Cloud Service Agreement
This Cloud Service Agreement (the "Agreement") governs Customer's access to and use of the Product and related Services provided by Provider. The Agreement consists of these Framework Terms, the applicable Order Form, the Data Processing Addendum, and any product-specific addenda or schedules expressly incorporated by reference.
1. Service
1.1 Access and Use.
During the Subscription Period and subject to the terms of this Agreement, Customer may (a) access and use the Cloud Service; and (b) copy and use the included Software and Documentation only as needed to access and use the Cloud Service, in each case, for its internal business purposes.
Customer may permit its Affiliates to access and use the Cloud Service under this Agreement without each Affiliate being required to enter into a separate agreement with Provider, provided that: (i) Customer remains fully responsible for each Affiliate's compliance with all terms of this Agreement, and any breach by an Affiliate is deemed a breach by Customer; (ii) Customer is the sole contracting counterparty for all Affiliates and Provider's obligations run only to Customer; (iii) Affiliates may access the Cloud Service only through Customer's account structure; and (iv) Affiliates are not third-party beneficiaries and acquire no independent rights against Provider.
1.2 User Accounts.
Customer is responsible for all actions on Users' accounts and for all Users' compliance with this Agreement. Customer and Users must protect the confidentiality of their passwords and login credentials. Customer will promptly notify Provider if it suspects or knows of any fraudulent activity with its accounts, passwords, or credentials, or if they become compromised.
1.3 Feedback and Usage Data.
Customer may, but is not required to, give Provider Feedback, in which case Customer gives Feedback "AS IS". Provider may use all Feedback freely without any restriction or obligation. In addition, Provider may collect and analyse Usage Data, and Provider may freely use Usage Data to maintain, improve, enhance, and promote Provider's products and services without restriction or obligation. However, Provider may only disclose Usage Data to others if the Usage Data is aggregated and does not identify Customer or Users.
1.4 Customer Content.
Provider may copy, display, modify, and use Customer Content only as needed to provide and maintain the Product and related offerings. Customer is responsible for the accuracy, completeness, lawfulness, and content of Customer Content.
1.5 Payroll Processing and Payment Facilitation.
Customer acknowledges that, where applicable, Provider acts as a limited payment agent solely for the purpose of facilitating disbursements instructed and funded by Customer, and as a payroll processor for services provided in connection with the applicable Order Form and each relevant Service, using payment methods supported by Provider or by Provider's approved payment service providers, banking partners, payroll management providers, or other approved third-party providers.
Customer remains solely responsible for:
(a) the accuracy, completeness, and lawfulness of all payroll, employee, contractor, beneficiary, tax, employment, compensation, and payment information submitted to Provider;
(b) reviewing and approving payroll calculations, payment files, payee details, and disbursement instructions before processing;
(c) ensuring that all required funds are received by Provider in cleared funds and in sufficient time to process the relevant payroll or payment cycle;
(d) complying with all employment, labour, tax, immigration, social security, end-of-service, benefits, wage protection, and payroll-related obligations applicable to Customer, its Affiliates, employees, contractors, and payees; and
(e) obtaining all approvals, authorisations, consents, notices, and lawful bases required to process and disburse payments.
Provider is responsible only for processing Customer's approved instructions in accordance with the Agreement, the applicable Order Form, and the information and cleared funds actually received by Provider. Provider has no obligation to process any payroll, salary, contractor, employee, or other payment instruction unless Customer has provided complete and accurate information, all required approvals, and sufficient cleared funds.
Payment service providers, banks, correspondent banks, intermediary banks, payroll partners, foreign exchange providers, and other third-party financial institutions may be used to facilitate payments. Provider is not responsible for, and assumes no liability for, delays, rejections, deductions, transaction fees, foreign exchange fees, SWIFT charges, intermediary bank fees, beneficiary bank charges, weekend or public holiday delays, payment rail cut-off times, beneficiary bank issues, incorrect beneficiary information provided by Customer or a payee, sanctions screening, compliance reviews, regulatory holds, or any other act or omission of a third-party bank, payment service provider, payroll partner, foreign exchange provider, or financial institution.
Provider may delay, reject, suspend, or refuse to process any payment instruction where Provider reasonably believes that processing the payment may breach Applicable Laws, sanctions, anti-money laundering requirements, banking partner requirements, payment partner requirements, internal compliance policies, or risk controls. Provider will use commercially reasonable efforts to notify Customer where permitted by Applicable Laws and applicable partner requirements.
1.6 Subprocessors and Third-Party Service Providers.
Customer acknowledges that Provider may use Affiliates, subprocessors, vendors, payment service providers, banks, payroll partners, infrastructure providers, hosting providers, identity verification providers, analytics providers, support tools, and other third-party service providers to provide, secure, support, improve, or operate the Product and related Services.
To the extent any such third party processes Personal Data on Provider's behalf as a subprocessor, Provider will:
(a) enter into a written agreement with the subprocessor imposing data protection obligations that are no less protective in substance than those applicable to Provider under the DPA;
(b) remain responsible for the subprocessor's performance of its data processing obligations; and
(c) maintain a list of subprocessors or make such list available to Customer upon request or through Provider's website.
Provider may update its subprocessors from time to time. Where required by Applicable Data Protection Laws or the DPA, Provider will provide Customer with notice of any material new subprocessor and an opportunity to object on reasonable data protection grounds. If Customer reasonably objects to a new subprocessor and the parties cannot resolve the objection in good faith, Customer may terminate the affected Service in accordance with the DPA or the applicable Order Form.
