TERMS AND CONDITIONS TENANCY TREASURY SERVICES LTD (“TTS”) SECTION 1 — DEFINITIONS AND INTERPRETATION About Us Let365 is a trading name of Tenancy Treasury Services Ltd (TTS), a company registered in England and Wales under number 16943756. Our registered offices are located at 5th Floor 167-169 Great Portland Street, London, England, W1W 5PF. VAT Registration pending You can access our services through our website at https: //www.let365.co.uk Definitions In these Terms, the following words and expressions have the meanings set out below. These definitions apply whether the words appear in the singular or plural and regardless of capitalisation. Headings are for convenience only. “Account” means an account established for a Partner or User to access and use the Platform, whether through a username and password, secure access link, API key or other access credentials or mechanisms made available by TTS. “Affiliate” means in relation to an entity, any other entity that directly or indirectly controls, is controlled by, or is under common control with that entity, where “control” means the ownership of at least 50% of the voting rights of the relevant entity. “AI/ML Restrictions” means the obligations preventing any Partner or User from using, directly or indirectly, any data, outputs, Deposit Information or Reports (including any derived or aggregated data) to train, test, benchmark, evaluate, compare or otherwise improve any artificial intelligence or machine-learning models. “AML Laws” means the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017, the Proceeds of Crime Act 2002, the Sanctions and Anti-Money Laundering Act 2018 (in each case as amended or replaced from time to time), and any other applicable laws, regulations or guidance relating to anti-money laundering, counter-terrorist financing, sanctions or anti-fraud. “API” means the application programming interfaces, API keys, endpoints, documentation, sample code, webhooks and other materials made available by TTS through which parts of the Services may be accessed programmatically. “Applicable Law” means all laws, statutes, regulations and statutory requirements that are applicable to a party or to the provision of the Services or the processing of data under these Terms, together with any binding regulatory guidance, codes of practice or requirements issued by a competent authority, including the UK GDPR, the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), the Immigration Acts, the Consumer Rights Act 2015, the Companies Act 2006 and eIDAS. “Audit Trail” means the system-generated records, logs, metadata and timestamps created by the Platform in connection with deposit administration activities or Electronic Approval workflows, including records of actions taken, system events, IP addresses, device or session identifiers and other technical information maintained for evidential, operational and compliance purposes. “Authorised Scheme” means a tenancy deposit protection scheme authorised in accordance with the Housing Act 2004 and any regulations made under it, which is responsible for providing statutory tenancy deposit protection and operating any associated alternative dispute resolution processes in accordance with its own rules. “Business Customer” means a Partner or other enterprise client that accesses or uses the Platform in the course of its trade, business or profession. “Business Day” means Monday to Friday, excluding UK public holidays. “Certificate” means a system-generated record produced by the Platform reflecting that an Electronic Approval or deposit-related instruction has been recorded within the Platform workflow. A Certificate is a technical record only and does not constitute an electronic signature, identity verification, or legally binding certification unless expressly recognised under Applicable Law. “Client Money” means tenancy deposit monies received or processed through the Platform in connection with the Deposit Services, which are segregated from TTS’s own operational funds solely for administrative and operational purposes. For the avoidance of doubt, segregation of Client Money does not of itself create a regulated payment service, deposit-taking activity, escrow arrangement, or fiduciary relationship beyond what is required by Applicable Law. “Client Protection Account” means a bank account designated by TTS for the segregation of Client Money in connection with the Deposit Services. Such accounts are operated solely as an administrative mechanism supporting deposit workflows. Nothing in these Terms designates TTS as a bank, deposit-taker, escrow provider, or regulated custodian. “Confidential Information” means any information disclosed by one party, whether orally, electronically or in writing, which is marked or identified as confidential, stated to be confidential at the time of disclosure, or would reasonably be understood to be confidential given the nature of the information or the circumstances of its disclosure, and includes the categories of information described in clauses 13.1.1 to 13.1.3. “Content” means text, images, documents, signatures, videos, data, and other materials submitted, uploaded, or generated through the Platform. “Controller”, “Processor”, “Data Subject”, “Personal Data”, “Processing” means in each case, the meaning given to that term in the UK GDPR (as amended or replaced from time to time). “Data Incident” means any actual or reasonably suspected accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data processed by TTS, including any compromise of the confidentiality, integrity or availability of such Personal Data. “Data Protection Laws” means all data protection and privacy laws applicable in the United Kingdom, including the UK GDPR, the Data Protection Act 2018 and the PECR, in each case as amended or replaced from time to time. “Deposit Information” means information relating to a tenancy deposit and its administration via the Platform, including details of the tenancy, the amount of the deposit, the landlord and tenant, payment and repayment instructions, Authorised Scheme references and confirmations, and any related transactional or status information generated in connection with the Deposit Services. “Deposit Services” means the administrative, technical and operational support services provided by TTS in connection with tenancy deposits, as more particularly described in clause 2.3. “Dormant Balances” means Client Money that remains unclaimed, cannot be repaid, or cannot be allocated due to missing, incomplete, inconsistent or outdated instructions after completion of the relevant tenancy and any applicable Authorised Scheme processes. “eIDAS” means Regulation (EU) No 910/2014 on electronic identification and trust services for electronic transactions in the internal market, as retained in UK law and as amended or replaced from time to time. “Electronic Approval” means an electronic acknowledgement, confirmation, or indication of consent recorded through the Platform. An Electronic Approval is a technical record only and does not constitute an electronic signature, identity verification, or legally binding execution unless expressly recognised under Applicable Law. “Fees” means all charges payable for the Services, as agreed in writing or displayed at the point of purchase. “Independent Controller” means a party that determines the purposes and means of the processing of Personal Data independently of the other party and is a data controller in its own right for the purposes of Data Protection Laws. “Interest” means any interest (including any negative interest) credited or debited by the relevant bank on Client Money held in a Client Protection Account. “Partner” means any legal entity or organisation using the Platform for business purposes, including but not limited to letting agents, landlords, estate agents, property managers, build-to-rent operators, brokers, law firms, conveyancers, software providers, or other commercial users. “Partner Dashboard” means the secure online interface through which Partners access Reports, initiate identity checks, manage workflows, and view audit data. “Personal Data Breach” has the meaning given in the UK GDPR. “Platform” means the software, systems, websites, portals, APIs, dashboards, and related tools owned or operated by TTS and accessible via let365.co.uk, or via the app. “Relevant Party Information” means information about a relevant party provided during deposit administration, including identity documents, contact details, income documents, and supporting materials. “Reports” means any statements, summaries, logs or outputs generated by the Platform in connection with the Deposit Services, including Audit Trails, transaction histories and operational records, but excluding any legal, financial or compliance advice or any certification of entitlement or statutory compliance. “Services” means the administrative, technical and operational services provided via the Platform as described in Section 2, including the Deposit Services, electronic approval workflows, Reports, dashboards, APIs and customer support. “Scheme Protection” means the statutory tenancy deposit protection provided by an Authorised Scheme in accordance with the Housing Act 2004 and any regulations made under it and the rules of the relevant Authorised Scheme, including the safeguarding of tenancy deposits and the operation of any applicable alternative dispute resolution processes. “Sub-Processor” means any third party engaged by TTS to process Personal Data on its behalf. “Tenancy Deposit Administration Services” means the administrative and technical workflows and data processing used to support the handling, allocation, protection and repayment of tenancy deposits via the Platform. “Tier 1 Bank” means a bank authorised and regulated by the Prudential Regulation Authority and Financial Conduct Authority (or an equivalent regulatory authority in the UK or EEA) and meeting minimum capital adequacy requirements under applicable banking regulations. “User” means an individual using the Platform at the request of a Partner or accessing verification or signing workflows. SECTION 2 — SCOPE OF SERVICES 2.1 Overview of the Services 2.1.1 TTS provides a set of technology tools designed to support tenancy deposit administration and related administrative workflows, including the submission, processing and recording of deposit-related information and instructions via the Platform. 2.1.2 The Services include: Deposit Services Tenancy deposit administration Services Electronic Approval Services Audit Trails and system-generated records Partner Dashboard access API access (where applicable) Secure document storage tenancy documentation workflows (where applicable) 2.1.3 These Services are supported by third-party technology providers, compliance databases, document analysis engines, authentication engines and scheme providers. 2.2 What TTS’s Services Are (and Are Not) 2.2.1 TTS provides technology tools that support deposit-related administrative workflows, including the collection and transmission of information, the recording of electronic approvals and the maintenance of system records, but does not verify identity, assess suitability or provide legally binding electronic signature or trust services. 2.2.2 TTS does provide: Systems to collect, transmit and record information submitted by Users and Partners via the Platform; Tools to support deposit administration processing and related workflows; Electronic Approval Services, including the recording of electronic approvals and associated Audit Trails; System-generated Reports and records relating to deposit-related actions, events and status updates; Secure storage and retrieval of deposit-related documents and records; Tools to capture and maintain evidence relating to deposit-related tenancy documentation; and Partner dashboards and API integrations to access and manage deposit-related information and workflows. 2.2.3 TTS does not provide: Legal advice Tenancy suitability decisions Any verification or guarantee that identity or documents are genuine A guarantee that Users will meet any tenancy obligations Any guarantee as to the accuracy or completeness of deposit administration information supplied by Partners, Users or third parties Any credit-checking services Any immigration advice or status determinations Any responsibility for tenancy agreements uploaded by Partners Any obligation to pursue or enforce tenancy breaches 2.2.4 Partners remain entirely responsible for decisions they make using Reports. 2.3 Deposit Services 2.3.1 The Services provided by TTS in connection with tenancy deposits are limited to administrative, technical and operational support relating to the handling of deposit monies and associated instructions. Deposit Services may include: Enabling Partners to submit, manage and transmit deposit-related instructions and Deposit Information via the Platform or Partner Dashboard; Facilitating the receipt, routing, allocation and reconciliation of tenancy deposit monies in accordance with Partner instructions; Transmitting deposit details, instructions and confirmations to authorised third-party tenancy deposit protection schemes for the purposes of statutory protection; Supporting deposit repayment and release workflows, including the submission, logging and tracking of instructions provided by relevant parties; Generating and maintaining Reports and system records relating to deposit status, scheme interactions and deposit-related events; Maintaining Audit Trails consisting of system-generated logs, timestamps, status changes and confirmation records relating to deposit administration activities. 2.3.2 For the avoidance of doubt, TTS does not: Verify the identity of Users or any other individuals; Perform document verification, biometric processing, authentication checks, credit checks, employment verification, sanctions screening or AML/KYC services; Assess the suitability, credibility or risk profile of any person; Provide tenancy deposit protection, which is provided exclusively by authorised third-party tenancy deposit protection schemes. 2.3.3 TTS may update, enhance or modify the administrative or technical features of the Platform from time to time, provided that such changes do not alter the nature of the Deposit Services as non-regulated deposit administration and support services. 2.4 Tenancy deposit administration Services 2.4.1 TTS provides administrative and technical tools to enable Partners to manage tenancy deposit-related processes via the Platform. TTS does not assess, determine or advise on the suitability of any User for a tenancy. 2.4.2 In connection with the Deposit Services, TTS may process Deposit Information and other information supplied by or on behalf of Partners for the purposes of facilitating deposit handling, scheme interaction and related workflows. TTS does not verify, validate or independently assess the accuracy or completeness of such information. 2.4.3 Partners remain solely responsible for: determining whether to grant, continue or terminate a tenancy; assessing the suitability, affordability or credibility of any User; setting and applying their own tenancy, referencing and deposit policies; ensuring compliance with all Applicable Law, including the Immigration Acts, landlord and letting regulations, and statutory obligations relating to tenancy deposits. 2.4.4 Reports and other outputs made available through the Platform are provided for administrative and informational purposes only and do not constitute advice, recommendations or guarantees of any outcome. 2.5 Electronic Approval Services 2.5.1 TTS may make available electronic approval functionality to enable Partners and other relevant parties to electronically approve, acknowledge or confirm deposit-related documents, instructions or actions via the Platform. 2.5.2 Such electronic approval functionality is intended to support operational efficiency and record-keeping in connection with the Deposit Services and is not provided as an identity verification, certification or trust service. 2.5.3 Electronic Approval Services may include: Capturing electronic approvals or acknowledgements in relation to deposit instructions or documents; Generating Audit Trails and system records evidencing the timing and submission of such approvals; Applying technical measures designed to preserve the integrity of electronically approved records; and Secure storage and retrieval of electronically approved records. 2.5.4 For the avoidance of doubt, TTS does not provide qualified electronic signatures, advanced electronic signatures or trust services within the meaning of eIDAS or any successor legislation. Where qualified electronic signatures are used in connection with the Deposit Services, such signatures are provided by a third-party qualified trust service provider in accordance with its own terms and processes, and TTS acts solely as a technical platform facilitating the relevant workflow and the transmission or display of related confirmations. 2.5.5 For the avoidance of doubt: TTS does not verify or confirm the identity of any signatory or approver; TTS does not issue tenancy deposit protection certificates or scheme certificates; TTS is not a party to, and does not approve, validate or review, any document or agreement approved or executed using the Platform; and Partners remain solely responsible for the legal validity, enforceability and suitability of any document or instruction approved electronically. 2.5.6 The legal effect of any electronic approval is determined by Applicable Law and the circumstances in which it is used, and not by TTS. 2.6 API Access and Integrations 2.6.1 Where API access is made available, Partners may use the API to integrate the Platform with their own systems and workflows in connection with the Deposit Services. Permitted uses of the API may include: Submitting and managing deposit-related instructions and Deposit Information; Automating deposit administration workflows and related status updates; Transmitting deposit details and instructions to and from authorised third-party tenancy deposit protection schemes; Retrieving Reports, confirmations and deposit-related records made available via the Platform; Embedding deposit-related journeys or functionality into the Partner’s own applications or systems. 2.6.2 API access and use is subject to: The use of issued API keys or other authentication credentials; Applicable rate limits, technical specifications and usage thresholds; Compliance with TTS’s security, access control and data protection requirements; Strict use-case restrictions applicable to the Deposit Services; and The AI/ML Restrictions. 2.6.3 TTS may suspend or restrict API access where a Partner breaches these Terms, misuses the API or data, compromises security, or uses the API in a manner that adversely affects the Platform or other users. 2.7 Reports and Outputs 2.7.1 Reports made available through the Platform consist of administrative and informational outputs relating to the Deposit Services. Reports may include: Deposit status updates, confirmations and references; Records of deposit-related instructions, actions and events; Scheme-related confirmations or notifications received from authorised tenancy deposit protection schemes; and Audit Trail summaries and other system-generated records relating to deposit administration activities. 2.7.2 Reports are provided for informational and record-keeping purposes only. They do not constitute legal, financial, regulatory or tenancy advice, and do not represent any assessment of the suitability, credibility or risk profile of any person. 2.7.3 Partners are solely responsible for: Interpreting and relying on Reports in the context of their own processes and obligations; Verifying any information obtained from third parties or authorised schemes where appropriate; and Making all decisions relating to tenancies, deposits and related matters. 2.7.4 TTS is not responsible for any action taken or not taken by a Partner in reliance on a Report. 2.8 Availability of the Services 2.8.1 TTS aims to make the Platform and Services available in a reliable and secure manner but does not guarantee uninterrupted availability, freedom from errors or defects, zero downtime, or compatibility with all devices, operating systems or browsers. 2.8.2 TTS may, without liability to Users or Partners: Perform maintenance, updates or upgrades to the Platform; Implement security patches or vulnerability fixes; Remove or modify outdated or unsupported features; or Change, replace or discontinue integrations with third-party systems, provided that such actions do not materially and adversely impair the core functionality of the Services as a whole. 2.9 Prohibited Uses of the Services 2.9.1 You must not: Use the Platform to commit or facilitate fraud or other unlawful activity; Submit, upload, or transmit information or materials that are false, misleading or materially inaccurate; Interfere with disrupt or attempt to disable the security, integrity or performance of the Platform or Services; Scrape, harvest, extract or otherwise collect data from the Platform except as expressly permitted by these Terms; Benchmark, test or evaluate the Platform or Services against competing products or services without TTS’s prior written consent; Use any data, Reports or outputs made available through the Platform for the purpose of training, testing, benchmarking or evaluating artificial intelligence or machine-learning models, in breach of the AI/ML Restrictions; Use the Platform or Services in a manner that results in unlawful discrimination in connection with tenancy or housing decisions, in breach of Applicable Law; Upload, transmit or make available any content that is unlawful, infringing, defamatory or otherwise prohibited by law; or Operate automated, scripted or bulk submissions or interactions with the Platform without TTS’s prior authorisation. 2.9.2 Any breach of this clause may result in actions by TTS including suspension or termination of access to the Platform or Services, reporting to relevant authorities where required by law, and the pursuit of legal remedies in accordance with these Terms. 2.10 No Professional Advice 2.10.1 TTS does not provide legal, financial, regulatory, tenancy, immigration or other professional advice through the Platform or the Services. 2.10.2 Without limitation, TTS does not: Provide legal or financial advice; Assess or advise on tenancy suitability or affordability; Advise on compliance with immigration, landlord or letting regulations; or Provide advice or assessments relating to employment, income or personal circumstances. 