User Agreement

Last updated: 15 May 2025

Hyphen Connect AI Client User Agreement

This agreement (the "Agreement") is entered into by and between Hyphen Connect Limited, company number 15214114 located at 167-169, Great Portland Street, 5th Floor, London W1W 5PF, and the Client ("Client"), whose details are provided during onboarding. This Agreement governs the use of the software and services provided by Hyphen Connect AI.

Effective Date: The Agreement shall commence on the date of Hyphen Connect AI receiving a setup and/or subscription fee for the software and services by the Client and continue for a period of 12 months unless terminated or renewed as outlined below.

Our Use of Cookies

Data Ownership & Collection

Data Ownership: All data uploaded by the Client remains the exclusive property of the Client. Hyphen Connect AI will not claim

Scope of Services

Hyphen Connect AI will provide the following services as per the selected tier:

CRM and Customer Communication

Social Media Hub and Marketing Tools

Website Builder,

Live AI Webchat, and Client Portal

Sales Funnels and Opportunity Pipelines

Finance & Payment Portal

Communities and Training Course Hub

AI Marketing Automation

CalendarsForms and Surveys

Customer Reviews Management

IntegrationsSupport and IT Assistance

Refer to the tier-specific features outlined in the Hyphen Connect Pricing document for detailed inclusions.

Payments and Pricing

Hyphen Connect offers a series of packages, with customisable product add-ons. All packages have a set-up fee which differs depending on the subscription package selected.

Refer to the tier-specific pricing outlined in the Hyphen Connect Pricing document for detailed inclusions.

Payment Terms:

Fees will be billed monthly in advance.

Payments for the setup cost are due upon receipt.

Late payments will result in a suspension of services

Trial Period:

A 14-day free trial period is available for new Clients commencing from software handover. This free trial period excludes the setup cost. After the trial period, the Client will be automatically enrolled in their selected monthly payment tier unless the service has been canceled before the end of the trial period.

Renewals and Termination

Renewal:

This Agreement will automatically renew for another 12-month term unless the Client cancels the subscription at least 30 days before the term ends.

Termination:

Hyphen Connect AI may terminate the Agreement immediately if the Client violates any terms outlined herein.

Early Termination Fees:

If the Client terminates before the end of the 12-month contract, a fee equivalent to 50% of the remaining term’s fees will be charged.

Vendor Management

Hyphen Connect AI may leverage third-party service providers to support the development of our product and assist with internal operations. We ensure that our vendors and partners maintain appropriate security, privacy controls, and data protection measures as part of our contractual relationship with them. Hyphen Connect AI maintains an updated list of sub-processors, which may change from time to time, as part of our Data Processing Agreement (DPA). The client will be notified of any significant changes to sub-processors in accordance with our DPA.

Responsibilities of the Client

Provide accurate information during onboarding. Ensure timely payment of fees. Comply with all applicable laws regarding the use of the software. Maintain the confidentiality of login credentials and safeguard access to the platform.

Responsibilities of Hyphen Connect AI

Provide the agreed-upon services as outlined in the scope. Maintain the security and integrity of client data. Notify clients of any significant changes to sub-processors or service terms. Ensure compliance with applicable data protection regulations, including GDPR, the UK Data Protection Act, and other global standards.

Data Ownership & Collection

Data Ownership: All data uploaded by the Client remains the exclusive property of the Client. Hyphen Connect AI will not claim ownership, use or sell the Client’s data, unless requested to do so in writing by the client.

Data Processing: Hyphen Connect AI will process data solely for the purposes outlined in this Agreement, ensuring that any data handling complies with the terms specified.

Minimal Data Collection: Collects only the data necessary for its operations, in compliance with the GDPR’s data minimisation principle.

Specified Purposes: Ensures that all data processing activities are purpose-driven and communicated transparently in privacy policies.

Security and Compliance

Hyphen Connect AI is committed to maintaining the highest standards of security and compliance. We adhere to the UK GDPR, the UK Data Protection Act 2018, the Information Commissioner’s Office (ICO) guidelines, and global data protection frameworks, including:

Global Data Protection Compliance

Standard Contractual Clauses (SCCs): Facilitates lawful international data transfers under GDPR requirements.

APEC Cross-Border Privacy Rules (CBPR): Ensures secure and responsible cross-border data transfers.