Third-party banks, payment service providers, payroll partners, foreign exchange providers, and regulated financial institutions used to execute or facilitate payment instructions may act as independent controllers, independent service providers, or processors depending on the nature of the relevant service and Applicable Laws. Provider is not responsible for the acts or omissions of such third parties except to the extent expressly required under the Agreement or Applicable Laws.
1.7 Product-Specific Terms.
Certain sections of this Agreement apply only where the relevant Service, module, feature, or product is expressly included in an Order Form or otherwise enabled for Customer in writing.
Without limiting the foregoing:
(a) the payroll processing and payment facilitation terms apply only to the extent Customer uses Provider for payroll processing, salary disbursement, contractor payments, employer-of-record support, or other payment-related services;
(b) the AI-powered features and candidate data terms apply only to the extent Customer uses any AI-powered recruiting, candidate sourcing, candidate enrichment, scoring, ranking, recommendation, or similar recruiting-related feature; and
(c) the placement fee and candidate attribution terms apply only to the extent the applicable Order Form includes recruiting, candidate sourcing, introduction, placement, or success-fee-based services.
If a Service, module, feature, or product is not included in the applicable Order Form and has not otherwise been enabled for Customer in writing, the related product-specific terms will not apply to Customer.
2. Restrictions and Obligations
2.1 Restrictions on Customer.
Except as expressly permitted by this Agreement, Customer will not, and will not allow anyone else to:
(i) reverse engineer, decompile, or attempt to discover any source code or underlying ideas or algorithms of the Product, except to the extent Applicable Laws prohibit this restriction;
(ii) provide, sell, transfer, sublicense, lend, distribute, rent, or otherwise allow others to access or use the Product;
(iii) remove any proprietary notices or labels;
(iv) copy, modify, or create derivative works of the Product;
(v) conduct security or vulnerability tests on, interfere with the operation of, cause performance degradation of, or circumvent access restrictions of the Product;
(vi) access accounts, information, data, or portions of the Product to which Customer does not have explicit authorisation;
(vii) use the Product to develop a competing service or product;
(viii) use the Product with any High Risk Activities or with any activity prohibited by Applicable Laws;
(ix) use the Product to obtain unauthorised access to anyone else's networks or equipment; or
(x) upload, submit, or otherwise make available to the Product any Customer Content to which Customer and Users do not have the proper rights.
Use of the Product must comply with all Documentation and Use Limitations.
2.2 Suspension.
If Customer (a) has an outstanding, undisputed balance on its account for more than 30 days, and Provider has given Customer at least 10 days' written notice of the delinquency; (b) breaches Section 2.1 (Restrictions on Customer); or (c) uses the Product in a way that creates a material security risk or disruption to the Product or other customers, then Provider may temporarily suspend Customer's access to the Product. Provider will use commercially reasonable efforts to provide advance notice of any suspension except where immediate suspension is required to prevent ongoing harm, in which case Provider will notify Customer as soon as practicable after suspension. Provider will limit any suspension to the affected services or features where feasible. Provider will reinstate Customer's access to the Product only if Customer resolves the underlying issue.
3. Privacy and Security
3.1 Personal Data and Data Processing.
Provider acts as a data processor in respect of Personal Data submitted by Customer through the Cloud Service, and Customer acts as the data controller of such Personal Data. The parties' rights and obligations with respect to Personal Data are governed by the Data Processing Addendum ("DPA") available on the cercli.com website or otherwise made available by Provider, which is incorporated into this Agreement by reference. In the event of any conflict between this Agreement and the DPA, the DPA prevails with respect to Personal Data.
3.2 Applicable Data Protection Laws.
Each party will comply with all Applicable Data Protection Laws, which include, without limitation and to the extent applicable to the relevant processing: (a) EU Regulation 2016/679 (GDPR) and any national implementing legislation; (b) the DIFC Data Protection Law No. 5 of 2020 and its implementing regulations; (c) the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data and its executive regulations; (d) the ADGM Data Protection Regulations 2021, where applicable; and (e) any other applicable data protection or privacy laws in the jurisdictions in which Customer processes or uses Personal Data.
3.3 Security Standards.
Provider maintains, and will continue to maintain throughout the Subscription Period, commercially reasonable technical and organisational security controls designed to protect Customer Content and Personal Data. Provider's security programme is aligned with recognised security frameworks, including SOC 2 and ISO 27001 principles. Provider may make available security documentation, summaries, questionnaires, or audit-related information upon written request, subject to appropriate confidentiality obligations.
3.4 Payroll Data and Prohibited Data.
Customer may submit Payroll Data and employee onboarding data reasonably required for the Cloud Service, including bank account details, government identification, tax information, employment information, compensation data, nationality, residency information, visa or immigration information, and other employee, contractor, beneficiary, or payee information required to provide the applicable Services, provided such data is submitted in accordance with this Agreement, the DPA, and Applicable Laws.
Customer will not, and will not allow anyone else to, submit Prohibited Data to the Product unless such data is expressly required for the applicable Service, expressly authorised by the Order Form, or otherwise agreed by Provider in writing. Customer remains responsible for ensuring that any Personal Data, Payroll Data, sensitive data, or special category data submitted to the Product is necessary, accurate, lawful, and supported by all required notices, consents, lawful bases, and authorisations.
