🚨 UK SOX ALERT: Provision 29 deadline is approaching fast. Boards must evidence internal control effectiveness by January 2026. Learn how Symbiant can help you easily meet Provision 29 →

Symbiant System White Logo - Risk, Audit and Compliance Management Software

Build to fit your requirements & budget

Symbiant Ltd – Terms & Conditions

These Terms & Conditions set out the legal terms governing your use of Symbiant’s SaaS platform, including licensing, fees, data protection, service availability, and termination. They are designed to ensure transparency, security, and clarity for all customers using Symbiant’s Governance, Risk, Compliance, and Audit software.

Contact Us
Symbiant Governance, Risk Management, Compliance (GRC) Software with an optional Professional GRC Trained AI Assistant.

Effective January 2026. These Terms & Conditions replace and supersede all previous versions issued by Symbiant.

 

Agreement“Agreement” means these Terms & Conditions together with any Order, SLA, or other document referencing these Terms.
Customer“Customer” means the organisation or individual identified on the Order.
Customer Data“Customer Data” means any data input, uploaded, generated, or stored by the Customer or its Users within the SaaS Services.
Documentation“Documentation” means Symbiant’s user guides, help materials, and technical documentation.
Effective Date“Effective Date” has the meaning given in Clause 8.1.
Exclusions“Exclusions” means circumstances excluded from Uptime calculations, including:
  1. force majeure events;
  2. Scheduled Downtime;
  3. Customer-side networking or DNS issues;
  4. Customer configuration, scripting, or coding;
  5. wider internet outages;
  6. Customer-requested outages;
  7. Customer environmental changes affecting service availability.
Order“Order” means any written or electronic order for the SaaS Services.
SaaS Services“SaaS Services” means Symbiant’s cloud-hosted software platform, including associated updates and Documentation.
Scheduled Downtime“Scheduled Downtime” means maintenance notified at least 48 hours in advance.
Subscription Term“Subscription Term” means the rolling or fixed duration of service as specified in Clause 8.2.
System“System” means the software, servers, hosting, infrastructure, and connected components used to deliver the SaaS Services.
User“User” means any person authorised by the Customer to access the SaaS Services.

 

Definitions from the Symbiant EULA also apply where not inconsistent with this Agreement.  

 

2. Right to Use the Services

2.1
Subject to payment of the Fees and compliance with this Agreement, Symbiant grants the Customer a non-exclusive, non-transferable, non-sublicensable licence for its Users to access and use the SaaS Services for internal business purposes only.

2.2
Use of the Services must comply with all applicable laws and the Acceptable Use Policy (AUP).

3. Acceptable Use Policy (AUP)

The Customer must not, and must ensure Users do not, use the SaaS Services to:

  • commit unlawful acts;
  • distribute obscene, violent, or inappropriate content;
  • promote or assist violence;
  • infringe intellectual property rights;
  • access accounts without authorisation;
  • interfere with Service, introduce malware, or attempt system compromise;
  • send unsolicited messages or spam;
  • misrepresent their relationship with Symbiant;
  • hold Symbiant or its affiliates up to undue ridicule.

Examples are illustrative, not exhaustive.

4. Fees & Payments

4.1
Fees are set out in each Order.

4.2
All Fees are payable in advance for the period invoiced.

4.3
Payment options include monthly, quarterly, six-monthly, or annual billing via credit card, standing order, or BACS.

4.4
Pricing is fixed for 12 months unless the licence changes or the account defaults.

4.5
Administration fees apply to failed payments, additional documentation requests, and physical visits.

4.6
Late or missed payments place the account in default. Symbiant may:

  • increase monthly Fees if three (3) payments are late in a 12-month period;
  • suspend the Services;
  • terminate unpaid accounts without notice.

4.7
Customers may challenge payment errors within three months; after this period, charges are deemed accepted.

5. Data Protection, Security & Backups

5.1 Customer Data

Customer Data is treated as Confidential Information.

5.2 Security

Symbiant uses commercially reasonable measures, including encryption, firewalls, and access controls, to protect Customer Data.

5.3 Backups

Customer Data is backed up according to Symbiant’s standard procedures.

5.4 Data Restoration

Symbiant is not liable for unauthorised access or data loss unless caused solely by Symbiant’s negligence, in which case restoration is limited to the most recent backup.

5.5 Data Processor Status

The Customer is the Data Controller; Symbiant acts as the Data Processor under Article 28 of the GDPR. Symbiant will only use sub-processors offering appropriate technical and organisational safeguards.

