CAPTIVE PORTAL HELPER - END USER LICENCE AGREEMENT

1.1 Definitions

"Authorised Users"

means employees, contractors, and agents of the Customer authorised to use the Software for the Permitted Purpose.

"Captive Portal"

means third-party network access control systems (including WiFi hotspots, guest networks, and public internet access points at coffee shops, train stations, hotels, airports, and similar locations) that require user authentication or acceptance of terms before granting network or internet access.

"Customer Data"

means data, content, and materials submitted, stored, transmitted, or processed by or on behalf of the Customer through the Software, including device identifiers, authentication credentials, and connection logs.

"Customer Device"

means any laptop, mobile device, tablet, or other computing equipment owned, operated, or controlled by the Customer and used by Authorised Users.

"Documentation"

means the technical and user documentation for the Software made available by the Supplier.

"Intellectual Property Rights"

means patents, rights to inventions, copyright and related rights, trade marks, trade names, domain names, rights in get-up, rights in goodwill or to sue for passing off, rights in designs, rights in computer software, database rights, topography rights, rights in confidential information (including know-how and trade secrets), and any other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

"Permitted Purpose"

means use of the Software by the Customer to enable Customer Devices to authenticate to and bypass third-party Captive Portals when the Customer's VPN or other network security configurations prevent normal authentication or terms acceptance, for the purpose of facilitating secure remote and mobile working by Authorised Users.

"Software"

means the Captive Portal Helper software (including any updates, patches, or enhancements provided by the Supplier) and associated services.

"Term"

means the period specified in clause 10.1.

1.2 Interpretation

References to "including" or "includes" mean "including without limitation." Headings are for convenience only and do not affect interpretation. References to clauses and schedules are to clauses of and schedules to this Agreement.

2.1 Grant

Subject to the terms of this Agreement, the Supplier grants to the Customer a non-exclusive, non-transferable, revocable licence during the Term to:

1. install and use the Software on Customer Devices solely for the Permitted Purpose;
2. permit Authorised Users to use the Software to facilitate authentication to third-party Captive Portals; and
3. access and use the Documentation reasonably necessary to support the permitted use of the Software.

2.2 Licence Restrictions

The Customer shall not (and shall procure that Authorised Users do not):

1. copy, modify, adapt, translate, or create derivative works based on the Software except as expressly permitted;
2. reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the Software, except to the extent permitted by applicable law;
3. sublicense, rent, lease, loan, or distribute the Software to any third party;
4. use the Software for any purpose other than the Permitted Purpose, including any commercial exploitation or service bureau use;
5. remove, obscure, or alter any proprietary notices on the Software or Documentation;
6. use the Software in any manner that breaches applicable laws or regulations, infringes third-party rights, or introduces malicious code;
7. attempt to gain unauthorised access to any systems or networks connected to the Software.

2.3 No Charge Basis

The Software is provided at no charge for the Term. No fees are payable by the Customer. This offering is provided for trial, evaluation, proof-of-concept, or goodwill purposes.

3.1 Supplier's Rights

All Intellectual Property Rights in the Software and Documentation are and shall remain the sole property of the Supplier and its licensors. The Customer acquires no rights other than the limited licence expressly granted in clause 2.1.

3.2 Customer Data

As between the parties, the Customer retains all Intellectual Property Rights in Customer Data. No licence or right in Customer Data is granted to the Supplier, as the Software operates entirely on Customer Devices and the Supplier does not receive, access, or process Customer Data.

3.3 Feedback

If the Customer provides suggestions, feedback, or ideas regarding the Software, the Supplier may use such feedback without obligation or compensation to the Customer.

4.1 Support

The Supplier will use reasonable endeavours to provide basic technical support for the Software by email during UK business hours (9am–5pm, Monday to Friday, excluding public holidays). The Supplier does not guarantee response or resolution times.

4.2 No Warranties on Availability

The Customer acknowledges that:

1. No uptime or availability guarantees are provided.
2. The Software is a standalone binary that operates on Customer Devices; the Supplier has no ability to suspend or interrupt the Customer's use of the Software once installed.
3. The Software is provided "as is" without any warranties regarding continuous operation or compatibility with future operating system or network changes.

4.3 Updates

The Supplier may (but is not obliged to) provide updates, patches, or enhancements to the Software. Any such updates will be subject to this Agreement unless accompanied by separate terms.

5.1 Supplier's Warranties

The Supplier warrants that:

1. it has the right to grant the licence in clause 2.1;
2. the Software will, when used in accordance with the Documentation and for the Permitted Purpose, materially conform to the functional description set out in the Documentation; and
3. it will use reasonable skill and care in providing support services under clause 4.1.