3.5 Provider Security Obligations.
Provider will implement and maintain a comprehensive information security programme that includes, at minimum, the following safeguards to protect Customer Content and Personal Data against unauthorised access, disclosure, alteration, or destruction:
(a) technical controls, including encryption of data in transit using TLS 1.2 or higher, encryption of data at rest where appropriate, access controls based on the principle of least privilege, multi-factor authentication for administrative access to production systems, and vulnerability management and patching processes;
(b) organisational controls, including security awareness training for personnel with access to Customer Content, background checks for personnel in roles with access to production systems to the extent permitted by Applicable Laws, and a designated security function responsible for the information security programme;
(c) operational controls, including regular penetration testing by qualified third parties, a documented incident response plan, and business continuity and disaster recovery procedures appropriate for a production HR and payroll platform; and
(d) security framework alignment, including controls aligned with recognised industry standards such as SOC 2 and ISO 27001 principles. If Provider obtains and maintains a formal SOC 2, ISO 27001, or equivalent certification or audit report, Provider may make a summary or relevant report available to Customer upon written request, subject to appropriate confidentiality obligations.
3.6 Security Incident Notification.
Provider will notify Customer without undue delay, and in any event within seventy-two (72) hours, upon becoming aware of a confirmed or reasonably suspected security incident that has or may have compromised the confidentiality, integrity, or availability of Customer Content or Personal Data. Such notification will include, to the extent known at the time: (i) a description of the nature of the incident; (ii) the categories and approximate volume of Customer Content or Personal Data affected; (iii) the likely consequences; and (iv) the measures taken or proposed to address the incident. Provider will cooperate with Customer in any investigation and remediation and will provide updates as further information becomes available.
4. Payment and Taxes
4.1 Fees.
All Fees are exclusive of taxes. Except for the prorated refund of prepaid Fees allowed with specific termination rights given in the Agreement, Fees are non-refundable.
4.2 Invoicing.
For a Payment Process with invoicing, Provider will send invoices for usage-based Fees and disbursement funds in arrears and for all other Fees in advance, in each case according to the Payment Process. Additional seats activated during the Subscription Period will be billed quarterly in arrears at the per-seat rate set forth in the Cloud Service Fees table, prorated for the remaining months of the Subscription Period. No additional Order Form is required unless the applicable Order Form states otherwise.
4.3 Automatic Payment.
For a Payment Process with automatic payment, Provider will automatically charge the credit card, debit card, or other payment method on file for Fees according to the Payment Process and Customer authorises all such charges. In this case, Provider will make a copy of Customer's bills or transaction history available to Customer.
4.4 Taxes.
Customer is responsible for all duties, taxes, and levies that apply to Fees, including sales, use, VAT, GST, or withholding, that Provider itemises and includes in an invoice. However, Customer is not responsible for Provider's income taxes.
4.5 Payment.
Customer will pay Provider Fees and taxes in U.S. Dollars and UAE Dirhams, unless the Order Form specifies a different currency, according to the Payment Process.
4.6 Fee Cap at Renewal.
For Customers with a Subscription Period of at least 12 months where the scope of use has not materially changed, Provider will not increase the applicable Fees at renewal by more than five percent (5%). Provider will give Customer at least 60 days' written notice of any fee increase prior to the renewal date.
4.7 Late Payment Interest.
Overdue amounts will accrue interest at the rate of 1.5% per month, or the maximum rate permitted by Applicable Laws if lower, from the due date until the date of payment. Provider may also suspend services in accordance with Section 2.2 (Suspension) for amounts overdue by more than 30 days following written notice.
4.8 Payment Dispute.
If Customer has a good-faith disagreement about the Fees charged or invoiced, Customer must notify Provider about the dispute before payment is due, or within 30 days of an automatic payment, and must pay all undisputed amounts on time. The parties will work together to resolve the dispute within 15 days. If no resolution is agreed, each party may pursue any remedies available under the Agreement or Applicable Laws.
5. Term and Termination
5.1 Order Form and Agreement.
For each Order Form, the Agreement will start on the Order Date, continue through the Subscription Period, and automatically renew for additional Subscription Periods unless one party gives notice of non-renewal to the other party at least 60 days prior to the end of the then-current Subscription Period.
5.2 Framework Terms.
These Framework Terms will start on the Effective Date and continue for the longer of one year or until all Order Forms governed by the Framework Terms have ended.
5.3 Termination.
Either party may terminate the Framework Terms or an Order Form immediately: (a) if the other party fails to cure a material breach of the Framework Terms or an Order Form following 30 days' notice; (b) upon notice if the other party (i) materially breaches the Framework Terms or an Order Form in a manner that cannot be cured; (ii) dissolves or stops conducting business without a successor; (iii) makes an assignment for the benefit of creditors; or (iv) becomes the debtor in insolvency, receivership, or bankruptcy proceedings that continue for more than 60 days.
5.4 Effect of Termination.
Termination of the Framework Terms will automatically terminate all Order Forms governed by the Framework Terms. Upon any expiration or termination:
(a) Customer will no longer have any right to use the Product.
(b) Provider will make Customer Content available for export in a standard machine-readable format for a period of 30 days following termination. After such period, Provider will, at Customer's election, return or securely delete Customer Content from production systems. All backup or archival copies will be purged within 90 days. Provider will confirm deletion in writing upon Customer's request. Provider may retain Customer Content to the extent required by Applicable Laws, subject to continued application of the confidentiality obligations in Section 10.
(c) Each Recipient will return or destroy Discloser's Confidential Information in its possession or control.
(d) Provider will submit a final bill or invoice for all outstanding Fees accrued before termination and Customer will pay the invoice according to Section 4 (Payment and Taxes).