2.10.3 All decisions taken in connection with tenancies, deposits and related matters remain the sole responsibility of the Partner, who must obtain independent professional advice where required. 2.11 Changes to the Scope of Services 2.11.1 TTS may, from time to time: Update or enhance administrative, technical or operational features of the Services; Add new functionality or tools relating to deposit administration or Platform use; Modify or discontinue outdated or unsupported features; Adjust technical workflows, processes or system architecture; and Introduce new or updated API versions or integration methods, where reasonably necessary for security, legal or regulatory compliance, operational efficiency, or the ongoing improvement of the Services. 2.11.2 TTS will use reasonable efforts to notify Partners in advance of any material changes to the scope of the Services where such changes are likely to have a significant impact on use of the Platform. SECTION 3 — DEPOSIT ADMINISTRATION, TREASURY SERVICES AND INSURED SCHEME PROTECTION 3.1 Overview of Deposit Administration Services 3.1.1 TTS provides deposit administration, treasury and workflow services (the Deposit Services) to support Partners in receiving, allocating and administering tenancy deposits in connection with protection provided by an authorised tenancy deposit protection scheme (the Scheme Protection). 3.1.2 TTS does not operate an authorised tenancy deposit protection scheme under the Housing Act 2004 and does not itself provide statutory deposit protection. Scheme Protection is provided solely by the relevant Authorised Scheme, subject to that Authorised Scheme’s rules and processes. 3.2 Parties, Roles and Responsibilities 3.2.1 The Partner is responsible for determining its legal obligations in relation to tenancy deposits, including compliance with the Housing Act 2004 and any associated regulations, and for serving any prescribed information on Users unless TTS expressly agrees in writing to serve on the Partner’s behalf. 3.2.2 The Authorised Scheme is responsible for Scheme Protection, statutory compliance of the scheme, issuance of scheme documentation (including any certificate), and operation of dispute resolution or ADR processes. 3.2.3 TTS is responsible only for providing the Deposit Services and does not give legal advice, confirm legal compliance, or determine disputes. 3.3 Appointment and Authority 3.3.1 The Partner appoints TTS to perform the Deposit Services on the Partner’s behalf in accordance with these Terms. 3.3.2 The Partner warrants that it has authority to: Instruct TTS in relation to any deposit and tenancy record it submits; Provide User and tenancy information to TTS and the Authorised Scheme; and Submit repayment instructions and evidence on behalf of the landlord and/or managing agent, as applicable. 3.3.3 The Partner remains responsible for the accuracy and completeness of all information and instructions provided. 3.4 Scope and Components of the Deposit Services 3.4.1 The Deposit Services may include: Receipt of deposits into a safeguarded account (where enabled); Verification and reconciliation of deposit amounts and tenancy metadata; Submission of registration details to an Authorised Scheme via API or portal (where integrated); Allocation of deposits to Scheme Protection and retrieval or recording of scheme confirmations and certificates (where available); Issuance of platform notifications, statutory information packs or supporting documentation to Partners for onward service (where configured); Management of repayment instructions, deductions and evidence collation workflows; Communications and status updates between Partners and Users (tenants), as configured by the Partner; and Operational support, exception handling and audit logging. 3.5 Client Protection Accounts and Safeguarding of Client Money 3.5.1 Where the Deposit Services include the receipt, holding or movement of Client Money, TTS shall hold such Client Money in one or more designated Client Protection Accounts (“Client Protection Accounts”). 3.5.2 Client Protection Accounts shall be maintained separately from any account used for TTS’s own operational or business purposes and shall be designated and operated solely for the purposes of holding Client Money in connection with the Deposit Services. 3.5.3 Client Money held in a Client Protection Account is held for the relevant landlord and tenant (or as otherwise required by Applicable Law or the rules of the relevant Authorised Scheme) and does not form part of TTS’s own assets. 3.5.4 TTS shall not: mix Client Money with its own funds; use Client Money for its own operating or business purposes; grant, create or permit any security interest, lien or encumbrance over Client Money; or exercise any right of set-off, counterclaim or retention in respect of Client Money. 3.5.5 Client Money shall be held and used solely for the purposes of: Onward allocation or transmission to an Authorised Scheme in connection with Scheme Protection; and/or Lawful repayment or release in accordance with Partner instructions, joint confirmations (where applicable), Applicable Law and the rules and processes of the relevant Authorised Scheme. 3.5.6 TTS acts solely on instructions and confirmations received through the Platform or via authenticated API requests. TTS is not responsible for verifying legal entitlement to Client Money, the identity of any party, or the legal effect of any instruction, save where verification is expressly required by Applicable Law. 3.5.7 For the avoidance of doubt, TTS does not operate an authorised tenancy deposit protection scheme and does not itself provide statutory tenancy deposit protection. Statutory protection is provided solely by the relevant Authorised Scheme in accordance with its own rules and processes. 3.5.8 TTS may use third-party banking and treasury service providers to support the operation of Client Protection Accounts and related treasury workflows. TTS remains responsible for providing the Deposit Services in accordance with these Terms but is not responsible for acts or omissions of third parties outside its reasonable control, subject to Applicable Law. 3.6 Deposit Lifecycle and Statutory Framework 3.6.1 The lifecycle of a tenancy deposit administered through the Platform operates as follows: 3.6.1.1 Deposit monies may, where enabled, be received into a Client Protection Account operated by or on behalf of TTS in accordance with these Terms. 3.6.1.2 Deposit details and related information are submitted to the relevant Authorised Scheme in accordance with the Partner’s instructions and the rules of that Authorised Scheme for the purposes of statutory Scheme Protection. 3.6.1.3 During the tenancy, Client Money is held solely for safeguarding and administrative purposes pending lawful repayment or authorised deductions, in accordance with the Housing Act 2004 and the rules of the relevant Authorised Scheme. 3.6.1.4 At the end of the tenancy, repayment or deduction instructions are processed in accordance with joint instructions of the landlord and tenant (where applicable), the dispute resolution process operated by the relevant Authorised Scheme (where invoked), and Applicable Law. 3.6.1.5 Where a dispute is raised, entitlement to the deposit is determined by the relevant Authorised Scheme in accordance with its alternative dispute resolution process or, where applicable, by a competent court. TTS does not adjudicate disputes and does not determine entitlement to Client Money. 3.6.1.6 Client Money is released strictly in accordance with confirmed repayment instructions submitted through the Platform, a determination or direction issued by the relevant Authorised Scheme, or a lawful order of a competent court or authority. 3.6.2 TTS does not exercise discretionary control over Client Money. TTS acts only in accordance with instructions submitted by the Partner through the Platform, the rules and determinations of the relevant Authorised Scheme, and Applicable Law. 3.6.3 Nothing in these Terms alters or replaces the statutory framework governing tenancy deposits under the Housing Act 2004 or any associated legislation, including (where applicable) the Tenant Fees Act 2019. Statutory protection and dispute outcomes are governed exclusively by the rules of the relevant Authorised Scheme and Applicable Law. 3.7 Banking Arrangements and Tier 1 Bank Requirement 3.7.1 Client Protection Accounts shall be maintained only with banks that meet the definition of Tier 1 Bank. 3.7.2 Client Money shall be held outside TTS’s operational risk matrix and segregated from accounts used for TTS’s own business or operating purposes. Segregation does not eliminate banking, counterparty, or systemic risk. 3.7.3 TTS may change the bank or banking provider used for Client Protection Accounts from time to time provided that any replacement bank satisfies the Tier 1 Bank requirement and continues to operate Client Protection Accounts in accordance with these Terms. 3.7.4 TTS does not guarantee the solvency of any banking institution but shall exercise reasonable care in the selection and ongoing monitoring of banking providers used in connection with Client Protection Accounts. 3.7.5 Processing of deposits and transfers may be subject to bank processing times, cut-offs, weekends, public holidays and network outages. TTS shall use reasonable efforts to process Client Money promptly but is not responsible for delays caused by banks, payment networks, the Partner, Users, the Authorised Scheme or third-party providers outside the reasonable control of TTS. 3.8 Interest on Client Money 3.8.1 Unless otherwise expressly agreed in writing, any Interest shall belong to TTS and may be applied towards the costs of operating, maintaining and administering the Deposit Services. 3.8.2 No Interest is guaranteed to accrue on Client Money and TTS makes no representation or warranty that Client Protection Accounts will generate Interest at any particular rate or at all. Interest rates are determined by the relevant banking institution and may vary over time, including being reduced to zero or becoming negative. 3.8.3 Client Money is held for safeguarding and administrative purposes only. TTS has no obligation to invest Client Money, seek or maximise Interest, obtain any particular rate of return or place Client Money in interest-bearing accounts. 3.8.4 Partners and Users acknowledge and agree that Client Money is held solely for safeguarding and administrative purposes and that no entitlement to Interest arises unless expressly stated in writing. Nothing in these Terms creates any trust, fiduciary duty or agency obligation in respect of Interest. 3.8.5 TTS shall maintain appropriate accounting records in respect of any Interest earned and any bank charges incurred on Client Protection Accounts in accordance with its internal accounting and reconciliation procedures. 3.8.6 TTS may make available to Partners information concerning its general policy regarding Interest on Client Money. Partners remain responsible for ensuring that any disclosures required to be made to landlords or tenants regarding Interest are accurate and comply with Applicable Law and the rules of the relevant Authorised Scheme. 3.8.7 Any interest retained by TTS may be subject to taxation in accordance with Applicable Law. TTS is not responsible for any tax liabilities of Partners, landlords or tenants arising in connection with Client Money or Interest. 3.8.8 Where Client Money is held or processed in connection with an Authorised Scheme, the treatment of Interest shall be subject to the rules of that Authorised Scheme. In the event of any conflict between this clause and the rules of an Authorised Scheme, the scheme rules shall prevail in relation to Scheme Protection. 3.8.9 TTS may update its policy relating to Interest on Client Money from time to time, provided that any such changes are applied prospectively and, where they materially affect the operation of the Deposit Services, are communicated to Partners. 3.9 Dormant and Unclaimed Balances 3.9.1 Where Client Money remains unclaimed, cannot be repaid or cannot be allocated due to missing, incomplete, inconsistent or outdated instructions after completion of the relevant tenancy and applicable scheme processes (“Dormant Balances”), TTS shall take reasonable steps to trace and contact the relevant parties using the information available to it. 3.9.2 Reasonable tracing steps may include contacting the Partner, contacting the landlord and/or tenant using last known contact details, reviewing Platform records and Audit Trails and requesting additional information reasonably required to verify repayment details or entitlement. 3.9.3 Client Money shall not be treated as a Dormant Balance until the tenancy is reasonably understood to have ended and any applicable Authorised Scheme processes (including dispute or repayment workflows) have been completed or are no longer capable of completion without further action by the parties. 3.9.4 Where repayment is delayed due to a dispute, suspected fraud, sanctions risk, money laundering concerns or investigation by a competent authority or the Authorised Scheme, TTS may suspend repayment pending resolution and shall record the reason for suspension. 3.9.5 Where a Dormant Balance remains unclaimed after reasonable tracing efforts, TTS shall continue to hold such Client Money in the relevant Client Protection Account and shall not release, apply or otherwise dispose of it except in accordance with Applicable Law or pursuant to a lawful instruction or requirement of the relevant Authorised Scheme or a competent authority. 3.9.6 TTS shall not treat Dormant Balances as forfeited to TTS by default and shall not use Dormant Balances for its own operating purposes. 3.9.7 TTS shall maintain full records of Dormant Balances, tracing steps taken, instructions received (or not received) and any final lawful disposition of such funds for audit and evidential purposes. 3.9.8 The Partner shall promptly provide information and assistance reasonably requested by TTS to enable tracing, contact and repayment of Dormant Balances, including updated contact details and documentation where necessary. 3.10 Standards of Conduct and Safeguarding 3.10.1 TTS shall operate its Deposit Services and Client Protection Accounts in accordance with Applicable Law and generally accepted industry standards relating to the safeguarding and segregation of Client Money, accounting and reconciliation, transparency, record-keeping, complaint handling and professional conduct. 3.10.2 Nothing in these Terms makes TTS a statutory tenancy deposit protection scheme or transfers to TTS any legal responsibility that rests with the Partner under the Housing Act 2004 or any related regulations or that rests with an Authorised Scheme under its scheme rules. 3.10.3 The Partner remains solely responsible for compliance with statutory tenancy deposit obligations (including prescribed information obligations), compliance with the rules of the relevant Authorised Scheme and ensuring that its use of the Deposit Services complies with Applicable Law and any applicable professional or membership requirements. 3.10.4 The Partner shall cooperate with TTS and provide information reasonably required for TTS to operate Client Protection Accounts and deposit workflows in accordance with these Terms and Applicable Law. 3.11 Accounting, Reconciliation and Audit Controls 3.11.1 TTS shall maintain appropriate internal accounting, reconciliation and control procedures in respect of Client Protection Accounts and Client Money. 3.11.2 Such procedures may include regular reconciliation of Client Protection Account balances against Platform records, monitoring and resolution of exceptions and failed payments, segregation of duties and access controls and maintenance and retention of Audit Trails and system records. 3.11.3 Audit Trails and system records are maintained for operational, compliance and evidential purposes only and do not constitute verification of identity, entitlement, legality or compliance with statutory or scheme requirements. 3.11.4 TTS may provide Partners with records and evidence reasonably required for Partner audits, scheme requirements and dispute evidence workflows, subject to Applicable Law, confidentiality, data protection and security requirements. 3.12 Regulatory Positioning and Scheme Responsibilities 3.12.1 TTS does not operate an authorised tenancy deposit protection scheme and does not provide statutory tenancy deposit protection. 3.12.2 Scheme Protection is provided solely by the relevant Authorised Scheme in accordance with its own rules and processes. Any scheme confirmations, certificates or references made available via the Platform are provided by the Authorised Scheme or derived from Authorised Scheme data. 3.12.3 TTS does not adjudicate disputes, provide alternative dispute resolution services, guarantee compliance with statutory tenancy deposit requirements or determine entitlement to deposit deductions. 3.12.4 The role of TTS is limited to providing administrative, technical and treasury support services in connection with the Deposit Services, including the processing of instructions and operation of Client Protection Accounts as described in these Terms. 3.12.5 In the event of any conflict between these Terms and the rules of an Authorised Scheme in relation to Scheme Protection, the Authorised Scheme rules shall prevail as between the Partner and the Authorised Scheme only. 3.13 Transparency and Disclosure 3.13.1 TTS may make available to Partners information concerning how Client Protection Accounts are operated, its general policy regarding Interest on Client Money, its approach to Dormant Balances and operational requirements relevant to deposit workflows. 3.13.2 The Partner is responsible for making any disclosures required to be made to landlords and tenants in connection with the tenancy deposit in accordance with Applicable Law and the rules of the relevant Authorised Scheme. 3.13.3 Where the Platform provides notices, confirmations or workflow communications relating to deposit administration, those communications are deemed delivered in accordance with the notice provisions of these Terms, subject to Applicable Law. 3.14 Receipt and Safeguarding of Deposits 3.14.1 The receipt, holding and safeguarding of Client Money shall be carried out in accordance with clause 3.5 (Client Protection Accounts and Safeguarding of Client Money). 3.15 Timing, Cut-Offs and Banking Delays 3.15.1 Allocation to Scheme Protection and transfers to or from the Authorised Scheme may be subject to banking cut-offs, weekends and public holidays. 3.15.2 TTS does not guarantee same-day allocation or transfer but will use reasonable efforts to process deposits promptly. 3.15.3 TTS is not responsible for delays caused by the Partner, the Partner’s bank, a User’s bank, the Authorised Scheme, payment processors or network outages. 3.16 Scheme Selection and Scheme Rules 3.16.1 The Partner may be required to select an Authorised Scheme and/or a scheme product (including an insured scheme) within the Platform. 3.16.2 Scheme Protection is provided subject to the Authorised Scheme’s rules. Where there is any conflict between these Terms and the Authorised Scheme’s rules in relation to Scheme Protection, the Authorised Scheme’s rules prevail as between the Partner and the Authorised Scheme. 3.16.3 TTS may provide links to or copies of scheme rules for convenience but does not warrant their completeness or accuracy. 3.17 Scheme Confirmations, Certificates and Records 3.17.1 Any scheme confirmations, certificates or protection references made available via the Platform are provided by the Authorised Scheme or derived from Authorised Scheme data. 3.17.2 TTS records and displays such outputs for administrative purposes only. 3.17.3 The Partner must verify that Scheme Protection has been successfully activated in accordance with its obligations and the Authorised Scheme’s rules. 3.18 Statutory Information 3.18.1 TTS may generate, compile or make available statutory information packs and related documents based on data provided by the Partner and/or the Authorised Scheme. 3.18.2 Unless expressly agreed in writing, the Partner is responsible for service of prescribed information on Users and for retaining evidence of such service. 3.18.3 Where TTS serves prescribed information on behalf of a Partner, the Partner remains responsible for ensuring the information is correct and complete. 3.19 Repayment Instructions and Deductions 3.19.1 The Platform may permit the Partner to submit repayment instructions and proposed deductions. 3.19.2 TTS processes instructions as received and does not adjudicate entitlement to deductions. 3.19.3 Repayments may require confirmation from both landlord and tenant and/or completion of Authorised Scheme processes. 3.19.4 TTS does not determine whether any retention or deduction is lawful under the Tenant Fees Act 2019 or any other Applicable Law. Such matters are determined by the Partner and, where applicable, the relevant Authorised Scheme or a competent court. 3.20 Disputes and ADR 3.20.1 Disputes relating to deposit deductions or repayment are handled by the Authorised Scheme’s dispute resolution or ADR process where available. 3.20.2 TTS may support evidence collection and submission workflows but does not make determinations and is not responsible for ADR outcomes. 3.20.3 Where ADR is not used, repayment will be processed in accordance with the Authorised Scheme’s rules and lawful instructions. 3.21 Chargebacks, Reversals and Failed Payments 3.21.1 Where a deposit payment is reversed, charged back or fails (including due to insufficient funds or suspected fraud), TTS may suspend processing and/or require alternative payment. 3.21.2 The Partner is responsible for resolving payment issues with the User and for any costs arising from chargebacks or reversals imposed by payment processors. 3.22 Fraud, Sanctions and Suspicious Activity 3.22.1 TTS may delay, suspend or refuse processing where it reasonably suspects fraud, money laundering, sanctions risk or other unlawful activity. 3.22.2 The Partner must promptly provide information reasonably requested by TTS to investigate suspicious activity. 3.22.3 TTS may report suspicious activity to relevant authorities where required by law. 3.23 Third Party Services 3.23.1 The Deposit Services may rely on third-party systems including payment processors, banking partners and Authorised Scheme systems. TTS is not responsible for third-party acts or omissions except to the extent caused by TTS’s breach of these Terms. 