Legal Policies & Contracts
Anti‑Bribery & Corruption (ABC) Policy
Last updated: 2 November 2025
Company: InteliATE Ltd (Company No. 15514345)
Registered office: London, United Kingdom
Contact: contact@InteliATE.com (subject: Compliance)
1) Statement & Scope
InteliATE has zero tolerance for bribery and corruption. This Policy applies to all InteliATE people (employees, officers, directors), contractors, resellers/agents, and any third party acting for or on our behalf, anywhere in the world.
We comply with the UK Bribery Act 2010 (including the Section 7 “failure to prevent” offence and the MoJ’s six‑principle framework) and relevant local laws (e.g., US FCPA) where we operate or sell. GOV.UK
2) What’s prohibited
-
Bribery/kickbacks: Offering, giving, requesting, or receiving anything of value to influence a person’s actions or secure an improper advantage—public or private sector.
-
Facilitation payments: Banned. “Grease” payments are illegal under UK law; do not make them (exception only for immediate threat to life/safety—report immediately). GOV.UK
-
Cash or cash equivalents: Never permitted (cash, gift cards, vouchers, crypto).
-
Improper gifts/hospitality/travel: Anything intended or likely to influence a decision.
-
Political contributions: None on InteliATE’s behalf.
-
Charitable donations & sponsorships: Allowed only with pre‑approval and due diligence; never to influence a decision.
-
Hiring or internships: Must not be offered to influence a decision (including relatives of officials).
3) Government interactions (stricter rules)
-
Gifts/hospitality to public officials: Prohibited unless prior written approval from Compliance and demonstrably legitimate, modest, and lawful. Default rule: £0.
-
Permissible business courtesy (rare): Must be (i) clearly lawful, (ii) modest, (iii) transparently recorded, and (iv) pre‑approved.
4) Gifts, Hospitality & Expenses (commercial counterparties)
-
Never if intended to influence or appears excessive/inappropriate.
-
Thresholds:
-
Gifts: permitted up to £50 per person with disclosure; £50–£150 requires pre‑approval; >£150 prohibited.
-
Hospitality/Meals: reasonable, occasional; over £150 per person requires pre‑approval.
-
-
Always prohibited: cash/cash‑equivalents; “quid‑pro‑quo” offers; adult entertainment.
-
Register: All gifts/hospitality (given or received) must be logged in the ABC Register within 7 days.
(Adjust amounts if you prefer; the structure and controls should remain.)
5) Third parties (resellers, agents, partners, consultants)
-
Risk‑based due diligence before engagement; refresh periodically. Screen ownership, reputation, sanctions, and government ties; document red flags and mitigations.
-
Written contract with ABC clauses: compliance, audit/termination rights, accurate records, no sub‑agents without approval.
-
Monitoring: Validate invoices against deliverables; no off‑book payments or “success fees” without specific approval.
6) Books, Records & Controls
-
Keep complete, accurate, timely records for payments, expenses, gifts, hospitality, donations, sponsorships, and third‑party fees.
-
No off‑book accounts or falsified descriptions.
-
Maintain the ABC Register and supporting evidence for 6 years (or longer where legally required).
7) Conflicts of Interest
Disclose any personal, financial, or family interest that could influence your work (including with suppliers, partners, or customers). Do not participate in related decisions without clearance.
8) Training & Certification
-
Mandatory onboarding ABC training for all employees; annual refresh for higher‑risk roles (sales, channel, procurement, public‑sector engagement).
-
Third‑party representatives receive appropriate ABC communication and contractual obligations.
9) Speak‑Up & Non‑Retaliation
Report concerns immediately to contact@inteliate.com (subject: Compliance) or your manager. InteliATE prohibits retaliation against anyone who reports in good faith. Concerns are investigated promptly and fairly; substantiated violations lead to disciplinary action (up to termination) and reporting to authorities where required.