5.2 Customer's Warranties

The Customer warrants that:

1. it has the necessary authority to enter into and perform this Agreement;
2. it will use the Software in compliance with applicable laws, regulations, and this Agreement;
3. it will implement and maintain appropriate security measures on Customer Devices, including device encryption, VPN, endpoint protection, and access controls;
4. Authorised Users will comply with the terms of use and acceptable use policies of third-party Captive Portals accessed using the Software;
5. Customer Data will not infringe any third-party rights or breach applicable laws, including data protection laws.

5.3 Limitations and Disclaimers

EXCEPT AS EXPRESSLY SET OUT IN CLAUSE 5.1:

1. The Software is provided "as is" without any warranties, representations, or conditions of any kind, whether express or implied.
2. To the fullest extent permitted by law, the Supplier disclaims all implied warranties, including satisfactory quality, fitness for a particular purpose, non-infringement, and accuracy or completeness of data.
3. The Supplier does not warrant that the Software will be uninterrupted, error-free, secure, or free from vulnerabilities, bugs, or malicious code.
4. The Supplier does not warrant compatibility with the Customer's systems, networks, or third-party software.

The Customer acknowledges that the Software is provided at no charge and that the scope of warranties reflects this commercial arrangement.

6.1 General

The Customer shall:

1. ensure Authorised Users comply with this Agreement;
2. implement and maintain reasonable security measures on Customer Devices, including device hardening, VPN, endpoint detection and response, and patch management;
3. ensure that Authorised Users are trained on the proper and secure use of the Software, including risks associated with connecting to untrusted third-party networks;
4. maintain adequate backups of Customer Data and device configurations;
5. notify the Supplier promptly of any security incidents, unauthorised access, or suspected breaches involving the Software.

6.2 Third-Party Captive Portal Interaction

The Customer acknowledges and agrees that:

1. the Software is a client-side tool that facilitates authentication to third-party Captive Portals operated by coffee shops, transport providers, hotels, and other venue operators ("Third-Party Operators");
2. the Supplier has no control over, responsibility for, or relationship with Third-Party Operators or their Captive Portals;
3. the Customer is solely responsible for:
   1. ensuring Authorised Users comply with the terms of use, acceptable use policies, and privacy policies of Third-Party Operators;
   2. assessing the security and trustworthiness of third-party networks before connecting Customer Devices;
   3. implementing layered security controls (VPN, traffic monitoring, device isolation) to mitigate risks associated with untrusted networks;
   4. any liability arising from Authorised Users' use of third-party networks or breach of Third-Party Operator terms;
4. the Supplier makes no representations or warranties regarding the security, availability, or compliance of third-party networks or Captive Portals;
5. use of the Software does not constitute endorsement or approval by the Supplier of any Third-Party Operator or network.

7.1 On-Premise Processing

1. The Software is a standalone binary installed and executed entirely on Customer Devices. The Software does not transmit, upload, or share any personal data or Customer Data with the Supplier, Supplier's servers, or any third party (other than Third-Party Operators as necessary to authenticate to Captive Portals).
2. For the purposes of UK data protection law (UK GDPR and Data Protection Act 2018), the Customer is the sole data controller in respect of any personal data processed by the Software (including Authorised User identifiers, device data, authentication credentials, and connection logs).
3. The Supplier does not act as a data processor and does not process personal data on the Customer's behalf. All data processing occurs locally on Customer Devices under the Customer's control.
4. No Data Processing Agreement (DPA) is required under Article 28 UK GDPR, as there is no processor relationship.

7.2 Customer Obligations

The Customer acknowledges that, as sole data controller, it is responsible for:

1. ensuring it has a lawful basis for processing personal data generated by the Software;
2. providing privacy notices to Authorised Users regarding the Software's processing of personal data and sharing of data with Third-Party Operators;
3. compliance with UK GDPR, including transparency, security, data minimisation, and retention obligations.

7.3 Third-Party Data Sharing

1. The Customer acknowledges that use of the Software may result in the transmission of personal data (device identifiers, authentication credentials, IP addresses) to Third-Party Operators as necessary to authenticate to Captive Portals.
2. The Customer is solely responsible for assessing the data protection practices of Third-Party Operators and ensuring that such data sharing complies with UK GDPR and other applicable laws.
3. The Supplier makes no representations or warranties regarding Third-Party Operators' compliance with data protection laws.

8.1 Confidential Information

Each party shall keep confidential all information received from the other party that is marked as confidential or that ought reasonably to be considered confidential, and shall not use or disclose such information except as necessary to perform this Agreement or as required by law.