5.5 Survival.
The following sections will survive expiration or termination of the Agreement: Section 1.3 (Feedback and Usage Data), Section 2.1 (Restrictions on Customer), Section 3.2 (Applicable Data Protection Laws), Section 3.4 (Payroll Data and Prohibited Data), Section 3.5 (Provider Security Obligations), Section 3.6 (Security Incident Notification), Section 4 (Payment and Taxes) for Fees accrued or payable before expiration or termination, Section 5.4 (Effect of Termination), Section 5.5 (Survival), Section 6 (Representations and Warranties), Section 7 (Disclaimer of Warranties), Section 8 (Limitation of Liability), Section 9 (Indemnification), Section 10 (Confidentiality), Section 10.5 (Confidentiality Period), Section 11 (Reservation of Rights), Section 12 (General Terms), Section 12.4 (Dispute Resolution), and Section 15 (Definitions).
Each Recipient may retain Discloser's Confidential Information in accordance with its standard backup or record retention policies maintained in the ordinary course of business or as required by Applicable Laws, in which case Section 3 (Privacy and Security) and Section 10 (Confidentiality) will continue to apply to retained Confidential Information.
5.6 Trial Period Termination.
Notwithstanding the above, Customer may terminate this Agreement without cause by providing written notice to Provider at any time during the first thirty (30) days (the "Trial Period"), provided Customer and Provider have agreed to such a Trial Period in the applicable Order Form. If such notice is received, this Agreement shall terminate at the end of the Trial Period and no further fees shall be payable except for Fees accrued before termination and any non-cancellable third-party costs expressly stated in the Order Form. If no notice is received within the Trial Period, the Agreement shall continue for the remainder of the Subscription Period in accordance with Section 5.1.
6. Representations and Warranties
6.1 Mutual.
Each party represents and warrants to the other that: (a) it has the legal power and authority to enter into this Agreement; (b) it is duly organised, validly existing, and in good standing under the Applicable Laws of the jurisdiction of its origin; and (c) it will comply with all Applicable Laws in performing its obligations or exercising its rights in this Agreement.
6.2 From Customer.
Customer represents and warrants that it, all Users, and anyone submitting Customer Content each have and will continue to have all rights necessary to submit or make available Customer Content to the Product and to allow the use of Customer Content as described in the Agreement.
6.3 From Provider.
Provider represents and warrants to Customer that it will not materially reduce the general functionality of the Cloud Service during the Subscription Period.
6.4 Provider Warranty Remedy.
If Provider breaches the warranty in Section 6.3 (From Provider), Customer must give Provider notice, with enough detail for Provider to understand or replicate the issue, within 45 days of discovering the issue. Within 45 days of receiving sufficient details of the warranty issue, Provider will attempt to restore the general functionality of the Cloud Service. If Provider cannot resolve the issue, Customer may terminate the affected Order Form and Provider will pay to Customer a prorated refund of prepaid Fees for the remainder of the Subscription Period. Provider's restoration obligation, and Customer's termination right, are Customer's only remedies if Provider does not meet the warranty in Section 6.3.
7. Disclaimer of Warranties
Provider makes no guarantees that the Product will always be safe, secure, or error-free, or that it will function without disruptions, delays, or imperfections. The warranties in Section 6 (Representations and Warranties) do not apply to any misuse or unauthorised modification of the Product, nor to any product or service provided by anyone other than Provider. Except for the warranties in Section 6, Provider and Customer each disclaim all other warranties and conditions, whether express or implied, including the implied warranties and conditions of merchantability, fitness for a particular purpose, title, and non-infringement. These disclaimers apply to the maximum extent permitted by Applicable Laws.
8. Limitation of Liability
8.1 General Liability Cap.
Subject to Sections 8.3, 8.4, and 8.5, each party's total cumulative liability to the other for all claims arising out of or relating to this Agreement, whether in contract, tort, including negligence, breach of statutory duty or otherwise, will not exceed the total Fees paid or payable by Customer under the relevant Order Form in the twelve (12) months immediately preceding the event giving rise to the claim (the "General Cap").
8.2 Damages Waiver.
Subject to Sections 8.3, 8.4, and 8.5, neither party will be liable to the other for: (a) loss of profits or revenue, whether direct or indirect; (b) loss of business or contracts; (c) loss of anticipated savings; (d) loss of goodwill or reputation; or (e) any indirect, consequential, special, exemplary, or punitive damages, in each case however arising, even if the party has been advised of the possibility of such losses in advance.
8.3 Exceptions: Uncapped Liability.
The limitations in Sections 8.1 and 8.2 do not apply to liability arising from:
(a) fraud or wilful misconduct by a party; or
(b) any liability that cannot lawfully be excluded or limited under Applicable Laws.
8.4 Enhanced Cap: Data Protection and Indemnification.
The following claims are subject to an enhanced cap of two hundred percent (200%) of the total Fees paid or payable by Customer in the twelve (12) months preceding the event giving rise to the claim (the "Enhanced Cap"), which is a separate and additional cap to the General Cap:
(a) claims arising from a material breach of Section 3 (Privacy and Security) or the DPA with respect to Personal Data; and
(b) claims under Section 9 (Indemnification) in respect of third-party intellectual property claims.
8.5 Payroll Disbursement Cap.
Notwithstanding Sections 8.1 and 8.4, to the extent a claim arises directly from Provider's failure to correctly process a payroll disbursement or payment instruction for which Provider has received complete and accurate Customer-approved instructions and sufficient cleared funds, Provider's total cumulative liability for such claim will not exceed an amount equal to one hundred percent (100%) of the payroll or payment amount actually received by Provider and in flight for the affected payee or affected payment batch at the time of the event giving rise to the claim.