10) Risk Assessment, Monitoring & Review
We maintain proportionate procedures consistent with MoJ guidance: Proportionate procedures; Top‑level commitment; Risk assessment; Due diligence; Communication/training; Monitoring/review. We reassess risks at least annually and when entering new markets, using intermediaries, or bidding in public sector opportunities. GOV.UK
11) Roles & Responsibilities
-
Board/CEO: set tone, approve policy, oversee effectiveness.
-
Compliance Lead (policy owner): maintains this policy, keeps the ABC Register, approves higher‑risk gifts/hospitality/donations, and third‑party due diligence.
-
Managers: ensure team compliance and completion of training.
-
Everyone: read, understand, and follow this policy; complete training; raise concerns.
12) Enforcement
Breaches may result in disciplinary action (up to dismissal), contract termination, recovery of losses, and referral to law enforcement/regulators. InteliATE will cooperate with authorities.
13) Questions
Email contact@InteliATE.com (subject: Compliance).
Terms & Conditions of Purchase & Use
Last updated: 2 November 2025
Company: InteliATE Ltd (Company No. 15514345)
Registered office: London, United Kingdom
Postal contact: 35 Cedars Close, Hendon, London, UK
Contact: contact@InteliATE.com
These Terms apply to (i) your purchase and use of InteliATE software and professional services installed on‑premises at your environment, and (ii) your use of our website and customer portal. By signing an Order Form/SOW with InteliATE or using our website/portal, you agree to these Terms.
Definitions (plain English)
-
Affiliate: an entity controlling, controlled by, or under common control with a party.
-
Order Form: the ordering document signed by you and InteliATE describing software, services, licence metrics, fees, term.
-
SOW: a statement of work for professional services.
-
Software: InteliATE software (object code) and updates we provide under these Terms.
-
Documentation: user/admin guides, runbooks, release notes.
-
On‑prem: deployed in your environment (your hardware/VMs/K8s).
-
Support: maintenance and technical support under §A7 and Schedule 1.
-
Confidential Information: non‑public info a reasonable person would treat as confidential.
-
Portal: InteliATE’s password‑protected customer portal.
Part A — Purchase (Licence, Services, Support)
A1) Scope & model
-
The Software is licensed, not sold. You run it on‑prem. InteliATE does not host or process your production personal data.
-
Deliverables under any SOW are provided as specified; we avoid personal data in deliverables and logs. If a unique case requires access to personal data, a separate DPA will be executed first (default is no personal data).
A2) Licence grant & restrictions
-
Grant: Subject to payment and these Terms, InteliATE grants you a non‑exclusive, non‑transferable licence to install and use the Software in your environment for your internal business, within the licence metrics on the Order Form (e.g., servers/cores/nodes/users).
-
Restrictions: No SaaS/hosting for third parties, sublicensing, renting, reverse‑engineering (except as permitted by law), or removing proprietary notices. No benchmarking publication without our written consent.
-
Open‑source: The Software may include OSS components under their licences. We will provide notices on request. To the extent OSS licences require, those terms govern the OSS component.
A3) Delivery, installation & acceptance
-
We deliver via secure download or media.
-
Acceptance occurs on the earlier of: (i) successful completion of the installation/commissioning steps in the Order Form/SOW, or (ii) 5 business days after delivery if you do not report material non‑conformities with reproducible details.
A4) Fees, invoicing, taxes
-
Fees are as per the Order Form/SOW. Unless stated otherwise: fees are in GBP, exclusive of VAT and taxes, and non‑cancellable/non‑refundable except where an express warranty remedy applies.
-
Payment terms: net 30 days from invoice date. Statutory interest and recovery costs may apply under the Late Payment of Commercial Debts (Interest) Act 1998.
-
You are responsible for all taxes (excluding taxes on our income). Withholding taxes: gross‑up or provide valid certificates.
A5) Warranties (Software & services)
-
Software warranty: For 90 days from delivery, the Software will materially conform to Documentation when used per requirements.
-
Services warranty: We will perform professional services with reasonable skill and care.
