Luna WMS – Terms & Conditions

descriptionPage

Terms and Conditions for Luna WMS (UK – England and Wales)
Last updated: 04/11/2025

Agreement to Terms

Luna Workflow Management (Luna WMS), hereinafter referred to as Luna, is a platform for managing and automating workflows across an organisation.

These Terms and Conditions constitute a legally binding agreement between you (being a business entity or an authorised representative) and Oddineers Ltd. (“we,” “us” or “our”), governing your access to and use of the Luna service (the “Service”) and related sites, applications, and APIs provided by us (collectively, the “Site”) as well as any isolated customer instance(s) provided to you (each an “Instance”) for your internal business use.

Access to the Service is contingent on having an executed agreement with Oddineers Ltd. (including any Order Form and Data Processing Agreement). The Service is provided through a dedicated Instance deployed for your use. There is no public sign-up or self-service access at this time; access is by invitation and via the execution of an Order Form. You acknowledge and agree that you may only access and use the Service in accordance with a valid, executed agreement and the terms herein.

By accessing or using the Service, you acknowledge that you have read, understood, and agree to be bound by these Terms and Conditions. If you do not agree with these Terms and Conditions, you must not access or use the Service.

Supplemental terms and conditions or documents that may be posted on the Site from time to time are expressly incorporated herein by reference. We may modify these Terms and Conditions at any time in our sole discretion. We will notify you of material changes by updating the “Last updated” date and, where required by applicable law, by providing notice to you. It is your responsibility to review the Terms and Conditions periodically to stay informed of updates. Your continued use of the Service after changes are posted constitutes acceptance of those changes.

The Service is intended for use by businesses operating in the United Kingdom or by entities with a legitimate business need to use a CMS. If you access the Service from outside the UK, you do so at your own risk and are responsible for complying with local laws applicable to you.

These Terms and Conditions were created with a standard treaty/template approach and may be supplemented by a separate Data Processing Addendum (DPA) governing data processing activities under UK data protection law.

Definitions

  • “Account” means the login credentials and access rights granted to a Customer’s authorised representatives to access the Service.
  • “Customer Data” means any data, information, or content uploaded, stored, transmitted, or otherwise processed by or on behalf of the Customer within the Instance, including any Personal Data contained in such materials.
  • “Content” means the textual, visual, audio, or other materials displayed within the Service that are not Customer Data.
  • “Evidence” means documents, files, or other materials uploaded by the Customer or its authorised users in connection with client matters.
  • “Instance” means an isolated, logically separated environment provided to a Customer for its use, with data separation from other customers.
  • “Personal Data” has the meaning given in the UK GDPR and Data Protection Act 2018.
  • “Service Levels” means the performance metrics, if any, for uptime, support response times, and maintenance windows described in a Service Level Schedule (SLS) attached to these Terms or provided separately.
  • “Sub-processors” means third parties authorised to process Customer Data on our behalf.
  • “UK GDPR” means the UK General Data Protection Regulation as it applies in the United Kingdom, together with applicable national laws.

Service Description and Tenancy

  • The Service is provided as an isolated Instance model. Each Customer receives a dedicated, logically separated Instance for its use, with data segregation and restricted access to that Customer’s data and configurations.
  • The Service includes (but is not limited to) data capture (e.g., contacts, phone numbers, REST API submissions, integrations), workflow processing (document generation, e-sign requests, routeing), and the ability for System Users to upload, review, and manage Evidence.
  • We will deploy a dedicated Instance for the Customer upon execution of the applicable Order Form. The Customer’s Instance is isolated from other Customers’ data and configurations.
  • We will use commercially reasonable efforts to maintain the security, availability, and integrity of each Instance in accordance with the Service Levels (if applicable) and our security policy.
  • You acknowledge that data may be processed by us and our Sub-processors in order to provide, maintain, support, improve, and develop the Service, in accordance with the Data Processing Addendum.

Intellectual Property Rights

  • The Service, Content, and all underlying technology are the property of Oddineers Ltd. or its licensors. Nothing in these Terms grants Customer ownership of the Service or its underlying technology.
  • Subject to your compliance with these Terms, we grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Service for your internal business purposes in the manner contemplated by these Terms and any applicable Service Level Schedule.
  • Customer retains ownership of all Customer Data. We do not claim ownership of Customer Data. By uploading or submitting Customer Data, you grant us a licence to host, reproduce, store, and process such data as necessary to provide the Service.