3.24 Changes to Deposit Services 3.24.1 TTS may update the Deposit Services (including integrations, workflows and supported scheme products) to reflect changes in scheme rules, technical requirements, fraud controls or operational processes, in accordance with Section 20 (Changes to these Terms) and any applicable notice requirements. 3.25 Deposit Services Documentation 3.25.1 TTS may publish implementation guides, workflow notes or help-centre content describing the Deposit Services. Such documentation forms part of the Services Description but does not override these Terms. SECTION 4 — ACCOUNT CREATION, ACCESS AND SECURITY 4.1 Authorised Users 4.1.1 The Partner may designate individuals as “Authorised Users” who are permitted to access and use the Platform on the Partner’s behalf. Authorised Users may, subject to the Partner’s configuration and permissions: Access the Partner Dashboard; Submit and manage deposit-related instructions; View Reports and Audit Trails; Download documents and records made available via the Platform; Manage API access, integrations and other account-level settings. 4.1.2 The Partner: Is responsible for all acts and omissions of its Authorised Users in connection with the Platform and the Services; Must ensure that all Authorised Users comply with these Terms; and Must promptly revoke or update access for any individual who no longer requires access or who leaves the Partner’s organisation. 4.2 Account Security 4.2.1 The Partner must: Keep all login credentials, access tokens and authentication details secure and confidential; Implement appropriate access controls and permissions for Authorised Users; Apply industry-standard password management and security practices; Enable multi-factor authentication or equivalent security measures where made available by TTS; and Restrict access to the Platform to authorised personnel only. 4.2.2 The Partner must not: Share credentials or access details between users; Permit any third party to access the Platform using the Partner’s credentials; or Store or transmit credentials in an insecure manner. 4.3 API Credentials 4.3.1 Where a Partner uses the API, TTS may issue API keys, client identifiers or other integration credentials (API Credentials) to enable access to the Platform. 4.3.2 The Partner must: Store all API Credentials securely and confidentially; Not embed API Credentials in publicly accessible code, repositories or client-side applications; Rotate or revoke API Credentials promptly where compromise is suspected or confirmed; and Use API Credentials only in accordance with these Terms and applicable technical documentation. 4.3.3 The Partner is responsible for all use of the API Credentials issued to it. Misuse of API Credentials (including excessive use, circumvention of technical controls or abusive behaviour) may result in suspension or termination of API access and/or other action by TTS in accordance with these Terms. 4.4 Responsibility for Actions under the Account 4.4.1 The Partner is responsible for all activities carried out under its Partner Account, including: All actions taken through the Platform or API using the Partner’s credentials or API Credentials; Any deposit administration workflows or instructions triggered by the Partner’s systems or integrations; Any documents, records or information uploaded, submitted or approved via the Platform; All actions taken by its Authorised Users. 4.4.2 TTS is not responsible for unauthorised access to or use of the Platform or Services arising from the Partner’s failure to comply with its security obligations under these Terms. 4.5 Account Configuration 4.5.1 TTS may provide configuration settings within the Partner Dashboard to enable Partners to control aspects of their use of the Platform, including: Branding and presentation options; Workflow and process settings relating to deposit administration; Electronic approval or signature templates (where enabled); Permissions and access levels for Authorised Users; and Which third-party integrations or API connections are enabled. 4.5.2 The Partner is solely responsible for selecting, configuring and maintaining appropriate settings for its use of the Platform and for ensuring that such settings comply with these Terms and Applicable Law. 4.6 Prohibited Account Activities 4.6.1 The Partner must not, and must not permit any Authorised User or third party to: Access or attempt to access any unauthorised parts of the Platform or Services; Bypass, disable or interfere with authentication, access controls or security measures; Interfere with the integrity, availability or security of the Platform, systems or data; Run automated scraping, harvesting or data extraction tools except as expressly permitted by these Terms; or Conduct or attempt any security testing, vulnerability scanning or penetration testing of the Platform without TTS’s prior written consent. 4.7 Account Suspension 4.7.1 TTS may, acting reasonably, suspend access to the Partner Account and/or the Services (in accordance with Section 17) where it reasonably believes that: There is suspected fraud, misuse or unlawful activity; The security or integrity of credentials, API Credentials or the Platform may have been compromised; Fees or other amounts due remain unpaid; Suspension is required to comply with Applicable Law or regulatory requirements; There is a security threat to the Platform, Services or other users; or The Partner has breached these Terms. 4.7.2 TTS will use reasonable efforts to lift any suspension once the relevant issue has been resolved or mitigated to the reasonable satisfaction of TTS. 4.8 Account Termination 4.8.1 Upon termination or expiry of the Agreement for any reason: access to the Partner Account and the Platform will be deactivated; any API Credentials issued to the Partner will be revoked; all Authorised Users will lose access to the Platform; and data will be retained, returned or deleted in accordance with Section 7 (Data Protection and Privacy). 4.8.2 Termination or expiry of the Agreement does not affect any rights, obligations or liabilities that have accrued prior to termination, nor any provisions which by their nature are intended to survive termination. SECTION 5 — DEPOSIT INSTRUCTIONS, ELECTRONIC COMMUNICATIONS AND AUTHORISATIONS 5.1 Overview 5.1.1 This Section governs electronic instructions, approvals and communications used in connection with the Deposit Services, including deposit initiation, allocation, repayment and dispute evidence workflows. 5.1.2 TTS does not provide qualified electronic signatures. Where electronic signature or electronic approval functionality is offered within the Platform, it is provided for convenience only and does not replace any statutory or scheme-specific signature requirements unless expressly confirmed by the relevant Authorised Scheme. 5.2 Electronic Communications 5.2.1 The Partner agrees that instructions, approvals, notices and other communications may be provided electronically via the Platform, email, API, webhooks or secure links. 5.2.2. The Partner is responsible for maintaining accurate and up-to-date contact details and for ensuring that authorised personnel monitor communications. 5.2.3 Electronic communications will be deemed received when made available within the Platform or sent to the most recent email address associated with the Partner’s Account, unless the Partner demonstrates non-receipt due to a fault of TTS. 5.3 Authority and Authorisation Controls 5.3.1 The Partner must ensure that only authorised users have access to submit deposit-related instructions through the Platform or via API. 5.3.2 The Partner is responsible for all actions taken through its Account, including instructions submitted via API keys, secure links or delegated access. 5.3.3 TTS may offer role-based access controls, approval workflows and multi-factor authentication. Use of such controls does not alter or reduce the Partner’s responsibility for instructions submitted via the Account. 5.4 Instructions and Reliance 5.4.1 TTS may act on instructions received through the Platform or via an authenticated API request. 5.4.2 TTS is entitled to rely on the apparent authority of any person using the Partner’s Account. 5.4.3 TTS is not required to verify the identity of a landlord, tenant or agent beyond the authentication methods configured for the Account. 5.5 Joint Instructions and Confirmations 5.5.1 Certain actions, including repayment approvals or approval of deductions, may require confirmation from multiple parties (for example, landlord and tenant). 5.5.2 Where the Platform provides a mechanism for joint confirmation, the Partner agrees that such confirmations constitute valid instructions for the purposes of processing within the Platform and communication with the Authorised Scheme, subject always to the Authorised Scheme’s rules. 5.6 Audit Trails 5.6.1 The Platform records an audit trail of key actions and events, including timestamps, user identifiers, instruction logs and related system records. 5.6.2 Audit trails are generated for operational and evidential purposes and may be shared with the Authorised Scheme, payment processors or competent authorities where required by law or scheme rules. 5.6.3 The Partner is responsible for retaining any additional evidence required under scheme rules or Applicable Law. 5.7 Errors and Corrections 5.7.1 If the Partner identifies an error in any instruction or tenancy record, it must notify TTS promptly and provide corrected information. 5.7.2 Where an instruction has already been transmitted to an Authorised Scheme or payment processor, correction may not be possible and may require scheme-specific remediation steps. 5.7.3 TTS is not responsible for any losses arising from inaccurate or incomplete data or instructions supplied by the Partner. 5.8 Security and Suspicious Activity 5.8.1 TTS may suspend electronic instruction functionality, impose additional security controls or restrict processing where it reasonably suspects compromise, fraud, misuse or other unlawful activity. 5.9 Records and Evidencing 5.9.1 The Partner agrees that electronic records, Audit Trails and communication logs generated by the Platform may be relied upon as evidence of instructions and actions taken in connection with deposit workflows, subject to the rules of the relevant Authorised Scheme and Applicable Law. SECTION 6 — API LICENCE AND INTEGRATION TERMS 6.1 Overview of API Access 6.1.1 Where the Partner is provided with access to TTS’s API, these API licence terms apply in addition to the rest of these Terms. 6.1.2 API access enables Partners to integrate the Platform with their own systems and to automate deposit-related processes. Permitted uses of the API may include: Triggering and managing deposit administration workflows; Submitting deposit-related instructions and Deposit Information; Embedding deposit-related workflows or electronic approval functionality into the Partner’s own systems; Retrieving Reports, confirmations and deposit-related records made available via the Platform; Receiving webhook notifications and status updates; and Managing Account configuration and permissions programmatically, where supported. 6.1.3 Use of the API is a privilege and not a right and may be suspended or withdrawn in accordance with these Terms. 6.2 Grant of Licence 6.2.1 Subject to these Terms, TTS grants the Partner a limited, non-exclusive, non-transferable, revocable and non-sublicensable licence to access and use the API solely for the Partner’s internal business purposes in connection with access to and use of the Services. 6.2.2 Notwithstanding the above, the Partner may permit its authorised employees, contractors and integrated systems operated by or on behalf of the Partner to access and use the API, provided that: such use is solely on the Partner’s behalf and for the Partner’s benefit; all such persons and systems comply with these Terms; and the Partner remains fully responsible for all acts and omissions arising from such use. 6.3 API Keys and Authentication 6.3.1 Access to the API requires the use of an API key or other authentication credential issued by TTS and linked to the Partner’s Account. 6.3.2 The Partner must: keep all API keys and authentication credentials secure and confidential; restrict API keys to systems and use cases that are strictly necessary; implement appropriate technical and organisational measures for secure storage and handling of API keys; ensure that only authorised personnel or systems use API keys; and promptly rotate or revoke API keys where compromise is suspected or confirmed. 6.3.3 The Partner must notify TTS immediately if any API key: is lost or compromised; has been misused; has been exposed publicly (including through source code repositories, logs or shared code); or is otherwise suspected to be at risk. 6.3.4 TTS may suspend or disable any API key where reasonably necessary to protect the security or integrity of the Platform, the Services or other users. 6.4 Permitted Uses 6.4.1 Subject to these Terms, Partners may use the API solely for the following permitted purposes in connection with the Deposit Services: Initiating and managing deposit administration workflows; Submitting deposit-related instructions and Deposit Information via supported API endpoints; Uploading and retrieving deposit-related documents where supported by the Platform; Initiating and managing electronic approval workflows relating to deposit instructions or actions; Retrieving Reports, confirmations, status updates and other deposit-related records made available via the Platform; Receiving webhook notifications to support automation and system integration; and Monitoring the status of deposit-related processes, errors or events for operational and audit purposes. 6.4.2 Partners may access, retrieve and process data via the API only in respect of Users and deposits that they are legally entitled to process and only for lawful purposes in accordance with these Terms and Applicable Law. 6.5 Prohibited Uses 6.5.1 The Partner must not, and must ensure that no third party acting on its behalf shall, use the API in any of the following ways: 6.5.1.1 Data misuse Harvest, scrape or extract data from the Platform except as expressly permitted by these Terms; Use the API to develop, operate or support a competing product or service; Resell, licence, distribute or otherwise make available TTS data or outputs to third parties; Use data obtained via the API to create or augment consumer databases unrelated to deposit administration; or Use data obtained via the API to screen, profile or assess individuals for purposes unrelated to tenancy deposit administration. 6.5.1.2 AI and Machine Learning Restrictions The Partner must not, and must ensure that its employees, contractors and vendors do not: Use any data, documents, metadata, Reports, Audit Trails, logs or outputs obtained via the Platform or API to train, test, benchmark, validate or improve any artificial intelligence or machine-learning models, including generative AI or classification systems; Upload any data obtained via the Platform or API into any AI or machine-learning training or evaluation pipeline; Provide any TTS data or outputs to third parties for the purpose of AI or machine-learning development; or Permit use of TTS data in internal or external research, development or experimentation involving AI or machine learning. Compliance with this clause is a strict and material condition of the API licence. 6.5.1.3 Reverse Engineering and Security Interference The Partner must not: reverse engineer, decompile, disassemble or otherwise attempt to derive the source code of the API or Platform; bypass, disable or interfere with any security, access control or usage restrictions; or attempt to probe, scan or test the vulnerability of the Platform without TTS’s prior written consent. Circumvention and Abuse The Partner must not: circumvent or attempt to circumvent rate limits or technical controls; interfere with the normal operation or performance of the API; artificially inflate traffic or usage volumes; or create automated or simulated activity designed to stress, probe or misuse the API. 6.5.1.5 Competitive Benchmarking Partners must not, without the prior written consent of TTS: Benchmark or performance-test the Platform or API against competing products or services; Publish or disclose performance, latency or availability data relating to the Platform or API; or Conduct penetration testing or similar security assessments. 6.5.1.6 Unlawful or Discriminatory Use The API must not be used to: Engage in unlawful discrimination in connection with tenancy or housing decisions; Make or support decisions in breach of housing, landlord or tenancy legislation; or Process data in a manner that is unlawful or outside the Partner’s legal authority. 6.6 Rate Limits and Fair Use 6.6.1 TTS may impose reasonable limits on API usage, including rate limits, concurrency limits, throttling controls, volume caps or other technical restrictions, in order to protect the performance, security and availability of the Platform and Services. 6.6.2 The Partner must comply with all applicable usage limits and technical restrictions communicated by TTS. 6.6.3 TTS may adjust such limits from time to time where reasonably necessary to: Maintain system health and stability; Prevent abuse, misuse or disproportionate consumption of resources; or Ensure fair and equitable usage across customers. 6.7 Security Requirements 6.7.1 The Partner must implement appropriate technical and organisational security measures to protect access to and use of the API and the Platform, including: Implementing industry-standard security controls and practices; Using HTTPS or equivalent secure transport mechanisms; Securing API keys and credentials using appropriate secret management tools; Preventing client-side exposure of API keys or credentials; Applying firewalls, access controls and logging appropriate to the Partner’s environment; Encrypting sensitive data in transit and at rest where appropriate; and Storing only the minimum amount of personal data locally that is necessary for lawful use of the Services. 6.7.2 The Partner must not embed API keys or other credentials in: Mobile applications; Client-side JavaScript or browser-executed code; Public or shared code repositories; Demo, test or staging environments accessible to third parties; or Any unsecured or publicly accessible code. 6.7.3 The Partner must promptly notify TTS of any actual or suspected security incident affecting API access or credentials. 6.8 API Changes and Versioning 6.8.1 TTS may, from time to time: Release new versions of the API; Modify, replace or deprecate existing endpoints; Update parameters, response formats or technical specifications; Introduce new or updated authentication or access methods; and Update API documentation and related technical materials. 6.8.2 Such changes may be made for reasons including security, legal or regulatory compliance, operational requirements, functionality improvements or changes imposed by third-party providers. 6.8.3 TTS will use reasonable efforts to provide advance notice of any changes that are reasonably expected to result in breaking changes to the API, where practicable. 6.9 Suspension or Termination of API Access 6.9.1 TTS may, acting reasonably, suspend or terminate a Partner’s access to the API (in whole or in part) where TTS reasonably believes that: The Partner has breached these Terms; The Partner has misused the API or any data obtained via it; API keys or other access credentials have been compromised or are at risk; API activity threatens the security, integrity or availability of the Platform or Services; Illegal, fraudulent or unlawful activity is suspected or identified; API usage materially exceeds applicable rate limits or fair-use thresholds; Fees or other amounts due remain unpaid; or Suspension or termination is required to comply with Applicable Law or regulatory obligations. 6.9.2 TTS may suspend API access without prior notice where reasonably necessary to protect system integrity, other users, or legal or regulatory compliance. 6.10 Data Protection in API Use 6.10.1 When using the API: The Partner acts as Controller in respect of Personal Data that it submits to or retrieves via the API for its own purposes; TTS acts as Processor in respect of such Personal Data to the extent that it processes the data on the Partner’s documented instructions through the API; Each party must comply with applicable Data Protection Laws; and Each party is responsible for implementing appropriate security measures within its own systems and environments in connection with API use. 6.10.2 The Partner must: Ensure that it has a valid lawful basis for each use of the API and for the processing of Personal Data obtained via the API; Use Personal Data accessed through the API only for purposes permitted by these Terms and Applicable Law; Delete or anonymise Personal Data obtained via the API when it is no longer necessary for the relevant lawful purpose; and Provide appropriate privacy information to Users in accordance with Data Protection Laws. 6.10.3 TTS may retain API logs and related system records for legitimate purposes including fraud prevention, security monitoring, audit and evidential purposes, regulatory compliance and dispute resolution, in accordance with Section 7 (Data Protection and Privacy). 6.11 Integration Support 6.11.1 TTS may, at its discretion, provide integration-related resources and assistance, which may include: API documentation and technical specifications; Software development kits (“SDKs”), where available; Sample requests or example implementations; General integration guidance or onboarding assistance; Technical support relating to API connectivity; and Webhook configuration or troubleshooting support. 6.11.2 TTS is not responsible for: The design, operation or security of the Partner’s internal systems or applications; Failures or issues arising from third-party platforms, services or infrastructure; Losses or errors caused by incorrect integration, configuration or implementation by the Partner; Misconfigured webhooks, endpoints or credentials; or Downtime, performance issues or failures caused by the Partner’s own infrastructure. 