-
Exclusions: No warranty for issues caused by: non‑InteliATE modifications, unsupported environments, failure to follow Documentation, or external systems.
-
Remedy: We will repair/replace the non‑conforming Software or re‑perform services. If we cannot cure within a reasonable time, you may receive a pro‑rata refund for the affected item; this is your exclusive remedy.
-
Disclaimer: No other warranties. We disclaim implied warranties of merchantability/fitness to the extent permitted by law.
A6) IP ownership; customer materials
-
InteliATE and its licensors own all IP in the Software, Documentation, and any enhancements.
-
You own your data and any Customer Materials you provide. You grant InteliATE a limited licence to use Customer Materials only to perform the contract.
-
Work Product under SOW: Unless the SOW says otherwise, (i) you receive ownership of customer‑specific deliverables created for you (excluding InteliATE Background IP), and (ii) InteliATE retains Background IP and grants you a perpetual, royalty‑free licence to use it as embedded in the deliverables.
A7) Support & maintenance
Support is provided during the term purchased and described in Schedule 1 (Support SLA). We provide patches, minor updates, and security fixes for supported versions; major upgrades may require additional fees as stated on the Order Form.
A8) Security; on‑prem access
We do not require access to your production personal data. If remote access to your environment is requested for support, it will be pre‑approved by you, time‑bound, least‑privilege, and logged. You agree to provide a safe, patched environment meeting the Prerequisites in the Documentation.
A9) Confidentiality
Each party will protect the other’s Confidential Information using at least reasonable care and use it only to perform these Terms. Exceptions: information that is public, independently developed, or rightfully obtained without duty. If required by law to disclose, give prompt notice where lawful.
A10) Indemnities
-
InteliATE IP indemnity: We will defend and indemnify you against third‑party claims that the Software, as supplied, infringes UK/EU/US patents, copyrights, or trade secrets, and pay damages/settlements approved by us. Remedies may include: modifying/replacing the Software or refunding the prepaid, unused fees for the affected licence and terminating it.
-
Exclusions: claims based on combinations not supplied by us, your modifications, unsupported versions, or use outside scope.
-
-
Your indemnity: You will defend and indemnify us from third‑party claims arising from (i) your unlawful use or breach of §A2/A11, or (ii) Customer Materials.
A11) Compliance
You will comply with applicable laws (including anti‑bribery and export controls/sanctions). We comply with UK law; see our published Anti‑Bribery & Corruption Policy.
A12) Liability
-
Nothing limits either party’s liability for death/personal injury caused by negligence, fraud/fraudulent misrepresentation, or liabilities that cannot be limited by law.
-
Cap: Each party’s aggregate liability arising out of these Terms is limited to 100% of the total fees paid or payable by you to InteliATE in the 12 months before the first claim.
-
Exclusions: Neither party is liable for indirect, special, incidental, punitive damages, or loss of profit, revenue, savings, goodwill, or data, in each case whether direct or indirect, to the extent permitted by law.
A13) Term, renewal, termination
-
Term/renewals as set out in the Order Form.
-
Either party may terminate for material breach not cured within 30 days after written notice, or for insolvency events.
-
On termination/expiry: you must stop using the Software and delete copies (except reasonable archival backups for legal compliance), and we will cease services. Clauses that by nature survive will continue (e.g., fees due, IP, confidentiality, liability).
A14) Force majeure
Neither party is liable for delays/failures caused by events beyond reasonable control (e.g., power/network outages, war, strikes, pandemics, acts of government), but must mitigate and resume promptly.
Part B — Use of Website & Portal
B1) Scope
-
Website (InteliATE.com): no cookies, no analytics, no public forms.
-
Portal: password‑protected; strictly necessary session/auth cookies only; no personal data uploads (unless expressly agreed in writing).
B2) Acceptable use
Follow our Acceptable Use Policy. Do not upload unlawful content, attempt to bypass security, scrape, or share credentials. No sensitive or personal data in the Portal unless we have a DPA in place (default: no).