User Representations and Authorised Users

  • Customer represents and warrants that:
  • Customer has all rights to provide Customer Data to the Service and to permit us to process it for the purposes described in these Terms and the DPA.
  • All persons authorised by Customer to use the Service (the “Authorised Users”) are authorised to use the Service on behalf of Customer.
  • Customer is responsible for the acts and omissions of its Authorised Users and for ensuring that their use complies with these Terms and applicable law.

Access, Security, and Authorised Use

  • You must safeguard Account credentials and promptly notify us of any suspected breach. You may designate Authorised Users and must ensure they comply with these Terms.
  • Prohibited activities include attempts to circumvent security, unauthorised access, disclosure of login details, or any activity that would compromise the integrity or confidentiality of the Instance or Customer Data.
  • We may suspend or terminate access if there is a suspected or confirmed breach of security or misuse.

Customer Data, Confidentiality, and Evidence Handling

  • Customer Data remains the property of Customer (and its clients, where applicable). We will treat Customer Data as confidential and will implement appropriate technical and organisational measures to protect it.
  • Evidence uploaded by Customer, and any derived outputs (e.g., generated documents), shall be handled in accordance with the DPA and applicable data protection law.
  • We will not disclose Customer Data to third parties except as required to provide the Service (including Sub-processors or as required by law) or as described in the DPA.

User Generated and Evidence Content

  • If customers enable users to upload, submit, or share Evidence, such Content remains owned by the Customer or its clients. We do not claim ownership of such Content, but we may process it to provide the Service.
  • You grant us a limited licence to use, reproduce, and display Content solely to the extent necessary for the operation of the Service (e.g., to generate documents, route tasks, or perform workflows). This licence expires upon deletion of Content by the Customer, subject to legal data retention requirements.

Third-Party Services, API, and Integrations

  • The Service may integrate with third-party services via REST APIs or other methods. Use of such third-party services is governed by their own terms; we are not responsible for their content or practices.
  • You acknowledge that any data transmitted to, or from, third-party services is done at your own risk. We will implement reasonable security controls for data transmitted to these services, consistent with the DPA and applicable law.
  • If you connect third-party services to the Instance, you are responsible for the configuration and data sharing settings.

Submissions and Feedback

  • If you provide feedback or suggestions regarding the Service, you grant us a non-exclusive, worldwide, royalty-free licence to use, reproduce, and incorporate such feedback into the Service.

Data Protection, Privacy, and DPA

  • This Section applies in addition to our Privacy Policy and any Data Processing Addendum (DPA) agreed between you and us. The DPA will govern processing of Personal Data in the UK GDPR context.
  • Roles: Customer acts as data controller (and where applicable as processor for certain operations within Customer Data), while Oddineers Ltd. acts as data processor for Personal Data processed to provide the Service, except where we operate as data controller for certain activities (to be specified in the DPA).
  • Processing purposes include providing, maintaining, securing, and improving the Service, and otherwise as required to fulfil the contract.
  • Transfers: If Personal Data is transferred outside the UK, such transfers occur in compliance with UK data protection law (e.g., UK GDPR transfers, SCCs as applicable).
  • Data retention and deletion: The DPA will specify retention periods and secure deletion procedures upon contract termination or data deletion requests.
  • Sub-processors: We may engage Sub-processors and will provide a list of current Sub-processors and notice of changes in accordance with the DPA.
  • Security: We will implement appropriate technical and organisational measures (reasonable security controls) to protect Personal Data. Details are in the Security Policy or DPA.

Confidentiality

  • Each party shall keep confidential all Confidential Information disclosed by the other party and shall use it only for the purposes of fulfilling these Terms. Disclosure is permitted to employees, contractors, or affiliates on a need-to-know basis who are bound by confidentiality obligations.

Support, Maintenance, and Service Levels

  • We will provide support as described in the Service Level Schedule (SLS) attached to these Terms or provided separately. Support hours, response times, and maintenance windows (including any planned downtime) should be specified in the SLS.
  • We will endeavour to perform maintenance with minimal disruption, and will provide reasonable advance notice of planned maintenance.