6.12 Liability for API Use 6.12.1 To the extent permitted by Applicable Law, the Partner is responsible for, and liable in respect of: All activities conducted using API keys or other API Credentials issued to the Partner; Any misuse or unauthorised use of the API; Any unlawful, incorrect or improper instructions submitted via the API; Automated misuse of the API, including through bots, scripts or other automated processes; Security breaches, incidents or data compromise arising from the Partner’s systems, integrations or failure to implement appropriate security measures; and Acts or omissions of any third party to whom the Partner has provided access to API Credentials. 6.12.2 To the extent permitted by Applicable Law, TTS is not responsible for: Loss, corruption or unavailability of data arising from improper integration, configuration or use of the API by the Partner; Errors resulting from incorrect use of API endpoints or technical specifications; Failures or issues caused by the Partner’s infrastructure, systems or third-party services; or Decisions, actions or outcomes taken by the Partner or any third party in reliance on outputs, Reports or information obtained via the API. 6.13 End of API Licence 6.13.1 The API licence granted under these Terms will terminate automatically upon the earliest of: Termination or expiry of the Partner’s agreement with TTS for any reason; Suspension or termination of API access by TTS in accordance with these Terms; or Cessation of the Partner’s use of the Services. 6.13.2 Upon termination of the API licence: The Partner’s access to the API will cease immediately; All API keys and API Credentials issued to the Partner must be promptly revoked, deleted or rendered unusable; The Partner must cease all use of data obtained via the API, except to the extent that retention is required or permitted by Applicable Law; and The Partner must disable and remove all integrations, connections or dependencies on the API within its systems. 6.13.3 Termination of the API licence does not affect any rights or obligations accrued prior to termination, including obligations relating to data protection, confidentiality or liability. SECTION 7 — DATA PROTECTION AND PRIVACY 7.1 Overview and Compliance 7.1.1 Both TTS and the Partner shall comply with all applicable Data Protection Laws, including: the UK General Data Protection Regulation (“UK GDPR”); the Data Protection Act 2018; the PECR (as amended); and any binding guidance, codes of practice or regulatory requirements issued by the Information Commissioner’s Office (“ICO”). 7.1.2 This Section 7 governs the processing of Personal Data in connection with the Services, including where: Deposit Services are provided; Tenancy Deposit Administration Services are used; electronic approval workflows are used; APIs and integrations are used; Reports are generated; and Audit Trails and system records are created or maintained. 7.2 Roles of the Parties (Controller / Processor Model) 7.2.1 Partner as Controller; TTS as Processor For the majority of Personal Data processed in connection with the Services: The Partner acts as the Controller; and TTS acts as Processor, processing Personal Data solely on the Partner’s documented and lawful instructions. This includes processing in connection with: Deposit administration and tenancy-related information supplied by or on behalf of the Partner; Documents and records uploaded to the Platform in connection with deposit administration (such as tenancy documents, income information or supporting materials); Electronic approval workflows initiated by the Partner; Reports generated for the Partner; and Personal Data submitted or accessed via the API. In its role as Controller, the Partner is responsible for: Identifying and documenting a lawful basis for processing under Article 6 UK GDPR; Meeting transparency and information obligations to Users; Ensuring data minimisation, accuracy and purpose limitation; Complying with its own legal and regulatory obligations in connection with tenancy and housing matters; and Responding to data subject rights requests under UK GDPR. 7.2.2 TTS as Independent Controller TTS acts as an Independent Controller only in respect of limited processing that is necessary for its own legitimate purposes, including: Preventing, detecting and investigating fraud, misuse or malicious activity affecting the Platform; Monitoring and maintaining the security, integrity and availability of the Platform and Services; Maintaining Audit Trails, system logs and records necessary for platform security and resilience; Complying with TTS’s own legal or regulatory obligations; and Establishing, exercising or defending legal claims. In such cases, TTS determines the purposes and means of processing independently and processes Personal Data in accordance with its own privacy obligations. 7.2.3 Joint Controller Situations Joint controllership between the Partner and TTS is not the default position and will arise only in limited circumstances where both parties jointly determine the purposes and means of processing a specific category of Personal Data. Where joint controllership applies: The Partner and TTS will allocate responsibilities for compliance with UK GDPR in a transparent manner, reflecting their respective roles; TTS will be responsible for system-level processing and security measures; and The Partner will remain responsible for tenancy-related decisions and outcomes. Nothing in these Terms makes TTS jointly responsible for tenancy decisions, suitability assessments or statutory compliance obligations that rest with the Partner. 7.3 Lawful Bases for Processing Depending on the nature of the processing activity and the role of the relevant party, Personal Data processed in connection with the Services may be processed on one or more of the following lawful bases under Article 6 UK GDPR. 7.3.1 Performance of a Contract Processing is necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract, including: delivering the Services requested by the Partner; administering tenancy deposit workflows; and facilitating Electronic Approvals and related operational processes. 7.3.2 Legitimate Interests Processing is necessary for the legitimate interests of the Partner and/or TTS, provided that such interests are not overridden by the rights and freedoms of data subjects. Legitimate interests may include: Preventing, detecting and investigating fraud or misuse of the Platform; Maintaining platform security, integrity and availability; Generating Audit Trails, logs and operational records; Providing customer support and resolving issues; Improving and developing the Services; and Enforcing these Terms. Where required, legitimate interests assessments are undertaken to ensure an appropriate balance between interests and data subject rights. 7.3.3 Legal Obligation Processing is necessary for compliance with a legal obligation to which the relevant party is subject, including: retaining tenancy-related records where required by law; maintaining records necessary for regulatory or compliance purposes; and responding to lawful requests from courts, regulators or law enforcement authorities. 7.4 Categories of Personal Data Processed In connection with the Services, TTS may process the following categories of Personal Data, to the extent supplied by or on behalf of the Partner or generated through use of the Platform: 7.4.1 Contact and Tenancy-Related Personal Data Full name; Contact details (such as email address and telephone number); Address details; Date of birth (where provided); and Other tenancy-related personal information supplied by the Partner or User. 7.4.2 Deposit and Tenancy Administration Information Employment, income or affordability information supplied for tenancy purposes; Payslips, bank statements or other financial documents (where provided); Relevant party details (such as landlord or agent contact information); Tenancy history or references supplied by or on behalf of the Partner; and Tenancy and deposit-related information. 7.4.3 Document Data Documents uploaded or submitted via the Platform in connection with deposit administration, which may include: Passports or driving licences (where provided); Bank statements or proof of address; Tenancy agreements; and Other supporting documentation. TTS does not verify the authenticity of such documents unless expressly agreed in writing. 7.4.4 Technical and Usage Data This includes technical information generated automatically when the Platform or API is accessed or used, such as: IP address; Browser type, operating system and device information; Timestamps, system events and usage logs; and Other technical data generated for security, fraud-prevention and operational purposes. 7.4.5 Electronic Approval and Audit Data This includes data generated in connection with electronic approval workflows and system audit functions, such as: Records of electronic approval actions and associated user confirmations; Audit Trails and system logs; References to confirmations or certificates issued by third-party service providers (where applicable); Document hashes and technical integrity metadata generated for record-keeping purposes; and Associated timestamps and attribution data recorded by the Platform. 7.4.6 Customer Support and Communication Data This includes data processed in connection with customer support and communications, such as: Correspondence between the Partner or Users and TTS; Support tickets and case records; and Screenshots, files or recordings voluntarily provided in connection with support requests. 7.5 Instructions from the Partner 7.5.1 TTS shall: Process Personal Data only on the Partner’s documented instructions, including as set out in these Terms; Process Personal Data solely for the purpose of providing the Services; Not process Personal Data for purposes unrelated to the Services; Notify the Partner without undue delay if, in TTS’s opinion, an instruction infringes applicable Data Protection Laws; Ensure that personnel authorised to process Personal Data are subject to appropriate confidentiality obligations; and Implement appropriate technical and organisational security measures in accordance with Section 7.8. 7.5.2 Where the Partner provides an instruction that is unlawful or cannot be complied with in accordance with Data Protection Laws (whether knowingly or unknowingly), TTS may suspend the relevant processing activity and request clarification or amended instructions from the Partner. 7.6 Sub-Processing 7.6.1 TTS may engage third-party processors (Sub-Processors) to assist in providing the Services, including providers of: Cloud hosting, infrastructure and data storage services; Payment, treasury or banking-related services supporting deposit administration (where applicable); Platform security, monitoring and fraud-prevention services; Email, messaging or notification services; Customer support or service management tools; and Technical services supporting electronic approval workflows and Audit Trail generation. 7.6.2 TTS shall ensure that any Sub-Processor engaged to process Personal Data on its behalf is subject to a written agreement that: Imposes data protection obligations no less protective than those set out in these Terms; Requires the Sub-Processor to implement appropriate technical and organisational security measures; and Restricts processing of Personal Data to the purposes of providing the relevant services to TTS. 7.6.3 The Partner authorises TTS to appoint and replace Sub-Processors as reasonably necessary for the provision of the Services. 7.6.4 A current list of Sub-Processors may be made available in TTS’s Privacy Policy or on the TTS website, and TTS will provide information about Sub-Processors on reasonable request. 7.7 International Transfers 7.7.1 Where Personal Data is transferred outside the United Kingdom in connection with the provision of the Services, TTS will ensure that such transfers are carried out in compliance with Data Protection Laws. 7.7.2 Appropriate safeguards will be implemented as required, which may include: The use of the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses; Reliance on adequacy regulations where applicable; and Supplementary technical and organisational measures, such as encryption and access controls, where necessary. 7.7.3 International transfers will take place only where lawful and where reasonably necessary for the provision of the Services. 7.8 Security Measures 7.8.1 TTS implements appropriate technical and organisational measures designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Such measures may include, as appropriate: Encryption of data in transit and at rest; Secure storage and protection of Audit Trails and system records; Logical and physical access controls; Role-based access restrictions; Multi-factor authentication for administrative or privileged access; Network monitoring and logging; Segregation of sensitive data within systems; and Incident detection, response and recovery procedures. 7.8.2 The Partner is responsible for implementing appropriate security measures within its own systems and environments, including: Securing its internal systems, devices and networks; Protecting and managing API keys and access credentials; Ensuring appropriate security awareness and training for staff and Authorised Users; and Controlling access to the Partner Dashboard and related administrative features. 7.9 Data Subject Rights 7.9.1 Data subjects (“Users”) have rights under Data Protection Laws, including the rights of access, rectification, erasure (in certain circumstances), restriction of processing, objection and data portability. 7.9.2 Where the Partner acts as Controller, the Partner is responsible for responding to data subject rights requests relating to Personal Data processed in connection with the Services. 7.9.3 If TTS receives a data subject rights request relating to Personal Data processed on the Partner’s behalf, TTS shall, to the extent legally permitted: notify the Partner without undue delay; and provide reasonable assistance to the Partner to enable it to respond to the request within applicable statutory timeframes. 7.9.4 Where TTS acts as an independent Controller (as described in Section 7.2.2), TTS shall respond directly to data subject rights requests in accordance with Data Protection Laws. 7.9.5 Nothing in these Terms requires TTS to disclose Personal Data where doing so would be unlawful or would adversely affect the rights and freedoms of another person. 7.10 Personal Data Breaches 7.10.1 If TTS becomes aware of a Personal Data Breach affecting Personal Data processed on the Partner’s behalf, TTS shall: Notify the Partner without undue delay after becoming aware of the breach; Provide available information reasonably required to assist the Partner’s assessment of the breach; and Cooperate with the Partner and provide reasonable assistance in relation to any investigation or remediation steps, to the extent required by Data Protection Laws. 7.10.2 Where the Partner acts as Controller, the Partner is responsible for determining whether the breach is notifiable and for making any required notifications to the Information Commissioner’s Office and/or affected individuals in accordance with Data Protection Laws. 7.10.3 TTS shall maintain internal records of Personal Data Breaches and follow its internal incident response procedures. 7.11 Retention and Deletion 7.11.1 Personal Data processed in connection with the Services is retained only for as long as necessary for the purposes for which it is processed, unless a longer retention period is required or permitted by Applicable Law. 7.11.2 Without limitation, Personal Data may be retained where necessary for: The provision and administration of the Services; Compliance with legal or regulatory retention obligations (including tenancy-related record-keeping); Fraud prevention, security monitoring and misuse detection; Establishing, exercising or defending legal claims; and Audit, evidential and compliance purposes. 7.11.3 Indicative retention periods may include (by way of example only): Deposit administration data: typically, between 12 and 36 months, depending on scheme requirements and dispute status; Electronically signed or approved documents: typically for the duration of the relevant tenancy and any applicable post-tenancy retention period; Tenancy-related documentation: for the period required by Applicable Law or scheme rules; and Audit Trails and system logs: for up to 7 years where necessary for legal defence, compliance or evidential purposes. 7.11.4 Upon termination or expiry of the Agreement, and subject to Applicable Law: Personal Data processed on the Partner’s behalf will be deleted, anonymised or returned to the Partner in accordance with the Partner’s documented instructions; and Personal Data may remain in backups or archives for a limited period in accordance with TTS’s standard backup retention cycles, after which it will be securely deleted or overwritten. 7.11.5 Where the Partner requests deletion of Personal Data prior to the expiry of an applicable retention period, TTS may comply with such request unless continued retention is required or permitted by Applicable Law or is necessary for fraud prevention, security, compliance or legal defence purposes. 7.12 Data Portability and Export 7.12.1 Subject to these Terms and Applicable Law, TTS may make available functionality enabling the Partner to export certain data processed in connection with the Services. 7.12.2 Exportable data may include, where supported by the Platform: Reports and deposit-related records; Electronically signed or approved documents; Audit Trails and system records relating to deposit workflows; Deposit administration data supplied by or on behalf of the Partner; and Tenancy-related documentation made available via the Platform. 7.12.3 Data exports may be provided in one or more supported formats, which may include: PDF or other human-readable formats; and machine-readable formats (such as JSON) where access is provided via the API. 7.12.4 The availability, format and scope of data exports may be subject to technical limitations, scheme rules, security considerations and applicable retention obligations. Nothing in this Section requires TTS to export data where doing so would be unlawful, would adversely affect the rights of third parties, or would conflict with legal or regulatory requirements. 7.13 Partner Responsibilities 7.13.1 The Partner is responsible, in its capacity as Controller, for ensuring that its use of the Services complies with Data Protection Laws and other Applicable Law. 7.13.2 Without limitation, the Partner is responsible for: Identifying and maintaining a valid lawful basis for all processing of Personal Data in connection with the Services; Providing clear and accurate privacy information to Users in accordance with Data Protection Laws; Obtaining and managing any consents required for its processing activities, where applicable; Ensuring that Personal Data submitted to the Platform is accurate, complete and kept up to date; Complying with applicable tenancy, housing and landlord-and-tenant legal obligations; Responding to User enquiries, complaints and data subject rights requests; Making tenancy-related decisions lawfully and independently; and Implementing appropriate technical and organisational measures to secure Personal Data within its own systems and environments. 7.13.3 The Partner must not use the Services in any manner that breaches or circumvents: Data Protection Laws; Applicable discrimination or equality legislation; Consumer protection laws; or Landlord and tenant laws or regulations. 7.14 Automated Decision-Making 7.14.1 TTS does not carry out automated decision-making (including profiling) that produces legal effects concerning a data subject or similarly significantly affects a data subject within the meaning of Article 22 UK GDPR. 7.14.2 Any outputs, Reports, indicators or system-generated information made available via the Platform are provided for informational and administrative purposes only. 7.14.3 The Partner remains solely responsible for making all tenancy-related, deposit-related or other decisions and must not rely on the Services as a substitute for its own judgment or legal obligations. 7.15 Marketing Communications 7.15.1 TTS may send communications to Partners and Users that are strictly necessary for the operation of the Services, including: Service-related messages; Account or administrative updates; Security notifications; and System or operational alerts. 7.15.2 Marketing communications will be sent only where permitted by Applicable Law, including where the recipient has provided consent or where a soft opt-in applies in accordance with the PECR. 7.15.3 Recipients may opt out of marketing communications at any time using the unsubscribe mechanism provided or by contacting TTS in accordance with the Privacy Policy. 7.16 Records of Processing 7.16.1 TTS maintains appropriate internal records and documentation in connection with its data protection obligations, which may include: Records of processing activities; Data flow mapping and system documentation; Data protection impact assessments, where required by Data Protection Laws; Information security documentation; and Processor and sub-processor agreements. 7.16.2 Where the Partner acts as Controller, the Partner is responsible for maintaining its own records of processing activities and related documentation in accordance with Data Protection Laws. 7.17 Privacy Policy 7.17.1 TTS maintains a separate privacy policy (the “Privacy Policy”) which provides further detail about how Personal Data is processed in connection with the Services. 7.17.2 The Privacy Policy: Supplements this Section 7; Is made available on the TTS website; and Forms part of these Terms. 7.17.3 In the event of any conflict between this Section 7 and the Privacy Policy, this Section 7 shall prevail, except to the extent that the Privacy Policy is required by Data Protection Laws to take precedence. SECTION 8 — AVAILABILITY, MAINTENANCE AND SERVICE LEVELS 8.1 General Availability 8.1.1 TTS aims to make the Platform and Services available on a continuous basis, 24 hours per day, 7 days per week, except during periods of planned or emergency maintenance. 8.1.2 The Partner acknowledges that: Availability of the Platform and Services may depend in part on third-party systems, networks or services; Interruptions, delays or errors may occur due to circumstances outside TTS’s reasonable control; No online or cloud-based service can guarantee uninterrupted availability; and TTS does not warrant that the Services will be uninterrupted, timely, secure or error-free. 8.1.3 TTS will use reasonable efforts to: Maintain reliable availability of the Platform and Services; Monitor performance and service health; Respond to incidents within a reasonable timeframe; and Minimise disruption to Partners and Users where practicable. 