directly or indirectly from that refusal.

16.3 Kinetic reserves the right to reclassify support scope, limit liability exposure, or suspend services where refusal creates a material risk.

17. Third-Party SaaS Availability

17.1 Kinetic does not control or operate third-party SaaS platforms including (but not limited to): Microsoft 365, Google Workspace, Dropbox, Adobe, Apple iCloud, Foxit, Salesforce, Xero, Sage, Slack, Zoom, HubSpot or other cloud providers used by the Customer.

17.2 Kinetic is not responsible for SaaS outages, service degradation, platform-side data loss, changes in retention policy, or vendor security incidents.

17.3 Kinetic’s responsibility is limited to configuration and management within the administrative access available to it.

18. Backup and Recovery Limitation

18.1 Where backup services are provided or managed, Kinetic will use reasonable care in monitoring and managing backup systems.

18.2 Kinetic does not guarantee that backups will be free from corruption, that all data can be restored, or that recovery time objectives will meet specific business needs unless expressly agreed in writing.

18.3 Kinetic’s liability in relation to backup failure is limited to the cost of re-performing the affected backup service.

19. Suspension, Unacceptable Risk and Staff Abuse

19.1 Kinetic may suspend or terminate services immediately where continued service presents unacceptable security, legal or operational risk.

19.2 Kinetic may suspend or terminate services immediately where the Customer or its representatives engage in abusive, threatening or inappropriate behaviour toward Kinetic staff (verbal, written or physical). Kinetic operates a zero-tolerance policy toward abuse.

20. Price Adjustment (RPI)

20.1 On each contract anniversary, Platinum service fees will increase by the percentage change in the UK Retail Price Index (RPI) over the preceding 12 months.

20.2 The annual increase will be a minimum of 2%. If RPI is zero or negative, fees will still increase by 2% and no reduction will apply.

21. Subcontracting, Assignment and Change of Control

21.1 Kinetic may subcontract the performance of any part of the Services. Kinetic remains responsible for delivery under this Agreement.

21.2 The Customer may not assign or transfer its rights or obligations under this Agreement without Kinetic’s prior written consent (not to be unreasonably withheld).

21.3 Kinetic may assign or transfer its rights under this Agreement to an affiliate or a successor business in connection with a merger, acquisition, reorganisation, or sale of all or substantially all of its business/assets relating to this Agreement.

22. Notices

22.1 Notices must be in writing and delivered by email or post to the addresses stated in the proposal (or the registered office for formal notices).

22.2 Email notices are deemed received on the next Business Day after sending, provided no delivery failure is received.

23. Force Majeure

23.1 Neither party is liable for delay or failure to perform obligations (excluding payment) caused by events beyond reasonable control including power failure, internet outage, fire, flood, severe weather, supply chain disruption, or third-party platform failure.

23.2 Force majeure does not excuse the Customer’s obligation to pay amounts due.

24. General

24.1 Severability - if any provision is invalid or unenforceable, the remainder stays in force.

24.2 Amendments - any amendments must be agreed in writing.

24.3 No partnership or agency - nothing creates a partnership, joint venture or agency relationship.

24.4 Third party rights - no third party has rights under the Contracts (Rights of Third Parties) Act 1999.

25. Governing Law

This Agreement is governed by the laws of England and Wales.

26. Entire Agreement

This Agreement, the proposal and the Platinum Service Description form the entire agreement between the parties. Any amendments must be agreed in writing.