Personal Data Protection Act (PDPA): Compliance with Singapore’s PDPA for secure data handling and transparency.

US Data Protection Compliance

California Consumer Privacy Act (CCPA): Provides California residents with rights to access, delete, and control their personal data.

Health Insurance Portability and Accountability Act (HIPAA): For clients handling health-related data, ensuring the confidentiality and security of personal health information (PHI).

UK Data Protection Compliance

Compliance with GDPR and the UK Data Protection Act

Lawful Data Processing: Hyphen Connect processes personal data based on lawful grounds, such as user consent, contract fulfilment, or legitimate business interests, in compliance with Articles 6 and 7 of the GDPR.

Data Subject Rights: The platform provides tools to facilitate data subject requests, ensuring compliance with rights such as access, rectification, erasure, and data portability, as outlined in Articles 15–20 of the GDPR.

Data Processing Agreements (DPA): Hyphen Connect offers Data Processing Agreements (DPAs) that include Standard Contractual Clauses (SCCs) for lawful data transfers outside the UK or EU.

Accountability: The platform follows the GDPR's accountability principle by maintaining detailed records of data processing activities and regularly reviewing its data protection measures.

ICO Compliance

Registration with ICO: Hyphen Connect complies with ICO guidelines by registering as a data controller/processor and adhering to the UK Data Protection Act 2018.

Privacy Impact Assessments (PIAs): Conducts regular Privacy Impact Assessments to identify and mitigate risks associated with data processing activities.

Breach Reporting: Ensures timely reporting of data breaches to the ICO within the required 72-hour timeframe, along with notifications to affected individuals when applicable.

International Data Transfers

Standard Contractual Clauses: For data transfers outside the UK or EU, Hyphen Connect implements SCCs in line with GDPR requirements to ensure data is handled lawfully and securely.

Hosting in Compliant Regions: Data hosting services comply with regional laws, ensuring no breaches of UK, EU, or other global data protection requirements.

Our Use of Cookies

Data Encryption: All data within Hyphen Connect is encrypted using AES-256 encryption, ensuring sensitive information is secure and inaccessible to unauthorised parties during storage and transit.

Password Protection: User credentials are protected with advanced hashing methods and salted encryption, mitigating risks of unauthorised access.

Role-Based Access Control: The platform enforces role-based access controls (RBAC) to ensure users have access only to the data and features required for their specific roles.

Server Infrastructure and Locations

Hyphen Connect AI utilises robust server infrastructure provided by AWS (Amazon Web Services) and Google Cloud. These servers are located in secure, access-controlled data centres in the US and EU, ensuring optimal performance, scalability, and compliance with regional data protection regulations.

Redundant storage solutions across multiple servers ensure data availability and integrity even in case of system failures.

Network Security

Firewalls and Intrusion Detection: Firewalls and network segmentation safeguard the platform from unauthorised access and cyberattacks.

TLS Encryption: All data transmitted over the network is encrypted using Transport Layer Security (TLS) to maintain confidentiality and prevent interception.

Third-Party Providers

Third-Party Compliance: Any third-party service providers or sub-processors that Hyphen Connect AI engages with are required to comply with equivalent data protection and security standards. We maintain a list of our sub-processors, which may change from time to time, and are detailed in our Data Processing Agreement (DPA).

Security Audits and Monitoring

Regular Security Audits: Hyphen Connect AI conducts routine security audits and vulnerability assessments to ensure the platform remains resilient against potential cyber threats and attacks.

Access Control: Strict access control measures are implemented to ensure that only authorised personnel can access sensitive data. Roles and permissions are managed and monitored regularly to maintain a high level of security.

Data Breach Notification: In the unlikely event of a data breach, Hyphen Connect AI will notify the Client within 72 hours of becoming aware, as per applicable data protection laws. The notification will include details about the nature of the breach, the data affected, and actions taken to mitigate any risks.

Confidentiality

Both parties agree to keep all confidential information shared under this Agreement secure and not disclose it to third parties without prior written consent.

Liability

Hyphen Connect AI’s total liability under this Agreement, whether in contract, tort, or otherwise, shall not exceed the total fees paid by the Client in the 12 months preceding the claim.

Dispute Resolution

Any disputes arising from this Agreement shall be resolved through mediation. If mediation fails, the matter will be referred to the courts of England and Wales.