For the purposes of this Section, "in flight" means funds that have been received by Provider in cleared funds from Customer for the specific payroll or payment instruction and that have not yet been successfully credited to the intended beneficiary, returned to Customer, or otherwise reconciled.
This payroll disbursement cap does not apply to delays, deductions, rejections, failed payments, foreign exchange costs, intermediary bank charges, beneficiary bank fees, sanctions screening, compliance holds, incorrect or incomplete Customer instructions, insufficient or late funding, third-party payment provider issues, banking partner issues, or other matters outside Provider's reasonable control.
The limitations in this Section are subject to Section 8.3 and do not limit liability that cannot lawfully be excluded or limited under Applicable Laws.
8.6 Applicability.
The limitations and waivers in this Section 8 apply to all forms of liability, including contract, tort, including negligence, breach of statutory duty, and indemnity, and reflect a reasonable allocation of risk between the parties having regard to the Fees payable under this Agreement.
9. Indemnification
9.1 Protection by Provider.
Provider will indemnify, defend, and hold harmless Customer from and against all Provider Covered Claims made by someone other than Customer, Customer's Affiliates, or Users, and all out-of-pocket damages, awards, settlements, costs, and expenses, including reasonable attorneys' fees and other legal expenses, that arise from the Provider Covered Claims.
9.2 Protection by Customer.
Customer will indemnify, defend, and hold harmless Provider from and against all Customer Covered Claims made by someone other than Provider or its Affiliates, and all out-of-pocket damages, awards, settlements, costs, and expenses, including reasonable attorneys' fees and other legal expenses, that arise from the Customer Covered Claims.
9.3 Procedure.
The Indemnifying Party's obligations in this section are contingent upon the Protected Party: (a) promptly notifying the Indemnifying Party of each Covered Claim for which it seeks protection; (b) providing reasonable assistance to the Indemnifying Party at the Indemnifying Party's expense; and (c) giving the Indemnifying Party sole control over the defence and settlement of each Covered Claim. A Protected Party may participate in a Covered Claim with its own attorneys only at its own expense. The Indemnifying Party may not agree to any settlement that contains an admission of fault or otherwise materially and adversely impacts the Protected Party without the prior written consent of the Protected Party.
9.4 Changes to Product.
If required by settlement or court order, or if deemed reasonably necessary in response to a Provider Covered Claim, Provider may: (a) obtain the right for Customer to continue using the Product; (b) replace or modify the affected component of the Product without materially reducing the general functionality of the Product; or (c) if neither (a) nor (b) are reasonable, terminate the affected Order Form and issue a pro-rated refund of prepaid Fees for the remainder of the Subscription Period.
9.5 Exclusions.
Provider's obligations as an Indemnifying Party will not apply to Provider Covered Claims that result from (i) modifications to the Product not authorised by Provider or made in compliance with Customer's instructions; (ii) unauthorised use of the Product; (iii) use of the Product in combination with items not provided by Provider; or (iv) use of an old version of the Product where a newer release would avoid the Provider Covered Claim. Customer's obligations as an Indemnifying Party will not apply to Customer Covered Claims that result from the unauthorised use of the Customer Content.
9.6 Exclusive Remedy.
This Section 9 (Indemnification), together with any termination rights, describes each Protected Party's exclusive remedy and each Indemnifying Party's entire liability for a Covered Claim.
10. Confidentiality
10.1 Non-Use and Non-Disclosure.
Except as otherwise authorised in the Agreement or as needed to fulfil its obligations or exercise its rights under this Agreement, Recipient will not (a) use Discloser's Confidential Information; nor (b) disclose Discloser's Confidential Information to anyone else. In addition, Recipient will protect Discloser's Confidential Information using at least the same protections Recipient uses for its own similar information but no less than a reasonable standard of care.
10.2 Exclusions.
Confidential Information does not include information that (a) Recipient knew without any obligation of confidentiality before disclosure by Discloser; (b) is or becomes publicly known and generally available through no fault of Recipient; (c) Recipient receives under no obligation of confidentiality from someone else who is authorised to make the disclosure; or (d) Recipient independently developed without use of or reference to Discloser's Confidential Information.
10.3 Required Disclosures.
Recipient may disclose Discloser's Confidential Information to the extent required by Applicable Laws if, unless prohibited by Applicable Laws, Recipient provides Discloser reasonable advance notice of the required disclosure and reasonably cooperates, at Discloser's expense, with Discloser's efforts to obtain confidential treatment for the Confidential Information.
11. Reservation of Rights
10.4 Permitted Disclosures.
Recipient may disclose Discloser's Confidential Information to Users, employees, advisors, contractors, and representatives who each have a need to know the Confidential Information, but only if the person or entity is bound by confidentiality obligations at least as protective as those in this Section 10 (Confidentiality) and Recipient remains responsible for everyone's compliance with the terms of this Section 10.
10.5 Confidentiality Period.
The obligations in this Section 10 will continue for five (5) years following the expiration or termination of this Agreement, except that obligations with respect to trade secrets will continue for as long as the information remains a trade secret under Applicable Laws.
Except for the limited licence to copy and use Software and Documentation in Section 1.1 (Access and Use), Provider retains all right, title, and interest in and to the Product, whether developed before or after the Effective Date. Except for the limited rights in Section 1.4 (Customer Content), Customer retains all right, title, and interest in and to the Customer Content.