8.2 Planned Maintenance 8.2.1 TTS may perform planned maintenance from time to time in order to: Upgrade or modify infrastructure; Apply security patches or fixes; Deploy new features or functionality; Replace, repair or upgrade hardware; or Update software dependencies or system components. 8.2.2 Where reasonably practicable: TTS will seek to schedule planned maintenance outside of business-critical hours; and TTS will provide Partners with reasonable advance notice of any planned maintenance that is expected to materially affect availability of the Services. 8.2.3 Minor updates, routine maintenance or changes that are not expected to materially impact availability may be deployed without prior notice. 8.3 Emergency Maintenance 8.3.1 TTS may perform emergency maintenance where reasonably necessary to: remediate security vulnerabilities or incidents; address service degradation or instability; prevent data loss, corruption or compromise; respond to failures or outages in third-party systems; or protect the integrity, security or operation of the Platform or Services. 8.3.2 Emergency maintenance may be carried out without prior notice where advance notice is not reasonably practicable. 8.4 Third Party Dependencies 8.4.1 The Services may rely on third-party systems and service providers, including: Banking, treasury or payment service providers supporting deposit administration (where applicable); Hosting, cloud infrastructure and data storage providers; Email, messaging or notification delivery services; Authorised tenancy deposit protection scheme providers; Platform monitoring, security and fraud-prevention services; and Third-party software or integrations enabled by the Partner. 8.4.2 TTS does not guarantee the continued availability, performance or functionality of any third-party systems or services. However, TTS will use reasonable efforts to: Select reputable third-party providers; Monitor the performance and availability of third-party services used in connection with the Platform; Mitigate disruption where practicable, including by re-routing or replacing providers where reasonably possible; and Take reasonable steps to prevent cascading failures within the Platform. 8.5 Support Services 8.5.1 TTS provides reasonable support services to Partners in connection with use of the Platform and Services. 8.5.2 Support may be provided via: email communications; in-platform messaging tools; and technical support channels for API or integration customers. 8.5.3 Support services may include: troubleshooting technical or service-related issues; guidance on correct use of the Platform; assistance in understanding system messages or errors; investigation of unexpected technical behaviour; and account, access or billing-related queries. 8.5.4 Unless otherwise agreed in writing, support is provided during standard UK business hours. Enhanced support availability or service-level commitments may be provided where a premium support or service level agreement is agreed separately in writing. 8.6 Incident Reporting 8.6.1 Partners should promptly notify TTS of any issues relating to the Platform or Services, including: Service interruptions or unexpected downtime; Errors affecting deposit administration workflows; Discrepancies in deposit instructions or records; Electronic approval or document execution issues; API outages, failures or unexpected responses; and Suspected security incidents or vulnerabilities. 8.6.2 Upon receipt of an incident report, TTS will: Record and log the incident; Assess and triage severity; Take reasonable steps to investigate and resolve the issue; and Provide status updates to the Partner where appropriate. 8.7 No Guarantee of Perfect Performance 8.7.1 While TTS uses reasonable efforts to provide a reliable and stable Platform, the Partner acknowledges that: Delays or interruptions may occur; Deposit administration workflows may require resubmission or correction; Electronic approvals or document execution may need to be repeated; Notifications (including email or messaging) may be delayed, filtered or blocked by third-party systems; and API responses may occasionally fail, be delayed or time out. 8.7.2 Such events do not constitute a breach of these Terms unless expressly covered by a separate written service level agreement agreed between the parties. 8.8 Updates and Improvements 8.8.1 TTS may update, modify or enhance the Platform and Services from time to time, including: Deposit administration workflows and processes; Electronic approval and document execution flows; API versions, endpoints and technical specifications; Dashboards, user interfaces and reporting features; and Underlying infrastructure, security controls or system components. 8.8.2 Such updates may be implemented in order to: Improve security, stability or performance; Address bugs, defects or vulnerabilities; Comply with changes in law, regulation or scheme requirements; Respond to operational or industry developments; or Introduce new or enhanced functionality. 8.8.3 TTS may deploy updates without Partner approval, provided that such updates do not materially change the nature of the Services as described in these Terms. 8.9 Discontinuation of Features 8.9.1 TTS may discontinue, replace or retire certain features, integrations or components of the Platform where reasonably necessary, including where: Functionality becomes outdated, unsupported or inefficient; Third-party services or integrations are withdrawn or materially changed; Continued support would pose security, operational or compliance risks; or Features are superseded by improved alternatives. 8.9.2 Where a discontinuation is expected to materially affect use of the Services, TTS will use reasonable efforts to: Provide advance notice to Partners where practicable; Offer reasonable migration guidance or alternatives where feasible; and Minimise disruption to ongoing deposit administration workflows. 8.10 No Liability for Third-Party Outages 8.10.1 TTS is not responsible for outages, delays or failures caused by third-party systems or services outside TTS’s reasonable control, including: Banking, treasury or payment service providers supporting deposit administration (where applicable); Authorised tenancy deposit protection scheme providers; Cloud hosting, infrastructure or data storage providers; Email, messaging or notification delivery services; Internet service providers or network connectivity failures; or Failures or interruptions in third-party software or integrations used by the Partner. 8.10.2 TTS will use reasonable efforts to mitigate the impact of third-party disruptions where practicable but does not accept liability for events beyond its reasonable control. 8.11 Service Suspension 8.11.1 TTS may temporarily suspend access to all or part of the Services where reasonably necessary: To carry out planned or emergency maintenance; To protect the security, integrity or availability of the Platform; Where misuse, suspected misuse or suspicious activity is detected; Where payment of Fees is overdue in accordance with these Terms; Where required by law, regulation or a competent authority; or Where system overload, cyber-attack or other operational risk makes suspension necessary. 8.11.2 Any suspension will be limited in scope and duration to what is reasonably necessary to address the relevant issue. 8.12 Partner System Requirements 8.12.1 The Partner is responsible for ensuring that its systems and environments meet the technical requirements necessary to access and use the Services, including: A stable and reliable internet connection; Use of supported and up-to-date browser versions or client software; Sufficient system performance and capacity; Correct configuration of API integrations, where applicable; Secure networks, devices and access controls; and Ensuring that essential domains, ports or services required by the Platform are not blocked. 8.12.2 TTS is not responsible for issues arising from: The Partner’s IT infrastructure or system configuration; Use of unsupported or outdated software or browsers; Firewall, proxy or security restrictions imposed by the Partner; or Failures within the Partner’s own systems or environments. SECTION 9 — REPORTS, RESULTS AND RELIANCE 9.1 Nature of Reports 9.1.1 TTS generates certain outputs, records and system-generated materials (together, ‘Reports’) in connection with the operation of the Services, including: Deposit administration records, workflow outputs and status updates; Confirmations, acknowledgements or references received from authorised tenancy deposit protection schemes; Electronic approval execution records, document hashes and associated Audit Trails; System logs, timestamps and event records relating to deposit-related activities; and Summaries or copies of tenancy-related documentation made available via the Platform based on information supplied by the Partner, Users or third-party schemes. 9.1.2 Reports are generated automatically by the Platform based on data, instructions and inputs provided by the Partner, Users and third-party systems. 9.1.3 Reports are provided for administrative and informational purposes only. 9.2 Reports Do Not Constitute Advice 9.2.1 Reports do not constitute, and must not be relied upon as: Legal, financial, immigration or professional advice; A tenancy suitability assessment or recommendation; A determination of affordability, risk, behaviour or compliance; A certification of compliance with law, regulation or scheme rules; or A guarantee as to the accuracy, completeness or authenticity of any underlying information. 9.2.2 TTS does not: Make decisions as to whether a User should be accepted or rejected as a tenant; Assess a User’s suitability, credibility, financial position or conduct; Verify the authenticity or accuracy of documents or information submitted by Users; or Determine compliance with immigration, housing or tenancy requirements. All decisions taken in reliance on Reports are made solely by the Partner, who remains responsible for its own legal, regulatory and commercial obligations. 9.3 Limitations of Reports 9.3.1 Reports are generated automatically by the Platform based on data, instructions and information supplied by the Partner, Users, authorised tenancy deposit protection schemes and other third-party systems. 9.3.2 Reports may be affected by, without limitation: The accuracy, completeness and timeliness of information provided by the Partner or Users; Delays, errors or limitations in data or confirmations received from authorised tenancy deposit protection schemes; Inconsistencies or inaccuracies in tenancy-related information supplied by landlords, tenants or agents; The timing of instructions, updates or confirmations submitted via the Platform or API; Scheme rules, processing timelines or dispute processes outside TTS’s control; and Technical limitations, outages or delays affecting third-party systems or integrations. 9.3.3 TTS does not guarantee that Reports will be: Complete, up to date or free from error at any particular time; Reflective of final scheme outcomes, dispute determinations or repayment decisions; or Suitable as the sole basis for any tenancy, deposit or commercial decision. 9.4 Reliance and Partner Responsibilities The Partner acknowledges and agrees that: 9.4.1.1 Final responsibility rests with the Partner All decisions relating to tenancies, deposits and associated arrangements are made solely by the Partner. Reports, Audit Trails, and system outputs are informational tools only. The Partner remains solely responsible for decisions taken using such materials. TTS shall not be responsible for losses arising solely from Partner decisions or interpretations, except to the extent such loss arises directly from TTS’s breach of these Terms. Reports are one input among others Reports form part of an administrative workflow and must be considered alongside other information and factors determined by the Partner, which may include information supplied directly by Users, tenancy documentation, contractual arrangements and the Partner’s own policies and procedures. Reports do not override legal or regulatory obligations Use of the Services and any Reports does not relieve the Partner of its obligations under Applicable Law, including obligations relating to tenancy administration, landlord and tenant law, consumer protection and non-discrimination. Reports are subject to limitations Reports are generated based on inputs, instructions and third-party information and may be affected by timing, completeness or accuracy of such information. The Partner must interpret Reports responsibly and in context. Reports are not binding TTS does not instruct, direct or require the Partner to accept, reject or take any action in relation to a User or tenancy. 9.5 No Guarantee or Warranty 9.5.1 The Services and any Reports are provided on an “as is” and “as available” basis. 9.5.2 Without limitation, TTS does not warrant or guarantee that: Any information supplied by Partners, Users or third parties is accurate, complete or up to date; Reports reflect final outcomes under any authorised tenancy deposit protection scheme; Reports identify all errors, inconsistencies or omissions in underlying information; Reports will meet the Partner’s specific requirements or expectations; or Use of the Services will ensure compliance with Applicable Law or scheme rules. 9.5.3 Reports do not guarantee any particular outcome, decision, entitlement or compliance status, and must not be relied upon as such. 9.6 Right to Correct Errors 9.6.1 If the Partner identifies an apparent error or inconsistency in a Report, the Partner may notify TTS and provide reasonable details of the issue. 9.6.2 Upon receipt of such notification, TTS may, acting reasonably: Review the relevant Report or underlying system record; Request clarification or additional information from the Partner; Correct or update the Report where the error arose from a system issue or processing error within the Platform; or Explain why correction is not possible. 9.6.3 TTS is not responsible for errors arising from inaccurate, incomplete or outdated information supplied by the Partner, Users or third parties. 9.6.4 Correction or amendment of Reports may not be possible where, for example: Data has been overwritten or deleted in accordance with retention policies; The relevant information originates from third-party systems or authorised schemes and cannot be altered by TTS; or The issue relates to timing, instructions or events outside TTS’s control. 9.7 Access to Reports 9.7.1 Reports are made available to the Partner through one or more of the following channels, as supported by the Platform: The Partner Dashboard; Notifications generated by the Platform; Secure download links; and API endpoints or webhooks, where enabled. 9.7.2 The Partner is responsible for: Storing Reports securely within its own systems; Ensuring that access to Reports is limited to authorised personnel only; Preventing unauthorised disclosure or misuse of Reports; and Complying with applicable Data Protection Laws in connection with access to and storage of Reports. 9.8 Use of Reports 9.8.1 Subject to these Terms, the Partner may use Reports solely for legitimate purposes connected with its use of the Services, including: Administration and management of tenancy deposits; Compliance with applicable legal or contractual obligations relating to deposit administration; Electronic approval record-keeping, audit and evidential purposes; and Managing and resolving deposit-related queries or disputes with Users or authorised schemes. 9.8.2 The Partner must not: Use Reports for purposes unrelated to the Services; Use Reports to train, test, benchmark or develop artificial intelligence or machine-learning models; Sell, license, redistribute or otherwise make Reports available to third parties except where permitted by Applicable Law or scheme rules; or Treat Reports as determinative or binding in circumstances where independent judgment or legal obligations apply. 9.8.3 Any use of Reports in breach of this Section constitutes a material breach of these Terms. 9.9 Report Storage and Retrieval 9.9.1 TTS may store Reports and associated system records for purposes including: Providing ongoing access to Partners via the Platform; Maintaining Audit Trails and operational records; Complying with legal, regulatory or scheme-related obligations; Establishing, exercising or defending legal claims; and Maintaining the integrity, security and operation of the Platform. 9.9.2 The duration for which Reports are retained depends on factors including: The nature and purpose of the Report; Applicable statutory or regulatory retention requirements; Operational and evidential needs; and The retention principles set out in Section 7 (Data Protection and Privacy). 9.9.3 Reports will be deleted, anonymised or archived in accordance with Section 7 and TTS’s applicable retention policies. 9.10 Third-Party Data 9.10.1 Some information included in Reports may be derived from or based on data, confirmations or records received from third parties, including: Authorised tenancy deposit protection schemes; Banking, payment or treasury service providers supporting deposit administration (where applicable); Landlords, tenants, managing agents or other counterparties involved in a tenancy or deposit arrangement; and Third-party systems or integrations enabled by the Partner. 9.10.2 TTS does not control, and does not warrant, the accuracy, completeness or timeliness of any third-party data. 9.10.3 The Partner remains responsible for verifying any information it considers material or critical and for determining the extent to which it relies on third-party data in meeting its own legal and operational obligations. 9.11 Changes to Report Formats 9.11.1 TTS may update, modify or adjust the layout, structure, presentation or technical format of Reports from time to time, including to: Improve usability or clarity; Reflect changes in Platform functionality; Respond to changes in law, regulation or authorised scheme requirements; Accommodate updates to third-party integrations; or Introduce additional administrative or informational fields. 9.11.2 Where a change to Report formats is reasonably expected to materially affect the Partner’s use of the Services, TTS will use reasonable efforts to provide advance notice. SECTION 10 – COMPLAINTS 10.1 This Section applies only to complaints relating to the provision of the Services by TTS. It does not apply to disputes concerning entitlement to tenancy deposit funds, the lawfulness of deductions, or the outcome of any adjudication or dispute resolution process operated by an Authorised Scheme or a court. 10.2 TTS aims to provide the Deposit Services with reasonable skill and care. Where a Partner or User is dissatisfied with the performance of TTS in providing the Services, they may submit a complaint in accordance with TTS’s complaints handling procedure, a copy of which is available upon request or via the Platform. 10.3 Complaints must relate solely to the performance of TTS in providing the Services and must not relate to the merits of any tenancy deposit dispute, adjudication decision, repayment determination or allocation of funds made by an Authorised Scheme. 10.4 Upon receipt of a complaint, TTS shall acknowledge the complaint and investigate it within a reasonable period in accordance with its complaints handling procedure. TTS shall use reasonable efforts to provide a substantive response within a reasonable time frame and shall keep the complainant informed where further investigation is required. 10.5 A complaint shall not be treated as valid where it relates solely to dissatisfaction with the outcome of any adjudication, dispute resolution or determination carried out by an Authorised Scheme or a court, unless the complaint concerns an administrative or technical error by TTS in processing instructions, transmitting information or operating the Client Protection Account. 10.6 Disputes concerning entitlement to tenancy deposit funds are governed exclusively by the rules of the relevant Authorised Scheme or by a competent court. TTS does not adjudicate disputes, determine entitlement to Client Money or provide redress in respect of deposit allocation decisions. 10.7 Nothing in this Section requires TTS to reconsider, review or overturn any decision of an Authorised Scheme or to act as an alternative dispute resolution body in relation to tenancy deposit disputes. 10.8 TTS does not operate an ombudsman or adjudication service. Where a complaint relates to the conduct of TTS in providing the Services and cannot be resolved through TTS’s internal complaints procedure, the complainant may pursue any legal remedies available under Applicable Law or refer the matter to any competent regulatory authority with jurisdiction over TTS’s activities. 10.9 Submission of a complaint does not affect the rights of any party to pursue legal remedies or to refer a dispute to the relevant Authorised Scheme in accordance with its rules. 10.10 Contact details for submitting complaints are set out on the Platform and may be updated by TTS from time to time. 10.11 TTS is a member of the Property Redress Scheme. If a complaint relating to the provision of the Services cannot be resolved through TTS’s internal complaints procedure, the complainant may refer the complaint to the Property Redress Scheme in accordance with its rules. Details of the Property Redress Scheme and how to refer a complaint are available on the Platform. SECTION 11 — AUDIT TRAILS AND EVIDENCE FILES 11.1 Overview of Audit Trails 11.1.1 TTS generates system-generated audit trails and evidence records (Audit Trails) in connection with the operation of the Services, including deposit administration workflows and electronic approval processes. 11.1.2 Audit Trails provide a chronological record of actions and events within the Platform, and are intended to support: Operational transparency and traceability; Administrative record-keeping; Evidential support in the event of disputes or queries; and Compliance with applicable legal, regulatory or scheme-related requirements. 11.1.3 Audit Trails record what actions occurred within the Platform and when, based on system activity and instructions received. They do not constitute verification of identity, authenticity, legality or compliance, and must not be relied upon as such. 11.2 Contents of Audit Trails Depending on the Services used and configuration of the Platform, an Audit Trail may include some or all of the following categories of information. 