8.2 Exceptions

Confidential information does not include information that:

1. is or becomes publicly available other than through breach of this clause;
2. was lawfully in the receiving party's possession before disclosure;
3. is lawfully obtained from a third party without restriction; or
4. is independently developed without use of the disclosing party's confidential information.

8.3 Security Incidents

Each party shall notify the other promptly upon becoming aware of any unauthorised access, use, or disclosure of the other party's confidential information.

9.1 Non-Excludable Liability

Nothing in this Agreement excludes or limits either party's liability for:

1. death or personal injury caused by its negligence;
2. fraud or fraudulent misrepresentation;
3. breach of confidentiality obligations under clause 8; or
4. any other liability that cannot be excluded or limited by applicable law.

9.2 Liability Cap

Subject to clause 9.1, the Supplier's total aggregate liability to the Customer arising out of or in connection with this Agreement (whether in contract, tort (including negligence), breach of statutory duty, or otherwise) shall not exceed £10,000 (ten thousand pounds sterling).

9.3 Excluded Loss Types

Subject to clause 9.1, neither party shall be liable to the other for any:

1. loss of profits, revenue, or anticipated savings;
2. loss of business opportunity or contracts;
3. loss of or corruption to data (except where caused by the Supplier's breach of clause 8, subject to clause 9.1(c));
4. loss of goodwill or reputation; or
5. any indirect or consequential losses,

even if the party was advised of the possibility of such losses.

9.4 Customer Indemnity

The Customer shall indemnify and hold harmless the Supplier from direct losses (excluding indirect or consequential losses) arising out of or in connection with:

1. the Customer's wilful misconduct or unlawful use of the Software; or
2. any breach by the Customer of clauses 2.2 (Licence Restrictions) or 7 (Data Protection) caused by negligence or deliberate default.

This indemnity shall be subject to the liability cap in clause 9.2 and shall not require the Customer to indemnify the Supplier for any loss arising from the Supplier's own negligence, breach, or failure to comply with this Agreement.

9.5 Reasonableness and Acknowledgment

The Customer acknowledges that:

1. the Software is provided at no charge on a trial/proof-of-concept basis;
2. the Supplier does not guarantee uptime, availability, or fitness for critical production use;
3. the liability limitations in this clause 9 are reasonable and proportionate having regard to the nature of the Software and the absence of licence fees.

10.1 Term

This Agreement commences on the date the Customer first installs or accesses the Software and continues for an initial period of 12 months (or such other period as agreed in writing), unless terminated earlier in accordance with this clause 10.

10.2 Termination by Customer

The Customer may terminate this Agreement at any time by ceasing use of the Software and providing written notice to the Supplier.

10.3 Termination by Supplier

The Supplier may terminate this Agreement:

1. immediately on written notice if the Customer breaches any material term of this Agreement and (where the breach is capable of remedy) fails to remedy the breach within 14 days of written notice;
2. immediately on written notice if the Customer becomes insolvent, enters administration or liquidation, or ceases to carry on business;
3. on 30 days' written notice at any time for any reason (including discontinuation of the no-charge offering or reallocation of resources).

10.4 Effects of Termination

On termination or expiry of this Agreement:

1. the licence granted in clause 2.1 terminates immediately;
2. the Customer shall immediately cease all use of the Software and (if requested by the Supplier) uninstall or destroy all copies of the Software and Documentation in its possession or control;
3. the Customer is solely responsible for uninstalling the Software from Customer Devices; the Supplier has no technical ability to remotely disable or remove the Software;
4. each party shall (at the other's request) return or destroy the other party's confidential information, except to the extent retention is required by law or for archival or audit purposes;
5. termination does not affect any accrued rights, remedies, or liabilities of either party.

10.5 Survival

Clauses 1 (Definitions and Interpretation), 3 (Intellectual Property), 5.3 (Limitations and Disclaimers), 7 (Data Protection – obligations continuing after termination), 8 (Confidentiality), 9 (Liability), 10.4 and 10.5 (Effects of Termination and Survival), and 11 (General) survive termination or expiry of this Agreement.

11.1 Entire Agreement

This Agreement (together with any separate DPA, acceptable use policy, or privacy notice expressly incorporated by reference) constitutes the entire agreement between the parties and supersedes all prior agreements, representations, and understandings relating to the subject matter. Each party acknowledges that it has not relied on any statement, representation, or warranty not expressly set out in this Agreement.

11.2 Variation

The Supplier may update or modify this Agreement from time to time to reflect minor, administrative, or non-material changes by posting a revised version and notifying the Customer. Material changes that reduce the Customer's rights or increase its obligations shall not take effect unless accepted in writing by the Customer. Continued use of the Software after notice of minor changes constitutes acceptance of those changes.