12. General Terms
12.1 Entire Agreement.
This Agreement is the only agreement between the parties about its subject and this Agreement supersedes all prior or contemporaneous statements, whether in writing or not, about its subject. Provider expressly rejects any terms included in Customer's purchase order or similar document, which may only be used for accounting or administrative purposes. No terms or conditions in any Customer documentation or online vendor portal will apply to Customer's use of the Product unless expressly agreed to in a legally binding written agreement signed by an authorised Provider representative.
12.2 Modifications, Severability, and Waiver.
Any waiver, modification, or change to the Agreement must be in writing and signed or electronically accepted by each party. If any term of this Agreement is determined to be invalid or unenforceable by a relevant court or governing body, the remaining terms of this Agreement will remain in full force and effect. The failure of a party to enforce a term or to exercise an option or right in this Agreement will not constitute a waiver by that party of the term, option, or right.
12.3 Governing Law.
This Agreement and any non-contractual obligations arising out of or in connection with it are governed by the laws of the Abu Dhabi Global Market, excluding conflict of laws rules. The United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.
12.4 Dispute Resolution.
(a) Escalation. Before initiating any formal proceedings, the parties will give written notice of the dispute. Senior representatives of each party will meet in person or by videoconference within 20 Business Days of such notice to attempt good-faith resolution.
(b) Jurisdiction. If a dispute is not resolved within 30 days of the written notice, the parties irrevocably submit to the exclusive jurisdiction of the Abu Dhabi Global Market Courts for all disputes arising out of or in connection with this Agreement, including any non-contractual obligations arising out of or in connection with it. Each party waives any objection it may have to such courts on grounds of inconvenient forum or otherwise.
(c) Injunctive Relief. Notwithstanding Section 12.4(b), either party may seek emergency injunctive relief from any court of competent jurisdiction to prevent irreparable harm, without posting a bond or exhausting the escalation process in Section 12.4(a).
(d) Territory Addenda. Where Customer's operations are subject to mandatory laws of a jurisdiction outside the UAE that cannot be contractually excluded, the parties may agree in writing to territory-specific addenda modifying this Agreement to the extent necessary to comply with such mandatory laws. In the absence of a signed addendum, this Agreement applies in full.
12.5 Injunctive Relief.
Despite Section 12.4 (Dispute Resolution), a breach of Section 10 (Confidentiality) or the violation of a party's intellectual property rights may cause irreparable harm for which monetary damages cannot adequately compensate. As a result, the non-breaching or non-violating party may seek appropriate equitable relief, including an injunction, in any court of competent jurisdiction without the need to post a bond and without limiting its other rights or remedies.
12.6 Non-Exhaustive Remedies.
Except where the Agreement provides for an exclusive remedy, seeking or exercising a remedy does not limit the other rights or remedies available to a party.
12.7 Assignment.
Neither party may assign any rights or obligations under this Agreement without the prior written consent of the other party. However, either party may assign this Agreement upon notice if the assigning party undergoes a merger, change of control, reorganisation, or sale of all or substantially all its equity, business, or assets to which this Agreement relates. Any attempted but non-permitted assignment is void. This Agreement will be binding upon and inure to the benefit of the parties and their permitted successors and assigns.
12.8 Beta Products.
If Provider gives Customer access to a Beta Product, the Beta Product is provided "AS IS" and Section 6.3 (From Provider) does not apply to any Beta Products. Customer acknowledges that Beta Products are experimental in nature and may be modified or removed at Provider's discretion with or without notice.
12.9 Logo Rights.
Provider may identify Customer and use Customer's name and logo in marketing to identify Customer as a user of Provider's products and services, provided that Provider will obtain Customer's prior written approval before publishing any detailed case study or testimonial.
12.10 Notices.
Any notice, request, or approval about the Agreement must be in writing and sent to the Notice Address. Notices will be deemed given (a) upon confirmed delivery if by email, registered or certified mail, or personal delivery; or (b) two days after mailing if by overnight commercial delivery.
12.11 Independent Contractors.
The parties are independent contractors, not agents, partners, or joint venturers. Except for Provider's limited role as a payment agent solely as described in Section 1.5, neither party is authorised to bind the other to any liability or obligation.
12.12 No Third-Party Beneficiary.
There are no third-party beneficiaries of this Agreement.
12.13 Force Majeure.
Neither party will be liable for a delay or failure to perform its obligations of this Agreement if caused by a Force Majeure Event. However, this section does not excuse Customer's obligations to pay Fees or to fund payroll or payment instructions.
12.14 Anti-Bribery.
Neither party will take any action that would be a violation of any Applicable Laws that prohibit the offering, giving, promising to offer or give, or receiving, directly or indirectly, money or anything of value to any third party to assist Provider or Customer in retaining or obtaining business. Examples of these kinds of laws include the U.S. Foreign Corrupt Practices Act, the UK Bribery Act 2010, and UAE Federal Law No. 11 of 2016 on Anti-Corruption.
12.15 Titles and Interpretation.
Section titles are for convenience and reference only. All uses of "including" and similar phrases are non-exhaustive and without limitation. The United Nations Convention for the International Sale of Goods and the Uniform Computer Information Transaction Act do not apply to this Agreement.
12.16 Signature.
This Agreement may be signed in counterparts, including by electronic copies or acceptance mechanism. Each copy will be deemed an original and all copies, when taken together, will be the same agreement.
13. AI-Powered Recruiting and Candidate Data
13.1 Application of AI Recruiting Terms.
This Section 13 applies only to the extent Customer uses AI-powered recruiting, candidate sourcing, candidate enrichment, candidate scoring, candidate ranking, candidate recommendation, or similar recruiting-related features of the Cloud Service. This Section does not apply to Customer's use of payroll, HRIS, onboarding, employee management, contractor management, or payment processing features that do not include AI-powered recruiting or candidate-related functionality.