11.2.1 User and Account Activity Creation or access of Accounts; Initiation or submission of deposit-related instructions; Submission or update of tenancy or deposit-related information; Initiation or completion of electronic approval workflows; and Status changes or confirmations within deposit administration processes. 11.2.2 Technical and System Metadata Timestamps of actions or events; System identifiers and reference numbers; IP address or network information (where available); Device or browser type information (at a general level); Identifiers of third-party schemes or integrations involved; and System-generated hashes or references associated with documents or records. 11.2.3 Documents and Records Copies or references to documents uploaded or generated via the Platform; Version history or status changes of such documents; References to scheme confirmations, certificates or acknowledgements received; and Links or references enabling retrieval of relevant records. 11.2.4 Electronic Approval Evidence 11.2.4.1 Where electronic approval functionality is used, Audit Trails may include: Records of the presentation and execution of electronic approvals; Timestamps associated with approval actions; System-generated document integrity hashes; and References enabling verification of document integrity within the Platform. 11.2.4.2 Audit Trails are generated automatically by the Platform for consistency and record-keeping purposes. They reflect system activity and recorded events only and do not represent independent validation, verification or certification of any person, document or underlying information. 11.3 Purpose of Audit Trails 11.3.1 Audit Trails are maintained for the purposes of: recording and evidencing the sequence of actions and events that occur within deposit administration workflows; supporting the procedural integrity and traceability of electronic approval and document execution processes; assisting Partners with administrative record-keeping and internal audit requirements; supporting the resolution of disputes or queries relating to deposit administration or electronic approvals; maintaining the security, stability and operational integrity of the Platform; responding to lawful requests from courts, regulators, authorised schemes or other competent authorities; and providing Partners with a system-generated record of actions taken and events recorded within the Platform. 11.3.2 Audit Trails are intended to provide transparency and traceability of Platform activity. They do not constitute verification, validation, certification or assessment of any person, document, data or outcome. 11.4 Storage of Audit Trails 11.4.1 Audit Trails, scheme confirmations and associated system records may be stored using secure technical and organisational measures, which may include: encrypted storage; restricted, role-based access controls; secure backup and recovery processes; and environments designed to preserve the integrity and traceability of records. 11.4.2 Audit Trails may be stored using cloud infrastructure located in the United Kingdom, the EEA and/or other jurisdictions where appropriate safeguards are in place in accordance with Data Protection Laws (including the use of IDTAs or equivalent mechanisms). 11.4.3 All storage and processing of Audit Trails is subject to Section 7 (Data Protection and Privacy). 11.5 Access to Audit Trails 11.5.1 Partner Access Subject to these Terms, Partners may access and retain copies of Audit Trails relating to their use of the Services. Partners must: Store Audit Trails securely within their own systems; Restrict access to authorised personnel only; and Use Audit Trails solely for purposes permitted under these Terms. Partners must not share Audit Trails with unauthorised third parties or use them for purposes unrelated to the Services. 11.5.2 User Access 11.5.2.1 Users may request access to Personal Data relating to them in accordance with Section 7 (Data Protection and Privacy), including copies of electronically signed documents where applicable. 11.5.2.2 Certain internal system logs, security records or proprietary operational data may be withheld where disclosure would be unlawful or would compromise the security or integrity of the Platform. 11.5.3 TTS Internal Access 11.5.3.1 Users may request access to Personal Data relating to them in accordance with Section 7 (Data Protection and Privacy), including copies of electronically signed documents where applicable. 11.5.3.2 Certain internal system logs, security records or proprietary operational data may be withheld where disclosure would be unlawful or would compromise the security or integrity of the Platform. 11.6 Audit Trails for Approvals 11.6.1 Where electronic approval functionality is used, Audit Trails may include system-generated records relating to the execution of electronic approvals, such as: Presentation of the document for approval; Confirmation of approval actions within the Platform; Timestamps associated with approval events; System-generated document integrity hashes; and References enabling verification of document integrity within the Platform. 11.6.2 Such Audit Trails are intended to support procedural traceability and evidential record-keeping in relation to electronic approvals. They do not constitute verification of identity, legal capacity or authority, and do not guarantee enforceability of any document. 11.7 Deposit Administration Evidence 11.7.1 Audit Trails may include system-generated records relating to the administration of tenancy deposits, including: Submission of deposit instructions by the Partner; Receipt, routing and allocation of deposit monies (where enabled); Submission of registration details to authorised tenancy deposit protection schemes; Confirmations, references or acknowledgements received from such schemes; Submission, approval or execution of repayment instructions; and Timestamps, status changes and event logs associated with deposit-related workflows. 11.7.2 Such records are generated for administrative, evidential and record-keeping purposes only. They do not constitute confirmation of statutory compliance, entitlement, or legal validity, and do not replace the Partner’s own obligations under landlord and tenant law. 11.8 Excluded Activities 11.8.1 For the avoidance of doubt, Audit Trails generated by the Platform do not record, evidence or support: Identity verification or right-to-rent checks; Home Office searches or immigration status assessments; Fraud detection, scoring or profiling of individuals; Assessments of affordability, suitability or risk; or Validation of the authenticity or legality of documents. 11.8.2 Any such activities are outside the scope of the Services and are the responsibility of the Partner. 11.9 Retention of Audit Trails 11.9.1 Audit Trails may be retained for purposes including: Compliance with legal or regulatory obligations; Maintaining evidential records relating to deposit administration or electronic approvals; Dispute resolution and legal defence; and Maintaining the integrity and operation of the Platform. 11.9.2 Retention periods may vary depending on the nature of the Audit Trail, applicable legal requirements and operational needs. 11.9.3 Indicative retention periods may include: Deposit administration records: typically, 12–36 months; Electronic approval records: typically for the duration of the relevant agreement and any applicable post-termination retention period; and System Audit Trails: up to 7 years where necessary for legal or evidential purposes. 11.10 Deletion of Audit Trails 11.10.1 Subject to Applicable Law, Audit Trails may be deleted, anonymised or archived in accordance with TTS’s retention policies and Section 7. 11.10.2 TTS may retain Audit Trails where continued retention is required or permitted for legal, regulatory, evidential or security purposes. 11.10.3 Backup copies may be retained for a limited period in accordance with standard backup lifecycle processes. 11.11 Modifications to Audit Trail Structure 11.11.1 TTS may modify the structure, format or technical composition of Audit Trails from time to time in order to: Improve system performance or reliability; Enhance record-keeping or evidential clarity; Comply with changes in law, regulation or authorised scheme requirements; or Reflect updates to Platform functionality or infrastructure. 11.11.2 Where a modification is reasonably expected to materially affect Partner access to Audit Trails, TTS will use reasonable efforts to provide advance notice. SECTION 12 — INTELLECTUAL PROPERTY RIGHTS 12.1 Ownership of the Platform and Services 12.1.1 TTS and/or its licensors own all Intellectual Property Rights in and to: The Platform; Deposit administration workflows; Electronic signature systems; Electronic approval certificates and cryptographic infrastructure; APIs and SDKs; Analytics and fraud-detection tools; Dashboards and UX/UI elements; Templates, designs and layouts; System logic, algorithms and processes; and All associated software, code, databases and content. 12.1.2 Nothing in these Terms transfers ownership of TTS’s Intellectual Property to the Partner. The Partner receives a licence to use the Services, not ownership. 12.2 Intellectual Property in Partner Content 12.2.1 “Partner Content” includes: Tenancy agreements; Reference request forms; User data provided to TTS; Employer or landlord details; Instructions; and any documents the Partner uploads. 12.2.2 The Partner retains all Intellectual Property Rights in Partner Content. 12.2.3 By uploading Partner Content, the Partner grants TTS a: Non-exclusive, Worldwide, Royalty-free, Transferable, Sublicensable (to Sub-Processors only), Fully paid-up, licence to use, reproduce, process, store, analyse and display Partner Content solely for the purpose of providing the Services. 12.2.4 TTS will: Not use Partner Content for marketing; Not resell Partner Content; Not use Partner Content to train general-purpose AI models; and Not disclose Partner Content except as permitted under these Terms or required by law. 12.3 Intellectual Property in User Content 12.3.1 “User Content” includes: Identity documents (where uploaded by the User); Deposit administration information; Signature events; Documents signed by Users; and Uploaded files and supporting documents. 12.3.2 Users retain all Intellectual Property Rights in their own Content. 12.3.3 TTS receives a licence to process User Content as processor on the Partner’s documented instructions, or as independent controller where required by law, for platform security, or to comply with legal or regulatory obligations, in accordance with Section 7. 12.4 Reports, Certificates and Audit Trails 12.4.1 All Reports, deposit administration outputs, scheme certificates and audit trails: Are generated by TTS; Contain elements of TTS Intellectual Property; and Are licensed to the Partner for their internal business use only. 12.4.2 Partners may: Store Reports; Use them for tenancy-related, deposit administration, onboarding, execution and compliance purposes in connection with property related transactions; Retain them for legal or regulatory compliance; and Share them with Users where appropriate. 12.4.3 Partners must not: Sell or resell Reports or TTS outputs; Publish system performance or benchmarking data; Use Reports or Audit Trails to train AI or machine-learning models; Share Reports with competitors of TTS; Use Reports for purposes unrelated to deposit administration or tenancy workflows. 12.5 Licence to Use the Platform 12.5.1 TTS grants the Partner a: Non-exclusive, Non-transferable, Revocable, Non-sublicensable, licence to access and use the Platform during the Term, solely: For internal business use; For deposit administration and related administrative workflows; For electronic signature workflows; and For lawful tenancy-related purposes, in accordance with these Terms. 12.5.2 Any other use requires prior written permission from TTS. 12.6 Licence to Use the API 12.6.1 Where API access is provided, the API licence and restrictions set out in Section 6 apply and are incorporated into this Section by reference. 12.7 Restrictions on Use 12.7.1 Partners must not: Copy, modify, adapt or create derivative works of the Platform; Reverse engineer, decompile or disassemble the Platform; Remove or obscure copyright notices or branding; Access the Platform for the purpose of building a competing service; Allow unauthorised third parties to access the Platform; Attempt to circumvent security or authentication measures; Scrape or extract data outside normal permitted usage; Benchmark TTS performance unless expressly permitted in writing; Use TTS data or outputs for AI or machine-learning training; or Resell TTS services without written permission. 12.7.2 These restrictions are material conditions of use. 12.8 No Transfer of Ownership 12.8.1 Nothing in these Terms: Transfers any Intellectual Property Rights from TTS to the Partner; Grants the Partner exclusivity; Allows the Partner to claim ownership or authorship of TTS systems; Creates any joint-development rights unless expressly agreed. 12.8.2 All rights not expressly granted are reserved by TTS. 12.9 Feedback 12.9.1 If the Partner or its staff provide feedback, ideas, suggestions or proposals (“Feedback”): TTS may use the Feedback without restriction; TTS may incorporate Feedback into its products or services; TTS has no obligation to compensate the Partner; and Feedback does not create any joint or shared Intellectual Property Rights. 12.9.2 Partners must ensure it has the right to provide any Feedback submitted. 12.10 Branding, Marks and Logos 12.10.1 TTS’s names, logos, trademarks, design marks and domain names are protected by Intellectual Property Laws. 12.10.2 Partners must not: Use the TTS name or logo without prior written permission; Register similar or confusing names or domains; or Imply endorsement, partnership or sponsorship by TTS. 12.10.3 TTS may reference the Partner as a client with the Partner’s prior written consent, not to be unreasonably withheld. 12.11 Third Party Intellectual Property 12.11.1 Certain components of the Services may incorporate third party intellectual property, including open source software, licensed technology, scheme provider systems or electronic approval services. 12.11.2 Use of such components is subject to the relevant third party terms, and Partners must comply with any applicable flow-down obligations notified by TTS. 12.12 Obligations on Partner Staff 12.12.1 The Partner must ensure that: All authorised users comply with this Section; API keys and dashboard credentials are kept secure; and Staff, contractors and systems do not misuse TTS Intellectual Property or outputs. 12.12.2 The Partner remains responsible for all actions taken through its configured access. 12.13 Survival 12.13.1 This Section 12 survives termination of: The Agreement; The Partner’s access to the Platform or API; and Use of the Services. 12.13.2 Upon termination, the Partner must: Cease using TTS Intellectual Property; Delete API keys; and Cease use of Reports, except where retention is legally required, in which case retained Reports may be used solely for compliance, evidential or record keeping purposes. SECTION 13 — CONFIDENTIALITY 13.1 Confidential Information Confidential Information has the meaning given in Section 1 (Definitions) and includes the categories of information set out in clauses 13.1.1 to 13.1.3. 13.1.1 TTS Confidential Information TTS Confidential Information includes: The Platform, Services and related documentation; System architecture, workflows and operational processes; Software, source code, object code, algorithms and system logic; APIs, SDKs, API keys, credentials and integration documentation; Pricing, commercial terms and contractual arrangements; Security measures, access controls, monitoring and audit information; Internal policies, procedures, infrastructure and technical architecture; and All Intellectual Property Rights owned or licensed by TTS. 13.1.2 Partner Confidential Information Partner Confidential Information includes: Tenancy agreements, templates and documentation; Internal policies, procedures and operational materials; Pricing, commercial terms, procurement information and negotiations; API usage details and configuration settings; Business plans, strategies and non-public commercial information. 13.1.3 User Information 13.1.3.1 Information relating to Users, including Personal Data and tenancy-related information processed via the Services, is treated as Confidential Information of the Partner and/or the relevant User, as applicable. 13.1.3.2 The handling of Personal Data is governed separately by Section 7 (Data Protection and Privacy), which prevails in the event of any inconsistency with this Section 12. 13.2 Exclusions 13.2.1 Confidential Information does not include information that the Receiving Party can demonstrate: Is or becomes publicly available other than through a breach of this Agreement; Was lawfully known to the Receiving Party prior to disclosure by the Disclosing Party; Is lawfully received from a third party without breach of any confidentiality obligation; Is independently developed by the Receiving Party without reference to or use of the Disclosing Party’s Confidential Information; or Is required to be disclosed pursuant to applicable law, regulation, court order or request of a competent authority, provided that, where legally permitted, the Receiving Party gives the Disclosing Party reasonable prior notice and cooperates (at the Disclosing Party’s cost) with any lawful efforts to limit or protect the disclosure. 13.3 Obligations of the Receiving Party 13.3.1 The Receiving Party must: Keep all Confidential Information strictly confidential; Use Confidential Information solely for the purpose of performing its obligations or exercising its rights under this Agreement; Not disclose Confidential Information to any third party except as expressly permitted under this Agreement; Protect Confidential Information using at least the same degree of care it uses to protect its own confidential information of a similar nature, and in any event no less than a reasonable standard of care; and Take reasonable steps to ensure that its employees, officers, contractors, agents and advisers who have access to Confidential Information comply with the obligations set out in this Section 12. 13.4 Permitted Disclosures 13.4.1 The Receiving Party may disclose Confidential Information to: Its employees, officers and contractors; Its professional advisers (including legal, accounting and compliance advisers); Sub-Processors (in the case of TTS); and Service providers assisting with the performance of the Services, provided that: Each recipient has a legitimate need to know for the purposes of this Agreement; and Each recipient is bound by confidentiality obligations no less restrictive than those set out in this Section 12. 13.5 Confidentiality of User Data 13.5.1 The Parties acknowledge and agree that: All Personal Data and other User-related information processed in connection with deposit administration, electronic approvals, onboarding or related workflows is confidential; Detailed obligations relating to Personal Data are governed by Section 7 (Data Protection and Privacy); Confidentiality obligations apply to both identified and pseudonymised data; and Audit Trails, Reports, scheme certificates and electronic approval files constitute Confidential Information. 13.5.2 Partners must not: Disclose User data to third parties except where permitted by law or these Terms; Publish Reports or sensitive User-related information; Use User data for purposes unrelated to the Services; or Transfer or upload TTS-provided User data to external systems without appropriate security safeguards. 13.6 Protection of TTS Security Information 13.6.1 The Partner must not disclose any information relating to: Security protocols or access controls; API limits, credentials or configuration; Platform architecture or infrastructure; Vulnerability information or incident response details; or Internal logs, source code, algorithms or system logic. 13.6.2 Such information constitutes highly sensitive Confidential Information of TTS and must be protected with an enhanced standard of care. 13.7 Compelled Disclosure 13.7.1 If the Receiving Party is required by applicable law, regulation or court order to disclose any Confidential Information, it must: Where legally permitted, notify the Disclosing Party promptly; Allow the Disclosing Party a reasonable opportunity to seek protective measures; Disclose only the minimum information required to comply; and Continue to treat any remaining Confidential Information as confidential. 13.8 Return or Destruction of Confidential Information 13.8.1 Upon termination of this Agreement, or upon written request of the Disclosing Party, the Receiving Party must: Return or securely delete Confidential Information; and Destroy all copies in its possession or control. 13.8.2 Exceptions apply where Confidential Information: Must be retained to comply with applicable law or regulatory requirements; Is stored in routine system backups (which will be deleted in accordance with normal retention cycles); or Is retained for legal defence, dispute resolution or record-keeping purposes, in accordance with Section 7. 13.9 Duration of Confidentiality Obligations 13.9.1 The protections and restrictions set out in this Section 13: Take effect upon the first disclosure of Confidential Information; Remain in force throughout the term of the Agreement; Continue for 5 years following termination or expiry; and Apply indefinitely to trade secrets, source code, algorithms, cryptographic methods, security information and Intellectual Property. 13.10 Breach of Confidentiality 13.10.1 A breach of Section 13 may: Cause irreparable harm to the Disclosing Party; Entitle the Disclosing Party to seek injunctive or equitable relief; Entitle the Disclosing Party to recover damages; and Constitute a material breach of this Agreement, potentially justifying suspension or termination under Section 17. 13.11 No Publicity Without Consent 13.11.1 Except where required by law, neither party may, without the other party’s prior written consent: Publicly announce the existence or terms of this Agreement; Issue press releases or public statements; Use the other party’s name, logo or branding; or Imply endorsement, partnership or sponsorship. SECTION 14 — WARRANTIES 14.1 Mutual Warranties Each party warrants to the other that: Authority and Capacity It has full power, authority and legal capacity to enter into this Agreement and to perform its obligations in accordance with its terms; Compliance with Law It will comply with all Applicable Laws that apply to its performance under this Agreement; and Personnel All individuals acting on its behalf in connection with this Agreement are suitably skilled, experienced and authorised to carry out their respective responsibilities. 