11.3 Waiver

No failure or delay by either party in exercising any right or remedy shall constitute a waiver of that right or remedy. A waiver of any breach does not constitute a waiver of any subsequent breach.

11.4 Severability

If any provision of this Agreement is held invalid, illegal, or unenforceable, the remaining provisions shall remain in full force and effect, and the invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving the parties' original intent.

11.5 Assignment and Subcontracting

1. The Customer may not assign, transfer, or subcontract any of its rights or obligations under this Agreement without the Supplier's prior written consent.
2. The Supplier may assign or subcontract its obligations under this Agreement on notice to the Customer, provided such assignment or subcontracting does not materially reduce the Customer's rights or protections under this Agreement.

11.6 Third-Party Rights

This Agreement does not confer any rights on any third party under the Contracts (Rights of Third Parties) Act 1999.

11.7 Force Majeure

Neither party shall be liable for any delay or failure to perform its obligations (other than payment obligations) due to events beyond its reasonable control, including acts of God, war, terrorism, civil unrest, industrial disputes, failure of telecommunications or internet infrastructure, or government action. If such an event continues for more than 60 days, either party may terminate this Agreement on written notice.

11.8 Notices

1. Notices under this Agreement shall be in writing and sent to the addresses or email addresses specified by the parties.
2. Notices are deemed received: (i) if delivered by hand, on delivery; (ii) if sent by email, on the earlier of acknowledgment or 24 hours after sending (provided no delivery failure notification is received); (iii) if sent by post, two UK business days after posting.

11.9 Governing Law

This Agreement and any dispute or claim arising out of or in connection with it (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.

11.10 Jurisdiction

Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement (including non-contractual disputes or claims).

11.11 Counterparts

This Agreement may be executed in counterparts, each of which is an original and all of which together constitute one agreement. Electronic signatures and PDF copies have the same force and effect as original signatures.

12.1 Acceptance

By installing, accessing, or using the Software, you (on behalf of the Customer) confirm that:

1. you are authorised to bind the Customer to this Agreement;
2. you have read, understood, and accept all terms of this Agreement, including the liability limitations in clause 9; and
3. the Customer agrees to comply with all obligations set out in this Agreement.

12.2 Record of Acceptance

The Supplier may maintain records of acceptance (including timestamps and user identifiers) for audit and enforceability purposes, to the extent such information is voluntarily provided during download or installation. The Supplier does not collect usage data or telemetry from the Software after installation.

A. Captive Portal Helper Functionality

The Software is a client-side agent installed on Customer Devices that provides the following core capabilities:

1. Automatic Captive Portal Detection: Detects when a Customer Device connects to a third-party network requiring authentication or terms acceptance via a Captive Portal.
2. VPN-Compatible Authentication: Facilitates authentication to third-party Captive Portals when the Customer's VPN or other security configurations prevent normal browser-based authentication flows.
3. Terms Acceptance Automation: Automatically or semi-automatically accepts Third-Party Operator terms of use, privacy policies, and acceptable use policies on behalf of Authorised Users (subject to Customer configuration and approval workflows).
4. Connection Logging: Records connection attempts, authentication events, Third-Party Operator identifiers, and session metadata for audit and compliance purposes.
5. Policy Enforcement: Applies Customer-defined policies for approved/blocked networks, authentication methods, and risk thresholds.
6. Secure Credential Handling: Stores and transmits authentication credentials (where required by Third-Party Operators) using encryption and secure storage mechanisms.

B. Permitted Use Constraints

The Customer may use the Software solely for:

• Installing on government-owned or government-controlled Customer Devices (laptops, tablets, mobile devices).
• Enabling Authorised Users to authenticate to third-party Captive Portals at coffee shops, train stations, hotels, airports, and similar public or semi-public locations when VPN or other security configurations prevent normal authentication.
• Facilitating secure remote and mobile working by government employees, contractors, and agents.
• Evaluation, proof-of-concept, or trial deployment within the Customer's organisation.

The Customer may not use the Software for:

• Installation on personal devices not owned or controlled by the Customer.
• Commercial resale, outsourcing, or managed service provision to third parties outside HMG.
• Bypassing legitimate security controls or acceptable use policies of Third-Party Operators for unlawful or malicious purposes.
• Processing or storing classified information above OFFICIAL (or equivalent classification as agreed with the Supplier).
• Any use case requiring certified or warranted security assurance (e.g., critical national infrastructure, life-safety systems, SECRET or TOP SECRET environments) without separate written agreement and accreditation.

C. Support Channels

• Email: support@cloudsecure.ltd
• Response target: Reasonable endeavours; no guaranteed SLA.