Fees, Taxes, and Payment Terms

  • Customer agrees to pay the fees described in the applicable Order Form or subscription schedule. Fees are exclusive of taxes, which will be charged as required by law.
  • Payment terms are 28 days from the date of invoice, unless otherwise stated.
  • Late payments may incur interest at a rate specified by applicable law or the Order Form.
  • Price changes may occur upon renewal with prior notice, in line with applicable law.

Modifications and Interruptions

  • We may modify, update, suspend, or discontinue the Service (or any portion) at any time. We will use reasonable efforts to provide notice for material changes or interruptions in accordance with the SLS.

Warranties and Disclaimer

  • The Service is provided “as is” and “as available,” subject to applicable law. We warrant that we will provide the Service with reasonable care and skill and comply with the terms of the DPA.
  • We do not warrant that the Service will be uninterrupted or error-free. To the extent permitted by law, all implied warranties are disclaimed.

Limitation Of Liability

  • To the extent permitted by UK law, neither party shall be liable to the other for indirect or consequential damages arising out of these Terms.
  • Our total liability to Customer for direct damages arising out of or related to these Terms shall not exceed the fees paid or payable by Customer in the 12 months preceding the event unless otherwise required by law.
  • Nothing in these Terms excludes liability for death or personal injury caused by negligence, or for fraud, or for any other liability that cannot be excluded by law.

Indemnification

  • Customer agrees to indemnify and hold us harmless from any claims arising out of Customer Data, Customer’s use of the Service in violation of these Terms, or Customer’s breach of its obligations, to the extent permitted by law.
  • We may, at our expense, assume the defence of such claims and Customer agrees to cooperate as required.

Data Ownership and Return/Deletion

  • Upon termination of the Agreement, we will, subject to applicable legal and regulatory requirements, either return or securely delete Customer Data in accordance with the DPA and reasonable deletion procedures.

Electronic Communications and Signatures

  • The use of electronic communications, signatures, and records is permitted as described in these Terms. By using the Service, you consent to electronic communications and the use of electronic signatures where applicable.

Governing Law and Dispute Resolution

  • These Terms and any disputes arising out of or in connection with them shall be governed by the laws of England and Wales.
  • The courts of England and Wales shall have exclusive jurisdiction to hear and determine disputes arising out of or in connection with these Terms, except that we may seek injunctive relief in appropriate courts in any jurisdiction.
  • Before pursuing formal dispute resolution, the parties shall attempt to resolve the dispute informally for at least [X] days after written notice of the dispute.

International Data Transfers (UK GDPR)

  • If any Personal Data is transferred outside the United Kingdom, such transfer will be performed in compliance with UK GDPR and applicable data protection laws (e.g., UK-adequacy decisions, UK IDTA, SCCs, etc.). The DPA will specify the transfer mechanism.

Non-UK Provisions (If Applicable)

  • Do not apply in the UK unless you have a cross-border use case.

Modifications and Severability

  • If any provision is found to be unlawful, void, or unenforceable, that provision shall be severable and will not affect the validity and enforceability of the remaining provisions.

Assignment

  • Neither party may assign its rights or obligations under these Terms without the prior written consent of the other party, except that we may assign to an affiliate or in connection with a merger or sale of assets, with prior notice to Customer.

Force Majeure

  • Neither party shall be liable for delays or failure to perform caused by events beyond its reasonable control.

Entire Agreement

  • These Terms (together with any Order Forms, Schedules, DPA, and Privacy Policy) constitute the entire agreement between the parties and supersede all prior agreements concerning the same subject matter.

Notice and Contact Details

  • For information about these Terms, to report a concern, or to exercise data subject rights under the DPA or UK GDPR, contact:
  • Oddineers Ltd. c/o DoES Liverpool, Liverpool, Merseyside, L3 8HL.

Privacy Policy

  • Your use of the Service is also governed by our Privacy Policy, which is incorporated by reference. The Privacy Policy describes how we collect, use, and protect Personal Data.

Miscellaneous

  • These Terms apply to the maximum extent permitted by law in the United Kingdom. They may be updated from time to time, with notice where legally required. By continuing to use the Service after changes, you accept the updated Terms.
  • If you are a business customer, these Terms do not create a partnership, agency, or employment relationship between the parties.

Contact

  • For on-boarding or to request an Agreement, please reach out to us or contact at: info@oddineers.co.uk.

Appendix: Data Processing Addendum (DPA) (to be included with the Agreement)