B3) Content & IP
The website/portal content is owned by InteliATE or licensors. We grant a revocable, non‑exclusive licence to access for legitimate business purposes. No reverse‑engineering, framing, or reproduction beyond fair dealing/fair use.
B4) Availability & changes
The website/portal may change, be suspended, or withdrawn without notice. We may update these Terms by posting a new version; continued use means acceptance.
B5) Disclaimers (website/portal)
Content is general information only. Services are provided “as is” and “as available” for website/portal access. See Part A for purchase‑related warranties.
Part C — Legal & Administrative
C1) Order of precedence
If there is a conflict: Order Form/SOW > these Terms > Documentation > purchase order terms (which are rejected unless expressly accepted in writing).
C2) Publicity
We will not use your name/logo without your prior written consent.
C3) Assignment
Neither party may assign or transfer these Terms without the other’s consent, except to an Affiliate or in connection with a merger, sale, or reorganisation (not to a direct competitor) with notice.
C4) Notices
Legal notices must be in writing and sent by email to contact@InteliATE.com (subject: Legal Notice) and to the address/email on your Order Form. Notices are deemed received on business days when the email is sent, if no bounce is received.
C5) Governing law & jurisdiction
These Terms are governed by the laws of England and Wales. The courts of England and Wales have exclusive jurisdiction, except mandatory local consumer laws (if applicable) prevail.
C6) Miscellaneous
No waiver unless in writing. If any clause is unenforceable, the rest remains. These Terms are the entire agreement and supersede prior discussions on the subject. No third‑party rights under the Contracts (Rights of Third Parties) Act 1999.
Schedule 1 — Support SLA (on‑prem)
Coverage: UK business days, 09:00–17:00 UK time, excluding UK public holidays (unless the Order Form states extended coverage).
Channels: Portal (preferred) or support email provided at onboarding.
Severities & targets (response = human acknowledgement + start of troubleshooting):
SeverityExampleResponse TargetWork Pattern
S1 – CriticalProduction outage or material loss of core function with no workaround4 business hoursContinuous effort during coverage hours until workaround or resolution
S2 – HighMajor degradation; workaround available1 business dayEffort during coverage hours
S3 – NormalFunctionality issue; non‑critical bug2 business daysEffort during coverage hours
S4 – LowHow‑to, requests, minor tweaks3 business daysEffort during coverage hours
Customer responsibilities: Provide knowledgeable contact, logs/config demanded by the runbook (scrubbed of personal/sensitive data), and a reproducible case where possible. Maintain supported versions and prerequisites.
Exclusions: Issues caused by unsupported environments, third‑party systems outside our control, or unauthorised changes.
Fix delivery: via patch, configuration guidance, or next maintenance release.
Schedule 2 — Data protection position
-
InteliATE installs software on‑prem and does not access or process client personal data as part of delivery/support.
-
Website has no forms/analytics; Portal sets strictly necessary cookies only.
-
InteliATE is ICO‑registered (number pending) and compliant with UK GDPR/EU GDPR as applicable, but not “accredited” (no such official accreditation exists).
-
If a unique support case would require access to personal data: we will refuse or proceed only after a separate DPA is executed and narrowly scoped. Default stance: no access.
Equal Opportunity Policy
Equal Opportunity Policy
(Policy against Harassment, Discrimination and Retaliation)
Last updated: 2 November 2025
Company: InteliATE Ltd (Company No. 15514345)
Registered office: London, United Kingdom
Contact: contact@InteliATE.com (subject: HR/Equal Opportunity)
1) Policy statement
InteliATE provides equal opportunities in employment and a workplace free from discrimination, harassment (including sexual harassment), bullying and retaliation. Zero tolerance for violations. Managers are accountable for prevention, fast response, and fair outcomes.
This policy applies to all workers: employees, workers, contractors, consultants, interns, applicants, agency staff, and any third party acting for InteliATE, wherever work is performed (office, client site, remote, events, travel, online tools).