13.2 Scope.
This Section applies to the extent Customer uses AI-powered features of the Cloud Service, including features that source, identify, enrich, score, rank, or recommend candidate or employee data ("AI Features"). Where a feature is not designated as an AI Feature in the Documentation or Order Form, this Section does not apply to that feature.
13.3 No Employment Decisions.
AI Features support Customer's decision-making and do not replace Customer's independent judgement. Customer retains sole and exclusive responsibility for all employment, engagement, and HR decisions, including which candidates to contact, screen, interview, advance, reject, or hire and on what terms. Customer will not use AI Features as the sole or determinative basis for any decision that produces legal or similarly significant effects on an individual, including decisions related to hiring, compensation, promotion, or termination. Provider does not make, and is not authorised to make, any employment or HR decision on Customer's behalf.
13.4 Human Oversight.
Customer will ensure meaningful human review of AI Feature outputs before taking any adverse action against, or making any final selection of, a candidate or employee. Customer must not configure the Cloud Service to automatically reject or advance candidates without such human review. Customer is responsible for the criteria, instructions, filters, and configurations it applies within AI Features.
13.5 No Model Training.
Provider will not use Customer Content, including any inputs to or outputs from AI Features, to train, fine-tune, or improve Provider's or any third party's foundational AI models without Customer's prior written consent. Provider may use aggregated, anonymised usage data to improve the performance and accuracy of AI Features, provided such data cannot reasonably be used to identify Customer or any individual.
13.6 Accuracy and Limitations.
AI Features and their outputs: (a) may not be accurate, complete, or current, and may reflect limitations or biases inherent in the underlying data or models; (b) are not a substitute for professional advice, including legal, HR, or compliance advice; and (c) are provided without warranty as to fitness for any particular purpose, subject to Section 6 (Representations and Warranties). Customer is solely responsible for evaluating the accuracy and appropriateness of AI Feature outputs for its specific use case before relying on them.
13.7 Bias Auditing and Regulatory Compliance.
To the extent any AI Feature constitutes an automated employment decision tool or similar regulated system under Applicable Laws, Provider will maintain and make available to Customer upon written request a summary of the most recent independent bias audit of that feature, if such audit is required by Applicable Laws. Customer is responsible, as the deploying employer or relevant party, for: (a) providing any required candidate or employee notices; (b) implementing any required opt-out or alternative processes; and (c) ensuring its use of AI Features complies with all anti-discrimination and AI governance laws in each jurisdiction where Customer operates.
13.8 High-Risk AI Systems.
Where and to the extent the Cloud Service is treated as a high-risk AI system under Applicable Laws in a jurisdiction in which it is supplied or used, including EU Regulation 2024/1689, the "EU AI Act", Provider is the "provider" and Customer is the "deployer" of that system. Each party will perform its respective obligations under such laws. Provider will make available the instructions for use and technical information reasonably required for Customer to meet its deployer obligations.
13.9 Lawful Data Sourcing.
Provider represents that, to the extent it sources, compiles, and processes candidate data for AI Features, it will do so through lawful means and in accordance with Applicable Laws and Applicable Data Protection Laws. Customer represents that it has, and will maintain throughout the Subscription Period, all rights, notices, and lawful bases required to receive and use candidate data and AI Feature outputs for its recruiting and HR purposes.
14. Placement Fees and Candidate Attribution
14.1 Application of Placement Fee Terms.
This Section 14 applies only to the extent the applicable Order Form expressly includes recruiting, candidate sourcing, candidate introduction, placement, or success-fee-based services. No Placement Fee is payable unless the applicable Order Form expressly states that Placement Fees apply and sets out the applicable fee structure or calculation methodology.
14.2 Fee Trigger and Invoicing.
A Placement Fee is incurred upon the candidate's written acceptance of Customer's offer of Engagement. Provider will invoice the Placement Fee at that time, and Customer will pay it within [14] days of the invoice date. Overdue Placement Fees accrue interest as provided in Section 4 (Payment and Taxes).
14.3 Candidate Attribution; Anti-Circumvention.
If Customer or any Affiliate of Customer Engages a candidate who was the subject of an Introduction Event within twelve (12) months after that Introduction Event, the Placement Fee is payable (a) whether or not the Engagement was arranged through the Product, (b) whether the candidate is Engaged in the role to which the Introduction Event related or in any other role, and (c) whether or not this Agreement remains in effect at the time of the Engagement. An Introduction Event is conclusively evidenced by Provider's system records showing that Customer or a User unlocked, contacted, exported, or was furnished the candidate's identifying information through the Product.
14.4 Notification.
Customer will notify Provider of (a) any offer of Engagement made to a candidate subject to an Introduction Event, (b) the candidate's acceptance, and (c) the actual Remuneration, in each case within [5] days of the relevant event.
14.5 Replacement Guarantee.
Provided that Customer has paid the applicable Placement Fee when due and notified Provider of the termination in writing within [7] days, if a Placed candidate's Engagement terminates within [90] days after the start date other than by reason of redundancy, a material change by Customer to the role, location, or Remuneration, or any matter not related to the candidate's qualifications, capability, or conduct, Provider will, as Customer's sole and exclusive remedy, use commercially reasonable efforts to source one replacement candidate for the same role at no additional Placement Fee, direct third-party costs, if any, excepted.
14.6 Fee Exceptions.
No Placement Fee is payable where (a) Customer demonstrates, by contemporaneous written evidence, that it was already in a bona fide recruiting process with the candidate through an independent source within six (6) months before the Introduction Event; or (b) the candidate cannot obtain the work authorisation required for the role, provided the candidate has not commenced work, including remote work, for Customer or any Affiliate.