14.2 TTS Warranties TTS warrants that: Reasonable Care and Skill It will provide the Services with reasonable care and skill and in accordance with generally accepted industry standards for deposit administration, electronic signature and related technical services; Operation of the Platform The Platform will operate in all material respects in accordance with its published documentation, subject to maintenance, updates, outages and the limitations set out in these Terms; Security Measures It will implement and maintain appropriate technical and organisational measures to protect Personal Data, as described in Section 7 (Data Protection and Privacy); Data Processing as Processor Where acting as a Processor, it will process Personal Data only on the Partner’s documented instructions, except where required or permitted by Applicable Law or these Terms; and Change to the Services It will not intentionally and materially reduce the core functionality of the Services without a legitimate operational, security or legal reason. Except as expressly stated in these Terms, the Services are provided subject to operational, technical, and third party dependencies. Nothing in this Section limits liability for failure to provide the Services with reasonable care and skill where such liability cannot be excluded under Applicable Law. 14.3 Partner Warranties The Partner warrants and represents that: Lawful Basis for Data Processing It has obtained and maintains all necessary consents, notices, permissions and lawful bases required under Data Protection Laws to submit Personal Data to TTS and to instruct TTS to process such data in accordance with these Terms; Accuracy of Information All information, documents, and data provided to TTS (including User details, tenancy information, Deposit Information and supporting documentation) are accurate, complete and not misleading to the best of its knowledge; Compliance with Tenancy and Related Laws It will comply with all Applicable Laws in connection with its use of the Services and any tenancy-related decisions it makes, including (without limitation): Tenancy documentation obligations; Housing and landlord legislation; Consumer protection laws; Anti-discrimination and equality laws; Immigration laws; and Data protection laws. Proper Use of the Services It will not misuse the Services, including by: Using Reports or outputs for purposes unrelated to lawful tenancy workflows; Extracting, reselling or redistributing TTS data; Using TTS data or outputs for AI or machine-learning training; Reverse engineering, decompiling or creating derivative works of the Platform; or Conducting benchmarking or competitive analysis except where expressly permitted in writing. Security and Access Controls: It will implement and maintain appropriate security measures in relation to its Account and systems including: Protecting API keys and access credentials; Managing Authorised Users appropriately; and Promptly revoking access for individuals who no longer require it. Prohibited Content: It will not upload, it will not upload, transmit or submit any content that contains malware, corrupted files, or any material designed to interfere with or damage the Platform, the Services or the systems of TTS or any third party. 14.4 User Warranties (Passed Through Partner) The Partner warrants that it will ensure that each User, as a condition of using the Services, agrees that: Accuracy of Information: All information and data provided in connection with the Services are true, accurate and not misleading; Authority to Provide Documents: Any documents submitted belong to the User or the User is otherwise authorised to provide them for the purposes of the Services; Proper Use of the Services: The User will not attempt to bypass, manipulate or interfere with any verification, deposit administration or signing processes; No Fraud or Impersonation: The User will not engage in fraud, misrepresentation or impersonation in connection with the Services; and Compliance with Procedures: The User will comply with all applicable deposit administration and electronic signature procedures made available through the Platform. The Partner shall be responsible for any breach of the above warranties by a User and shall indemnify TTS against any Losses arising from such breach in accordance with Section 16 (Indemnities). 14.5 No Warranties for Accuracy of Reports 14.5.1 The Partner acknowledges and agrees that: TTS does not warrant or guarantee the accuracy, completeness or correctness of any Reports or outputs generated by the Services; TTS does not guarantee that all fraudulent, misleading or manipulated documents or information will be detected; Identity, authentication and verification processes may fail, require re-capture, or produce false positives or false negatives; Any deposit administration assessments, affordability calculations or risk indicators are provided for informational and support purposes only; and All decisions made using the Reports remain the sole responsibility of the Partner. 14.5.2 Reports do not constitute legal, financial, tenancy, immigration or compliance advice and must not be relied upon as such. 14.6 No Warranty for Third-Party Providers 14.6.1 The Partner acknowledges and agrees that the Services may rely on third-party providers for functions including (without limitation) document analysis, authentication or verification tools, electronic communications, hosting infrastructure, tenancy deposit scheme providers and fraud-prevention services. 14.6.2 TTS does not warrant or guarantee: the accuracy, completeness or reliability of any data or outputs provided by third-party providers; the uninterrupted availability, performance or uptime of any third-party systems or services; or the continued use or availability of any specific third-party provider. 14.6.3 TTS shall use reasonable efforts to select reputable third-party providers and to maintain continuity of the Services, but shall not be responsible for failures, delays or errors arising from the acts or omissions of such third parties, except to the extent caused by a breach by TTS of these Terms. 14.7 Exclusion of Implied Terms 14.7.1 To the maximum extent permitted by Applicable Law, all warranties, conditions and other terms implied by statute, common law or otherwise are excluded from these Terms. 14.7.2 Without limitation, TTS does not give any warranty or representation that the Services will be: Fit for any particular purpose of the Partner; Uninterrupted, timely, secure or error-free; Accurate, complete or reliable in their outputs or Reports; or Suitable for meeting any legal, regulatory or compliance obligations of the Partner. 14.7.3 The Services are provided on an as available basis. TTS does not warrant that the Services will be uninterrupted, error free, or free from delays. The Partner acknowledges that the Services involve automated workflows, third party systems, external infrastructure and probabilistic processes. Nothing in this clause excludes or limits liability arising directly from TTS’s failure to exercise reasonable care and skill in providing the Services. 14.8 No Guarantee of Identity, Suitability or Outcomes 14.8.1 The Partner acknowledges and agrees that TTS does not warrant or guarantee: The identity of any User or that any User is who they claim to be; That any User is suitable for a tenancy or meets the Partner’s affordability or risk criteria; That any User has the legal right to rent, enter into or perform a tenancy agreement; That any User will comply with the terms of any contract or tenancy agreement; That any document signed using the Services will be legally valid or enforceable in all circumstances; The accuracy or completeness of any deposit administration data, income information or supporting documentation; The authenticity or genuineness of any documents submitted by a User; or That fraud, misrepresentation or misuse of the Services will not occur. 14.8.2 All such matters remain the sole responsibility of the Partner, and the Partner retains full responsibility for all tenancy decisions and related legal obligations. 14.9 Limitation of Warranties 14.9.1 The warranties expressly set out in this Section 13 constitute the entire warranties given by TTS in relation to the Services. 14.9.2 All other warranties, representations and conditions, whether express or implied (including any implied by statute, common law or otherwise), are excluded to the maximum extent permitted by Applicable Law. 14.9.3 This Section 14 operates subject to Section 15 (Liability), including the limitation of liability and liability cap set out in that section. SECTION 15 — LIABILITY 15.1 General Liability Principles 15.1.1 Each party shall be responsible for its own acts and omissions and for the acts and omissions of its employees, agents and contractors in connection with this Agreement. 15.1.2 Each party shall comply with all Applicable Laws in relation to its performance of this Agreement and its use of the Services. 15.1.3 Nothing in these Terms excludes or limits any liability which cannot lawfully be excluded or limited under Applicable Law. 15.2 Liability That Cannot Be Excluded 15.2.1 Nothing in these Terms excludes or limits either party’s liability for: Death or personal injury caused by its negligence; Fraud or fraudulent misrepresentation; Wilful misconduct; or Any other liability which cannot lawfully be excluded or limited under Applicable Law. 15.2.2 All such liabilities shall be unlimited. 15.3 Excluded Categories of Loss Subject to Section 15.2 (Liability That Cannot Be Excluded), and to the maximum extent permitted by Applicable Law, TTS shall not be liable for any of the following losses, whether arising in contract, tort (including negligence), breach of statutory duty or otherwise: 15.3.1 Business and Economic Losses Any loss of: Profits, revenue or income; Business, contracts or business opportunities; Anticipated savings; Goodwill or reputation; or Business interruption. 15.3.2 Reliance on Reports and Outputs Any loss arising from: Decisions made or actions taken by the Partner in reliance on any Reports, deposit administration outputs or verification results; or Any interpretation, inference or conclusion drawn by the Partner from the Services. 15.3.3 Identity, Fraud and User Conduct Any loss arising from: Fraud, misrepresentation or impersonation by a User or third party; Forged, altered or manipulated documents not detected by the Services; Errors, omissions or false information provided by Users, employers or landlords; Incorrect affordability or tenancy information submitted by Users; or Tenancy or compliance decisions made by the Partner. 15.3.4 Third-Party Systems and Providers Any failure, delay or error caused by third-party systems or providers, including (without limitation): Authentication or document verification providers; Tenancy deposit scheme providers; Home Office or Share Code systems; Email or SMS delivery services; or Hosting, telecoms or internet service providers. 15.3.5 Indirect and Consequential Loss Any indirect or consequential loss or damage (whether foreseeable or not), including loss falling within the categories set out in clause 15.3.1. 15.4 Partner Responsibility for Decisions 15.4.1 The Partner acknowledges and agrees that it retains sole responsibility for all tenancy-related and compliance decisions made using the Services, including (without limitation): Determining whether to accept or reject any User as a tenant; Assessing affordability and financial suitability; Verifying employment history and any references or supporting information; Evaluating the suitability of any relevant party; Interpreting and relying upon any Reports or outputs generated by the Services; Reviewing and validating documents submitted by Users; and Complying with all Applicable Laws, including tenancy documentation requirements, consumer protection laws and anti-discrimination legislation. 15.4.2 TTS shall not be liable for losses arising solely from the Partner’s tenancy outcomes or regulatory compliance decisions, except to the extent such loss arises directly from TTS’s breach of these Terms. 15.5 Liability Cap 15.5.1 Subject to Section 15.2, TTS’s total aggregate liability to the Partner arising out of or in connection with the Services, whether in contract, tort (including negligence), breach of statutory duty or otherwise, shall not exceed the greater of: 15.5.1.1 The Fees paid or payable by the Partner in the 12 months preceding the event giving rise to the claim; or 15.5.1.2 £25,000. 15.6 Liability for Data Protection Breaches 15.6.1 For the purposes of this Agreement: Where TTS acts as an independent Controller, TTS shall remain responsible for its own compliance with Data Protection Laws in respect of that processing; Where TTS acts as a Processor on the Partner’s instructions, TTS’s liability shall be limited to the extent required under the UK GDPR and other applicable Data Protection Laws; The Partner remains solely responsible for ensuring that it has a lawful basis for all Personal Data submitted to TTS and that all instructions given to TTS are lawful, accurate and compliant with Data Protection Laws; and TTS shall not be liable for any breach of Data Protection Laws arising from any unlawful, incorrect or incomplete instructions provided by the Partner. 15.6.2 Any liability arising under this Section 15.6 shall be subject to the liability cap set out in Section 15.5, unless such liability falls within a category of liability which cannot lawfully be limited or excluded under Section 15.2. 15.7 Increased Risk Areas Outside TTS Responsibility 15.7.1 TTS shall not be liable for any Losses arising from or in connection with: Misuse, compromise or unauthorised use of the Partner’s API keys, access credentials or Accounts; Insecure or inadequately protected Partner systems, networks or IT infrastructure; The Partner’s failure to implement appropriate security controls or to restrict access to Authorised Users; The Partner’s failure to follow TTS documentation, implementation guidance or reasonable operational instructions; Use of the Services for unsupported, unlawful or non-permitted purposes; or Any modifications, integrations, configurations or third-party systems implemented or connected by or on behalf of the Partner. 15.7.2 Such risks remain solely the responsibility of the Partner. 15.8 Liability for User Fraud 15.8.1 TTS shall not be liable for any Losses arising from or in connection with fraud, misrepresentation, impersonation or other deceptive conduct by any User or third party, including (without limitation): Identity fraud or impersonation; Presentation attacks or other attempts to circumvent verification processes; Forged, altered or manipulated documents; Falsified employment or landlord references; or Inaccurate or misleading financial or supporting information submitted by Users. 15.8.2 The Partner acknowledges that the Services are designed to reduce risk but do not eliminate the risk of fraud or deception, and that responsibility for managing such risk remains with the Partner. 15.9 Time Limit for Bringing Claims 15.9.1 Except in respect of any liability which cannot lawfully be limited or excluded under Section 15.2, no claim may be brought by either party arising out of or in connection with this Agreement unless such claim is commenced within 12 months of the date on which the claiming party first became aware (or ought reasonably to have become aware) of the circumstances giving rise to the claim. 15.9.2 Any claim not brought within this period shall be permanently barred. 15.10 Apportionment of Risk 15.10.1 The parties acknowledge and agree that: The Fees payable under this Agreement reflect the allocation of risk between the parties as set out in this Section 15; Without the limitations and exclusions of liability contained in this Section 15, TTS would not be able to provide the Services on the agreed commercial terms; The Partner remains responsible for independently verifying critical information and for making its own tenancy and compliance decisions; and Identity verification, deposit administration and electronic signing processes inherently involve technical and operational uncertainty and do not eliminate the risk of error, fraud or misuse. 15.10.2 This allocation of risk is an essential basis of the bargain between the parties. 15.11 Multiple Claims 15.11.1 For the purposes of applying the liability cap in Section 15.5, all claims arising out of or in connection with: The same act or omission; The same series of related acts or omissions; or A continuous or recurring set of circumstances, shall be treated as a single claim. SECTION 16 — INDEMNITIES 16.1 Partner Indemnities The Partner shall indemnify and hold harmless TTS, its directors, officers, employees, agents and subcontractors (together, the TTS Indemnified Parties) from and against all Losses arising out of or in connection with any claim, demand or action resulting from: 16.1.1 Misuse of the Services The misuse, improper use or unauthorised use of the Services, the Platform, the API, Reports, Audit Trails or TTS data by the Partner or any Authorised User, including use for unsupported, unlawful or non-permitted purposes. 16.1.2 Unlawful or Incorrect Instructions Processing carried out by TTS in accordance with the Partner’s instructions where those instructions are unlawful, inaccurate or incomplete, including where the Partner: Does not have a lawful basis for processing Personal Data; Has failed to provide required notices or obtain necessary consents; or Has instructed processing in breach of Data Protection Laws. 16.1.3 User Fraud or Misrepresentation Fraud, misrepresentation or other misconduct by a User or third party, including falsified or manipulated documents, identity fraud or impersonation, forged signatures or declarations, or inaccurate, misleading or untrue information submitted in connection with the Services. 16.1.4 Breach of Law by the Partner The Partner’s breach of any Applicable Laws in connection with its use of the Services, including (without limitation) tenancy documentation obligations, housing and landlord legislation, consumer protection laws, equality and anti-discrimination laws, and Data Protection Laws. 16.1.5 Partner Content Claims alleging that Partner Content infringes any third-party Intellectual Property Rights, is unlawful, defamatory or misleading, or introduces malware or malicious code into the Platform or Services. 16.1.6 Integrations and Security Failures Losses arising from insecure management of API keys or access credentials, misconfiguration of the Partner’s systems or integrations, failures of third-party vendors engaged by the Partner, or breaches or compromises of the Partner’s IT environment. 16.1.7 Acts of Partner Personnel and Users Acts or omissions of the Partner’s employees, contractors, agents, system integrators or Users who access or use the Services via the Partner’s Account or API credentials. 16.2 TTS Indemnities (Limited Scope) 16.2.1 TTS shall indemnify and hold harmless the Partner from and against all Losses arising directly from a third-party claim to the extent that such claim alleges that the Platform (excluding Partner Content, User Content and third-party components) infringes a valid and enforceable: Patent; Copyright; Trademark; or Other intellectual property right. 16.2.1.1 Conditions of the IP Indemnity The indemnity in this Section applies only where: The Partner promptly notifies TTS in writing of the claim; TTS has sole control over the defence and settlement of the claim; The Partner provides all reasonable cooperation and assistance requested by TTS; and The Partner does not make any admission of liability or take any action that may prejudice TTS’s defence. 16.2.1.2 Mitigation Remedies If a claim under this Section is made or is likely to be made, TTS may, at its sole discretion: Procure for the Partner the right to continue using the affected part of the Services; Replace or modify the Services so that they become non-infringing without materially reducing functionality; or Terminate the affected portion of the Services and refund any prepaid Fees relating to the unused period. 16.3 Exclusions to TTS’s IP Indemnity 16.3.1 TTS shall have no liability under the indemnity in Section 15.2 to the extent that any claim arises from or relates to: Partner Content or User Content; Any modification of the Services, Platform or API made by or on behalf of the Partner and not authorised in writing by TTS; Any system, software, platform or service provided by a third party and integrated with the Services at the Partner’s request or direction; Use of the Services other than in accordance with these Terms or outside the permitted scope of use; The Partner’s breach of these Terms or applicable law; The Partner’s failure to use the most current version of the Platform or API made available by TTS; or Compliance by TTS with the Partner’s specifications, instructions, branding requirements or design requests. 16.4 Indemnities for Data Protection Issues 16.4.1 Partner Indemnity (Data Protection) The Partner shall indemnify, defend and hold harmless TTS and the TTS Indemnified Parties from and against all losses, damages, liabilities, fines, penalties, costs and expenses (including reasonable legal fees) arising out of or relating to any claim, investigation or enforcement action resulting from: Any unlawful, inaccurate or inappropriate processing instructions given by the Partner to TTS; The Partner’s failure to establish or maintain a lawful basis for processing Personal Data; Any failure by the Partner to provide required transparency information or privacy notices to Users; Any misrepresentation by the Partner to Users regarding the purposes or scope of processing; The Partner’s failure to properly handle or respond to data subject rights requests; Any Personal Data Breach or security incident arising from the Partner’s systems, infrastructure or access controls; and Any failure by the Partner to comply with applicable tenancy documentation, immigration, housing or regulatory requirements in connection with the processing of Personal Data. 16.4.2 TTS Indemnity (Data Protection) TTS shall indemnify the Partner solely to the extent that: TTS, acting as an independent Controller; Commits a proven breach of applicable Data Protection Laws; and Such breach directly causes loss to the Partner. This indemnity shall not apply to the extent that any loss arises from the Partner’s instructions, Partner systems, Partner Content, User Content, or any act or omission of the Partner or its Authorised Users. TTS’s liability under this Section 15.4.2 remains subject to the liability cap set out in Section 14 (Liability and Limitation of Liability). 