2) Legal framework (UK focus, global application)
We comply with the Equality Act 2010 and relevant local laws where we operate. The Equality Act protects nine characteristics: age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation. We apply these protections company‑wide. Legislation.gov.uk
From 26 October 2024, UK employers have a legal duty to take reasonable steps to prevent sexual harassment. InteliATE implements proactive measures and will evidence those steps. GOV.UK
3) Definitions (plain English)
-
Discrimination: Unlawful less favourable treatment because of a protected characteristic (direct), or applying a provision/criterion/practice that disadvantages a protected group without justification (indirect).
-
Harassment: Unwanted conduct related to a protected characteristic (or of a sexual nature) that violates dignity or creates an intimidating, hostile, degrading, humiliating or offensive environment. Single serious incidents count. Bystander harm counts. Legislation.gov.uk
-
Sexual harassment: Any unwanted sexual conduct (verbal, non‑verbal, physical), sexual advances, requests for sexual favours, sexualised “banter”, sharing sexual content, or conduct related to sex that creates the environment described above. Acas
-
Victimisation (retaliation): Detriment to someone because they raised or supported a complaint or exercised Equality Act rights. Prohibited. Legislation.gov.uk
-
Bullying: Offensive, intimidating, malicious or insulting behaviour, abuse of power or unfair criticism that undermines or humiliates. Bullying can be misconduct even if not unlawful discrimination.
4) What’s prohibited (non‑exhaustive)
-
Discrimination or harassment on any protected ground.
-
Sexual harassment (including “banter”, sexual jokes/memes, unwanted touching, remarks about appearance).
-
Offensive slurs, stereotypes, microaggressions, or exclusionary behaviour.
-
Bullying (private or public, in person or online).
-
Retaliation against anyone who reports or participates in an investigation.
-
Inappropriate use of collaboration tools (email, chat, video, issue trackers) to harass, demean or target.
-
Third‑party misconduct at events or client sites: managers must act to prevent and stop it. Acas
5) Responsibilities
-
Board & CEO: set tone, resource this policy, review outcomes.
-
Managers: lead by example; take proactive steps (briefings, event risk checks, visible escalation routes); act on issues immediately. equalityhumanrights.com
-
All workers: follow the policy; challenge unacceptable behaviour; report concerns.
-
People/Compliance (policy owner): training, advice, triage, investigation oversight, record‑keeping, reporting.
6) Recruitment, progression, pay & working practices
We will:
-
Write inclusive job ads; assess against objective criteria only.
-
Provide reasonable adjustments (recruitment and on the job).
-
Base pay, promotion, training and assignment decisions on merit and business needs.
-
Review criteria to avoid indirect discrimination; document rationale where criteria may disadvantage a protected group. Local Government Association
7) Reasonable adjustments (disability and other needs)
We will make reasonable adjustments to remove workplace barriers—equipment, software, schedule changes, accessible formats, support persons for assessments, etc. Raise needs via your manager or People/Compliance. We’ll agree adjustments and review them periodically.
8) Preventing sexual harassment: our “reasonable steps”
At minimum we will:
-
Maintain and publish this policy; brief all staff annually.
-
Run role‑appropriate training (managers get scenario‑based sessions).
-
Risk‑assess events, travel, off‑sites (alcohol rules, clear contacts, buddy system).
-
Provide multiple reporting channels (see §9) and no‑retaliation guarantees.
-
Act promptly on reports; take corrective and disciplinary action where needed.
-
Keep records and review trends; report anonymised metrics to leadership. Acas
9) How to report concerns
Report early. Options:
-
Your manager; or
-
People/Compliance: contact@InteliATE.com (subject: HR/Equal Opportunity).
If you believe there is immediate risk to safety, call emergency services first.
We aim to acknowledge within 2 working days, start an assessment within 7 working days, and conclude straightforward matters within 28 days. Timelines may vary with case complexity—we will keep you informed.
We accept anonymous reports (where lawful), but it may limit what we can do. Confidentiality will be protected as far as possible.