5.6 Sensitive Personal Data

The Customer must not store special category data without Symbiant’s prior written approval and full disclosure of the intended use.

5.7 Customer Responsibility for Access

The Customer is responsible for credential security, password policies, and monitoring user activity logs.

5.8 Symbiant Privacy Practices

Symbiant retains only necessary contact information and does not share Customer Data except as required by law or as necessary to deliver the Service.

6. Service Availability, Uptime & Maintenance

6.1
Symbiant targets 99.96% monthly uptime.

6.2
If uptime falls below the target level:

  • 99% → minor default → 2 days’ service credit
  • 98% → major default → 5 days’ service credit

Credits apply to future invoices only and are the Customer’s sole remedy for uptime failures.

6.3
Scheduled and emergency maintenance may restrict access.

6.4

Exclusions do not count towards downtime calculations.

7. Confidentiality

7.1
Symbiant shall:

(a) keep Customer Confidential Information confidential;

(b) use it only for delivering the Services;

(c) restrict disclosure to authorised personnel under confidentiality obligations;

(d) protect it with at least the same care applied to Symbiant’s own confidential information.

7.2
Exceptions include information that is:

  • publicly available;
  • already lawfully known to Symbiant;
  • disclosed by a third party without breach;
  • required by law or regulatory authority.

7.3
Symbiant will cease use of Customer Confidential Information immediately upon termination.

7.4
Symbiant will permanently delete Customer databases from live and backup systems within 31 working days of termination, subject to payment of all outstanding Fees.

8. Term & Termination

8.1 Effective Date
The Agreement begins on the earlier of:

(a) the Customer first accessing or using the SaaS Services; or

(b) the Customer signing or accepting an Order referencing these Terms.

8.2 Contract Period
The default contract period is a rolling ninety (90) days unless otherwise stated.

Where Symbiant has provided free customisations, a six (6) month minimum notice period applies.


8.3 Customer Termination
The Customer may terminate without cause by giving written notice equal to the required notice period. All Fees due during the notice period remain payable.

8.4 Symbiant Termination
Symbiant may terminate immediately if the Customer:

(a) fails to pay Fees;
(b) materially breaches the Agreement and fails to remedy within 14 days;
(c) violates the AUP;
(d) poses legal, security, or regulatory risk.

8.5 Suspension
Symbiant may suspend access for:

  • late payment,
  • security risks,
  • misuse,
  • legal/regulatory obligations.

8.6 Effect of Termination
Upon termination:

(a) customer access ceases;
(b) outstanding Fees remain due;
(c) confidential information protections continue;
(d) data deletion occurs per Clause 7.4.

8.7 Survival
Confidentiality, liability, payment obligations, dispute provisions, and accrued rights survive termination.

9. Warranties

Each party warrants it has authority to enter the Agreement.
All other warranties, express or implied, are excluded to the maximum extent permitted by law.

10.Liability

Nothing limits liability for fraud or matters that cannot be limited by law. 
All other liability is limited as permitted by applicable law. 

11. Assignment & SubContracting

Neither party may assign or subcontract the Agreement without the other’s written consent (not to be unreasonably withheld). Subcontracting does not relieve the Customer of obligations.  

12. Intellectual Property

All intellectual property in the SaaS Services remains owned by Symbiant. 
The Customer receives only the usage rights expressly granted in this Agreement. 

13. Support & Service Levels

Standard support is included.  Premium support includes unlimited configuration work and can only be cancelled when the account is fully cancelled after a minimum of 12 months. 
Support is subject to fairuse limits.  

14. Marketing Rights

Unless the Customer opts out in writing, Symbiant may display the Customer’s logo on its website and materials.  

15. Governing Law & Jurisdiction

This Agreement is governed by the laws of England & Wales. 
Exclusive jurisdiction lies with the courts of England & Wales.  

16. Entire Agreement

This Agreement supersedes all previous agreements and constitutes the entire agreement between the parties. 

17. Severability

If any provision is held invalid, the remainder shall continue in full force.  

18. No Third Party Rights

No third party may enforce any term of this Agreement.  

19. Waiver

Failure to enforce a provision is not a waiver of rights. 

20. Variations

Symbiant may update these Terms from time to time. Continued use of the SaaS Services constitutes acceptance of the updated Terms. 

 

 

 

 

 

 

 

Â