16.5 Indemnity for Third-Party Claims 16.5.1 The Partner shall indemnify, defend and hold harmless TTS and the TTS Indemnified Parties from and against all losses, damages, liabilities, costs and expenses (including reasonable legal fees) arising out of or in connection with any third-party claim, demand or proceeding relating to: Any tenancy decision made by the Partner, including acceptance or rejection of a User; Any dispute concerning deposit administration outcomes, deductions or repayment instructions; The validity, enforceability or interpretation of any document signed using the electronic approval or electronic signature Services, as between the Partner and any User; Any dispute concerning employment references, landlord references or supporting evidence supplied by or on behalf of a User; Complaints, claims or proceedings brought by Users arising from the Partner’s reliance on Reports or use of the Services; and Any failure by the Partner to comply with applicable legal, regulatory or professional obligations, including tenancy law, consumer protection law and discrimination law. 16.5.2 For the avoidance of doubt, TTS does not assume responsibility for tenancy suitability determinations, legal compliance, or decisions taken by the Partner based on Reports or outputs generated by the Services. 16.6 Indemnity Procedures The following procedures apply to all indemnities under this Agreement: 16.6.1 Notification The indemnified party shall notify the indemnifying party in writing as soon as reasonably practicable after becoming aware of any claim, demand or proceeding in respect of which an indemnity may be sought. Failure to give prompt notice shall not relieve the indemnifying party of its obligations except to the extent it is materially prejudiced by the delay. 16.1.2 Control of Defence and Settlement The indemnifying party shall have sole conduct and control of the defence and settlement of the claim, provided that it conducts such defence and settlement in good faith and with reasonable diligence. 16.6.3 Co-operation The indemnified party shall provide all reasonable assistance, information and cooperation requested by the indemnifying party in connection with the defence or settlement of the claim, at the indemnifying party’s cost (except for the indemnified party’s internal administrative costs). 16.6.4 Mitigation Each party shall take reasonable steps to mitigate any losses or liabilities arising out of or in connection with the claim. 16.6.5 No Admissions or Settlements Without Consent The indemnified party shall not, without the prior written consent of the indemnifying party: Admit liability; Make any statement prejudicial to the defence of the claim; or Settle or compromise the claim. 16.6.6 Restrictions on Settlement The indemnifying party shall not settle any claim in a manner that imposes any obligation, liability or admission of fault on the indemnified party without the indemnified party’s prior written consent (not to be unreasonably withheld or delayed). 16.6.7 Relationship to Liability Cap Except in respect of liability which cannot be limited or excluded by law, each party’s indemnity obligations under this Agreement shall be subject to and limited by the provisions of Section 14 (Liability and Limitation of Liability), including the total aggregate liability cap equal to the Fees paid or payable in the 6 months preceding the claim. SECTION 17 — SUSPENSION AND TERMINATION 17.1 Suspension of the Services TTS may immediately suspend or restrict access to the Services (including API access), in whole or in part and without liability, where it reasonably determines that suspension is necessary for any of the following reasons: 17.1.1 Security, Fraud or Misuse Risk Where TTS reasonably believes that: The Partner’s Account or API credentials have been compromised; Suspicious, fraudulent or abusive activity is occurring; Users are attempting to bypass verification, signing or deposit administration processes; Documents or data have been manipulated or falsified; or The Services are being misused or accessed in an unauthorised manner. 17.1.2 Legal or Regulatory Requirement Where suspension is required in order to: Comply with Applicable Law; Comply with a request or direction from a regulator, law enforcement body or government authority; Prevent or investigate unlawful activity; or Meet fraud-prevention, sanctions or immigration compliance obligations. 17.1.3 Non-Payment Where the Partner fails to pay undisputed Fees in accordance with this Agreement and such failure continues after reasonable notice (unless immediate suspension is required to prevent further loss). 17.1.4 Technical or Operational Risk Where suspension is necessary to: Protect the integrity or security of the Platform; Prevent data loss or corruption; Address critical vulnerabilities or system failures; or Maintain overall system stability and performance. 17.1.5 Breach of the Agreement Where the Partner: Breaches these Terms; Breaches Data Protection Laws; Fails to comply with access or use restrictions; Uses the Services in a manner outside the permitted scope. 17.1.6 Duration of Suspension Any suspension shall last only for the minimum period reasonably necessary to investigate and remedy the relevant issue. TTS shall use reasonable efforts to restore access once the cause of the suspension has been resolved. 17.2 Effects of Suspension 17.2.1 During any period of suspension, TTS may, in whole or in part: Restrict or disable access to the Partner Dashboard; Block or limit API access and integrations; Prevent the initiation of deposit administration workflows; Prevent the initiation of electronic signature workflows; or Restrict access to Reports, Audit Trails and system outputs. 17.2.2 Suspension shall not: Relieve the Partner of its obligation to pay any Fees due and payable; Terminate this Agreement; or Entitle the Partner to any refund, credit or compensation. 17.2.3 TTS shall use reasonable efforts to restore access to the Services once the circumstances giving rise to the suspension have been resolved to its reasonable satisfaction. 17.3 Termination by the Partner The Partner may terminate the Agreement: 17.3.1 For Convenience At any time, by giving TTS not less than thirty (30) days’ prior written notice. 17.3.2 For Cause (Material Breach) Immediately upon written notice if TTS commits a material breach of these Terms and fails to remedy that breach within thirty (30) days of receiving written notice requiring it to do so. 17.3.3 Insolvency Immediately upon written notice if TTS: Becomes insolvent; Enters into liquidation, administration or receivership; Ceases or threatens to cease carrying on business; or Is unable to pay its debts as they fall due. Termination for convenience shall not entitle the Partner to any refund of Fees already paid or payable. 17.4 Termination by TTS TTS may terminate this Agreement immediately by written notice to the Partner if any of the following occurs: 17.4.1 Non-Payment The Partner fails to pay any undisputed Fees within 30 days of the due date. 17.4.2 Misuse of the Services The Partner misuses the Services, including (without limitation) the identity, deposit administration, electronic signature or API tools, or uses the Services for any unlawful or unauthorised purpose. 17.4.3 Material Breach The Partner commits a material breach of these Terms and fails to remedy that breach within 30 days of receiving written notice requiring it to do so. 17.4.4 Legal or Regulatory Risk Continued provision of the Services would, in the reasonable opinion of TTS: Breach Applicable Law; Breach regulatory or compliance obligations; or Undermine fraud-prevention or security requirements. 17.4.5 Insolvency The Partner: Becomes insolvent; Enters into liquidation, administration or receivership; Ceases or threatens to cease trading; or Is unable to pay its debts as they fall due. 17.4.6 Unacceptable Risk Exposure TTS reasonably determines that continuing to provide the Services to the Partner creates an unacceptable: Fraud risk; Legal risk; or Reputational risk. 17.5 Automatic Termination The Agreement shall automatically terminate without further notice if: 17.5.1 Prolonged Inactivity The Partner’s Account remains inactive for a continuous period of 12 months. 17.5.2  Non-Payment Not Remedied The Partner’s access to the Services is suspended due to non-payment and is not reinstated within 60 days of suspension. TTS may, but is not obliged to, provide advance notice to the Partner prior to automatic termination under this clause. 17.6 Consequences of Termination Upon termination or expiry of this Agreement for any reason: 17.6.1 Cessation of Access and Use The Partner shall immediately cease all use of: The Platform; The API; The Partner Dashboard; Initiation of deposit administration workflows; Initiation of electronic signature workflows; and Any other Services provided under this Agreement. 17.6.2 Deactivation of Credentials TTS shall deactivate or revoke: The Partner’s account access; All administrative and Authorised User accounts; and All API keys and integration credentials. 17.6.3 Outstanding Fees Termination shall not affect any accrued rights or obligations. The Partner remains liable to pay: All outstanding invoices; All Fees relating to Services performed prior to termination; and Any applicable late payment charges or interest. Termination does not waive or reduce any Fees owed to TTS. 17.6.4 Data Retention and Deletion TTS shall: Retain or delete Personal Data in accordance with Section 7 (Data Protection and Privacy); Delete Partner-specific configuration settings and integration parameters where reasonably practicable; and Retain Audit Trails, evidence files and tenancy documentation records where required by Applicable Law, for fraud prevention, or for legal defence purposes. 17.6.5 Retrieval of Records Upon written request made within 30 days following termination: TTS shall provide the Partner with reasonable access to download Reports, signed documents and certificates held within the Platform; and TTS may charge a reasonable administrative fee for bulk data exports or bespoke retrieval requests. After expiry of this 30 day period, TTS shall have no obligation to retain or provide access to such materials, except where required by law. 17.7 Survival of Obligations 17.7.1 Termination or expiry of this Agreement shall not affect any rights or obligations which by their nature are intended to survive termination. 17.7.2 Without limitation, the following Sections shall survive termination or expiry of this Agreement: Section 7 (Data Protection and Privacy) Section 9 (Reports, Results and Reliance) Section 11 (Audit Trails and Evidence Files) Section 12 (Intellectual Property Rights) Section 13 (Confidentiality) Section 15 (Liability) Section 16 (Indemnities) Section 17.6 (Consequences of Termination) Section 18 (Governing Law and Jurisdiction) Sections 19–21 (General Provisions) 17.7.3 Any provision which expressly or by implication is intended to survive termination shall continue in full force and effect. 17.8 No Liability for Termination 17.8.1 Neither party shall be liable to the other for any loss or damage arising solely as a result of: A lawful termination of this Agreement in accordance with this Section 16; or Any suspension of the Services carried out in accordance with these Terms. 17.8.2 Nothing in this clause shall affect: The Partner’s obligation to pay all Fees incurred prior to termination or suspension; Any indemnity obligations arising under these Terms; or Any liability for breaches of this Agreement occurring before termination or suspension. SECTION 18 — GOVERNING LAW AND JURISDICTION 18.1 Governing Law These Terms, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with them or their subject matter, shall be governed by and construed in accordance with the laws of England and Wales. 18.2 Jurisdiction Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with: These Terms; The Services; Any verification, deposit administration or treasury activities; Electronic signature workflows; Any Reports, Audit Trails or outputs; or Use of the Platform or API. 18.3 Injunctive and Equitable Relief Nothing in this Section shall prevent either party from seeking urgent interim relief, injunctive relief or other equitable remedies in any jurisdiction where such relief is necessary to prevent immediate or irreparable harm. 18.4 Business Use Only The Services are provided to Partners for business purposes only. The governing law and jurisdiction set out in this Section apply solely to the contractual relationship between TTS and the Partner. SECTION 19 — NOTICES 19.1 Form of Notices 19.1.1 Any notice or other communication given under or in connection with these Terms shall: Be in writing; and Be delivered by one of the following permitted methods: Hand-delivery; or Registered or tracked postal service. 19.1.2 Notices sent via instant messaging platforms (including WhatsApp, SMS or Slack) are not valid unless expressly agreed in writing by both parties. 19.2 Notices to TTS All notices to TTS must be sent to: Legal Notices Email: compliance@let365.co.uk Registered Address: Tenancy Treasury Services Ltd 5th Floor 167-169 Great Portland Street London W1W 5PF Notices sent to incorrect or outdated contact details shall not be deemed validly served unless expressly acknowledged in writing by TTS. 19.3 Notices to the Partner Notices to the Partner shall be sent to: The email address associated with the Partner’s account; Any alternative email address notified in writing by the Partner; or Where required, the Partner’s registered office or principal place of business. The Partner is responsible for ensuring that: Its contact details remain accurate and current; Its email systems can receive notices from TTs; and Authorised personnel monitor such communications. 19.4 Deemed Receipt of Notices Notices are deemed delivered as follows: 19.4.1 Hand Delivery At the time of delivery, as evidenced by signature or delivery confirmation. 19.4.2 Registered or Tracked Post At 09:00 on the second Business Day after posting; or When delivery is confirmed by tracking records, if earlier. 19.5 Suspension and Termination Notices 19.5.1 Notices relating to: Material breach; suspension under Section 16; or Termination of the Agreement, may validly be given by email alone (unless applicable law requires otherwise). 19.5.2 Email shall constitute valid and effective service for enforcement notices under this Agreement. 19.6 Changes to Contact Details 19.6.1 Either party may update its notice details by giving written notice to the other party. 19.6.2 Such changes shall take effect: Immediately upon receipt in the case of email; or On deemed receipt in the case of postal notice. 19.6.3 Until such time, notices sent to the most recent notified contact details shall be deemed valid. 19.7 Service of Legal Proceedings 19.7.1 Service of proceedings may only be effected by: Tracked postal service; Courier requiring signature; or Email, where expressly agreed in writing and acknowledged by the receiving party. 19.7.2 Nothing in this clause shall prevent service by any method permitted under the Civil Procedure Rules. SECTION 20 — CHANGES TO THESE TERMS 20.1 Right to Update or Amend 20.1.1 TTS may update or amend these Terms from time to time in order to reflect: Changes to the Services; Updates to identity, deposit administration, authentication or electronic approval workflows; Improvements to security or fraud-prevention methods; Changes to third-party verification providers or integrations; Introduction of new features or functionality; Changes in Applicable Laws, regulations or regulatory guidance; Operational or technical requirements; or Corrections, clarifications or improvements to drafting. 20.1.2 Any such changes shall be made in compliance with Applicable Law. 20.2 Notice of Changes 20.2.1 Where reasonably practicable, TTS will notify the Partner of material changes to these Terms by: Email to the address associated with the Partner’s Account; and/or Notification within the Platform of Partner Dashboard. 20.2.2 Non-material or administrative changes may be implemented without advance notice. 20.3 Effect of Changes 20.3.1 Unless otherwise stated: Update Terms shall take effect on the date specified by TTS; and The Partner’s continued use of the Services after that date shall constitute acceptance of the updated Terms. 20.3.2 If the Partner does not agree to the updated Terms, it may terminate the Agreement in accordance with Section 16 before the changes take effect. 20.4 No Retrospective Application No amendment to these Terms shall apply retrospectively to any dispute, claim or liability arising prior to the effective date of the updated Terms, unless required by law. SECTION 21 — GENERAL PROVISIONS 21.1 Entire Agreement 21.1.1 These Terms, together with any documents expressly incorporated by reference (including the Privacy Policy, Data Processing Agreement, and any written commercial agreement or Order Form) constitute the entire agreement between the parties in relation to their subject matter and: Supersede all prior agreements, negotiations, understandings or representations (whether written or oral); and Prevail over any terms or purchase orders submitted by the Partner unless expressly agreed in writing by TTS. 21.1.2 No other terms or conditions shall apply unless expressly accepted in writing by TTS. 21.2 Assignment 21.2.1 By the Partner The Partner shall not assign, transfer, subcontract, delegate or novate any of its rights or obligations under these Terms without the prior written consent of TTS (not to be unreasonably withheld or delayed). 21.2.2 By TTS TTS may assign or transfer its rights or obligations under these Terms: To an Affiliate; In connection with a merger, acquisition, corporate reorganization or sale of all or substantially all of its business or assets; or To a service provider engaged in delivering the Services, provided that such entity agrees in writing to be bound by these Terms. 21.3 Subcontracting 21.3.1 TTS may subcontract the performance of any part of the Services, including to: Hosting providers; Deposit administration engines; Authentication or document analysis tools; Scheme providers; Fraud-prevention providers; or Customer support partners. 21.3.2 TTS remains responsible for the performance of its subcontractors as if it had performed the Services itself. 21.4 Force Majeure 21.4.1 Neither party shall be liable for any failure or delay in performing its obligations (other than payment obligations) where such failure or delay results from events beyond its reasonable control, including: Natural disasters; Power failures; Civil unrest; Pandemics or public health emergencies; Telecommunications or network outages; Government actions; Industrial disputes; or Failures of third-party infrastructure providers. 21.4.2 During a Force Majeure event: The affected obligations shall be suspended for the duration of the event; The parties shall use reasonable efforts to minimize disruption; and If the event continues for more than 60 days, either party may terminate this Agreement on written notice. 21.5 No Partnership or Agency 21.5.1 Nothing in these Terms creates or is intended to create any: Partnership; Joint venture; Employment relationship; or Agency relationship, Between the parties. 21.5.2 Neither party has authority to bind the other except as expressly stated in these Terms. 21.6 No Third-Party Rights 21.6.1 Except for persons indemnified under Section 16, these Terms do not give rise to any rights for any third party under the Contracts (Rights of Third Parties) Act 1999. 21.6.2 No third party shall be entitled to enforce any term of this Agreement. 21.7 Severability 21.1.7 If any provision of these Terms is held by a court of competent jurisdiction to be invalid, unlawful or unenforceable, that provision shall be deemed modified to the minimum extent necessary to make it valid and enforceable. 21.1.7 If modification is not possible, that provision shall be deleted and the remaining provisions shall continue in full force and effect. 21.8 Waiver 21.8.1 No failure or delay by either party in exercising any right or remedy under these Terms shall operate as a waiver of that or any other right or remedy. 21.8.2 A waiver shall be effective only if made in writing and shall apply only to the specific circumstances for which it is given. 21.9 Amendments 21.9.1 Except as permitted under Section 19, (Changes to these Terms), no amendment or variation of this Agreement shall be effective unless it is in writing and signed by the Parties. 21.9.2 Electronic signature shall be valid for the purposes of amendments. 21.10 Interpretation 21.10.1 In these Terms: “including”, “include” and similar expressions mean “including without limitation”; References to statutes include those statutes as amended or replaced from time to time; Headings are for convenience only and do not affect interpretation; References to “writing” include email but exclude instant messaging platforms; or References to “person” include corporations and unincorporated bodies. 21.11 Order of Precedence 21.11.1 If there is any conflict between the following documents, the order of precedence shall be: Any written commercial agreement or Order Form signed by both parties; These Terms; The Privacy Policy; The Data Processing Agreement; and Any API documentation or technical specifications. 21.12 Survival 21.12.1 The following provisions survive termination of this Agreement: Payment obligations; Confidentiality; Data protection; Intellectual property; Warranties; Liability and limitation of liability; Indemnities; Audit trails and evidence; Governing law and jurisdiction; and This Section 20. 21.13 Execution and Acceptance 21.13.1 These Terms may be executed or accepted electronically, including by: Electronic signatures; Click-wrap acceptance; Creation of a Partner account; or Use of the Services. Such acceptance shall have the same legal effect as a handwritten signature. 21.14 Counterparts 21.14.1 Where these Terms are signed, they may be executed in any number of counterparts, each of which shall constitute and original and all of which together constitute one agreement.