10) Investigation process (summary)
-
Intake & triage: assess risk; consider interim measures (separation, rota changes).
-
Investigation plan: impartial investigator(s); scope, witnesses, evidence.
-
Interviews & evidence review: fair opportunity to respond; support person permitted.
-
Outcome: balance of probabilities standard; written findings.
-
Action: remedial steps and, where misconduct is found, disciplinary action up to termination.
-
Appeal: available via People/Compliance to a different decision‑maker.
False or malicious allegations may themselves be misconduct; good‑faith reports are protected from retaliation.
11) Remote work, online channels & events
This policy covers all work contexts: Slack/Teams/email, code repos, tickets, video calls, client chats, conferences, dinners, transport and accommodation during business travel. Managers must risk‑assess events and brief teams on expected conduct and escalation points.
12) Training & communication
-
Mandatory onboarding training; refresh at least every 2 years (annually for managers and higher‑risk roles).
-
Periodic reminders, posters, and pre‑event briefings.
-
Contractors and agencies receive the policy and must confirm compliance before starting work. equalityhumanrights.com
13) Data protection
Investigation records are kept confidential, limited to those who need to know, and retained only as long as necessary to meet legal and operational requirements. Separate workforce privacy notices cover HR data in detail.
14) Monitoring & review
People/Compliance reviews this policy annually and after any significant incident or legal change, and reports aggregated, non‑identifying trends to the Board.
15) Non‑UK operations
Where local laws provide stronger protections or different procedures, InteliATE will meet or exceed those requirements. Local HR will maintain any country addenda.
16) Related policies
-
Code of Conduct / Anti‑Bribery & Corruption Policy
-
Disciplinary Policy
-
Whistleblowing / Speak‑Up Policy
-
Health & Safety Policy
References (for transparency)
-
Equality Act 2010: Protected characteristics; harassment definition; victimisation.
-
EHRC & ACAS guidance on sexual harassment and employer duties; UK duty to prevent sexual harassment (effective 26 Oct 2024).
Website Acceptable use policy
Last updated: 2 November 2025
Company: InteliATE Ltd (Company No. 15514345)
Registered office: London, United Kingdom
Postal contact: 35 Cedars Close, Hendon, London, UK
Contact: contact@InteliATE.com
This Acceptable Use Policy (“AUP”) sets the ground rules for using:
-
the public website at InteliATE.com (the “Site”), and
-
the password‑protected Portal used to coordinate updates/support (the “Portal”).
It sits alongside our [Terms of Use] and [Privacy & GDPR Notice] and [Cookie Policy]. If you use the Site or Portal, you agree to this AUP.
1) Core principles
-
Lawful use only. Don’t use the Site/Portal in any way that breaks the law or infringes rights.
-
Security first. Don’t attack, probe, or bypass our security or access controls.
-
No personal data uploads. Our model is on‑prem and we do not process client personal data. Do not upload personal/sensitive data to the Portal.
-
No tracking/ads. We don’t run analytics or advertising cookies. The Portal uses strictly necessary session/auth cookies only.
2) Prohibited behaviour
You must not:
-
Unlawful/abusive content: Upload, post, or link to content that is illegal, defamatory, discriminatory, or infringes IP or privacy.
-
Security misuse: Probe, scan, or test vulnerability; attempt unauthorised access; bypass authentication; inject malware; DDoS; or interfere with hosting/network.
-
Account abuse: Share credentials outside your organisation; impersonate others; attempt to access anyone else’s account or data.
-
Automated scraping: Use bots/scrapers that ignore robots rules, degrade service, or copy substantial parts of the Site/Portal.
-
Data misuse: Upload or transmit special‑category data, payment data, children’s data, or any personal data unless we have explicit written agreement (our default stance is no personal data).
-
Illegal communications: Send spam, unlawful marketing, or harmful content via features (if any) of the Site/Portal.
3) Accounts & security (Portal)
-
Keep your credentials confidential; enable MFA if provided.