14.7 Undisclosed Remuneration.
If Customer does not disclose the actual Remuneration within the period stated in Section 14.4, Provider may calculate the Placement Fee on the basis of the prevailing market remuneration for comparable roles, having regard to any information Customer has provided, until the actual Remuneration is confirmed.
14.8 Relationship of the Parties. Nothing in this Section 14 constitutes Provider as the employer of any candidate, as an employment agency or agent of Customer for the making of employment decisions, which remain Customer's sole responsibility under Section 13.3, or as a party to any Engagement between Customer and a candidate. The parties remain independent contractors as provided in Section 12 (General Terms).
15. Definitions
Variables have the meanings or descriptions given on a Cover Page or Order Form. However, if the Order Form and the governing Framework Terms omit or do not define a Variable, the default meaning will be "none" or "not applicable" and the correlating clause, sentence, or section does not apply to that Agreement.
"Affiliate" means an entity that, directly or indirectly, controls, is under the control of, or is under common control with a party, where control means having more than fifty percent (50%) of the voting stock or other ownership interest.
"Agreement" means the Order Form between Provider and Customer as governed by the Framework Terms, together with these Framework Terms, the DPA, and any schedules or addenda incorporated by reference.
"Applicable Data Protection Laws" means the Applicable Laws that govern how the Cloud Service may process or use an individual's personal information, personal data, personally identifiable information, or other similar term, including the laws listed in Section 3.2.
"Applicable Laws" means the laws, rules, regulations, court orders, and other binding requirements of a relevant government authority that apply to or govern Provider or Customer.
"Beta Product" means an early or prerelease feature or version of the Product that is identified as beta or similar, or a version of the Product that is not generally available.
"Cloud Service" means the product described in the Order Form.
"Confidential Information" means information in any form disclosed by or on behalf of a Discloser, including before the Effective Date, to a Recipient in connection with this Agreement that (a) the Discloser identifies as "confidential", "proprietary", or the like; or (b) should be reasonably understood as confidential or proprietary due to its nature and the circumstances of its disclosure. Confidential Information includes the existence of this Agreement and the information on each Cover Page or Order Form.
"Customer Content" means data, information, or materials submitted by or on behalf of Customer or Users to the Product but excludes Feedback.
"DPA" means the Data Processing Addendum available at cercli.com or otherwise made available by Provider, as updated from time to time and incorporated into this Agreement by reference.
"Engage" means to employ, retain, contract with, hire, appoint, or otherwise engage a candidate, whether directly or indirectly and whether as an employee, contractor, consultant, worker, advisor, or other service provider.
"Fees" means the applicable amounts described in an Order Form.
"Force Majeure Event" means an unforeseen event outside a party's reasonable control where the affected party took reasonable measures to avoid or mitigate the impacts of the event. Examples include unpredicted natural disasters, war, pandemic, riot, act of terrorism, or public utility or internet failure.
"GDPR" means European Union Regulation 2016/679 as implemented by local law in the relevant European Union member nation, and by section 3 of the United Kingdom's European Union (Withdrawal) Act of 2018 in the United Kingdom.
"High Risk Activity" means any situation where the use or failure of the Product could be reasonably expected to lead to death, bodily injury, or environmental damage.
"Introduction Event" means an event in which Customer or a User unlocks, contacts, exports, views, receives, or is furnished a candidate's identifying information through the Product or through Provider's recruiting, candidate sourcing, introduction, or placement services.
"Order Form" means a Cover Page, order form, proposal, quote, statement of work, or other ordering document that includes the key business details and Variables for this Agreement that are not defined in the Framework Terms.
"Payroll Data" means Personal Data and other information submitted by or on behalf of Customer that is reasonably required to provide payroll, HR, onboarding, employee management, contractor management, employer-of-record support, payment, compliance, or related Services, including employee and contractor names, contact details, compensation, bank account details, tax information, government identification, employment information, nationality, residency information, visa or immigration information, beneficiary details, and payment instructions.
"Personal Data" will have the meaning set forth in the Applicable Data Protection Laws for personal information, personal data, personally identifiable information, or any other similar term.
"Placed candidate" means a candidate who is Engaged by Customer or its Affiliate following an Introduction Event and in respect of whom a Placement Fee is payable under the applicable Order Form.
"Placement Fee" means a fee payable by Customer to Provider in connection with a candidate introduction, candidate sourcing service, placement, success fee, or similar recruiting-related service, as set out in the applicable Order Form.
"Product" means the Cloud Service, Software, Documentation, and any related Services described in the applicable Order Form.
"Prohibited Data" means data that is not reasonably required for the applicable Service and that Provider has not expressly agreed to process, including patient medical records, protected health information, cardholder data subject to PCI-DSS, children's data, biometric identifiers, criminal offence data, or other highly sensitive data that is not necessary for the provision of the applicable Service.
"Remuneration" means the candidate's annual base salary, fixed compensation, annualised contractor fees, or other remuneration amount used to calculate the applicable Placement Fee, as specified in the Order Form.
"Software" means any software, scripts, applications, APIs, connectors, or other code provided by Provider as part of or in connection with the Cloud Service.
"Subscription Period" means the subscription term set out in the applicable Order Form.
"Usage Data" means data and information about the provision, use, and performance of the Product and related offerings based on Customer's or User's use of the Product.
"User" means any individual who uses the Product on Customer's behalf or through Customer's account.