-
Tell us immediately about suspected compromise (contact@InteliATE.com, subject “Security”).
-
We may suspend or revoke access to protect users and systems.
4) Intellectual property & fair use
-
The Site/Portal and their content are owned by InteliATE or our licensors.
-
We grant a revocable, non‑exclusive licence to access for lawful business purposes.
-
Don’t reverse‑engineer, decompile, or create derivative works except where legally permitted.
5) Availability and changes
-
We may update, suspend, or withdraw the Site/Portal at any time.
-
We may change this AUP by updating this page. Continued use means you accept changes.
6) Enforcement
If we believe you breached this AUP, we may take any reasonable action, including:
-
Immediate, temporary, or permanent withdrawal of access to the Site/Portal.
-
Warnings or requests to remediate.
-
Technical measures (rate limiting, IP blocks).
-
Legal action for costs and damages.
-
Disclosure to law enforcement where required.
We are not liable for actions taken in response to AUP breaches.
7) Reporting security issues
If you believe you’ve found a security issue, email contact@InteliATE.com (subject: “Security”). Don’t publicly disclose before we confirm a fix window.
8) Governing law
This AUP is governed by the laws of England and Wales. The courts of England and Wales have exclusive jurisdiction, unless mandatory local law says otherwise.
Ethical AI Policy for On-Premises Systems
Last updated: 2 November 2025
Company: Inteliate Ltd (Company No. 15514345)
Registered office: London, United Kingdom
Contact: contact@InteliATE.com (subject: Ethics)
1) Policy statement & purpose
Inteliate builds AI that runs on your infrastructure. We design for security, legality, and human oversight by default. This Policy sets the rules for how Inteliate and our customers design, deploy, and use Inteliate AI systems on‑premises.
Applies to: all Inteliate staff, contractors, partners, and customer users of Inteliate software and the customer portal.
2) Core principles
-
Accountability: Clear ownership for models, data, and decisions; auditable actions end‑to‑end.
-
Fairness & non‑discrimination: Mitigate bias in data and models; test and monitor for disparate impact.
-
Transparency: Document scope, limits, data provenance, and known failure modes; provide explainability features where feasible.
-
Human oversight: AI augments; people decide. Guardrails prevent automation from bypassing human review.
-
Security by design: Offline by default; least‑privilege, role‑based access; tamper‑evident logs.
-
Proportionality: Collect and process only what’s needed for the task; minimize retention.
3) Development & testing standards
-
Data selection & curation: Use lawful, relevant, representative datasets; document sources and licenses.
-
Bias mitigation: Apply sampling, weighting, and evaluation to reduce unfair outcomes; record metrics and trade‑offs.
-
Model documentation: For every model, maintain a concise Model Card: purpose, inputs/outputs, limits, risks, evaluation metrics, and change history.
-
Reproducibility: Record training/config parameters and datasets used; version all artifacts.
-
Explainability: Prefer interpretable methods or attach explanations (saliency/rationales, tracebacks to sources) where feasible.
4) Data ethics & use
-
Lawful origin & purpose limitation: Data must have a legitimate source and a defined, lawful purpose; no secondary use without approval.
-
On‑prem only: All data stays in the customer’s environment. No backhaul to Inteliate.
-
Zero‑knowledge posture: Inteliate personnel do not access customer data unless explicitly authorised in a time‑boxed, logged support window under contract.
-
Minimisation & retention: Use the least data necessary; retention is customer‑controlled; provide secure purge tools.
-
Traceability: Every result should be traceable to source inputs where practicable.
5) Deployment & operational integrity
-
Offline by default: No internet connectivity required or assumed; any outbound link must be explicitly enabled, justified, and audited.
-
Baseline hardening: Encrypted storage, MFA for admin roles, signed releases, integrity checks, secure update process.
-
Role‑based access control: Users only see what they need; admin changes require approval workflows.
-
Immutable audit logs: Log uploads, queries, configurations, model changes, and exports; store locally, encrypted, tamper‑evident.
-
Support access: Dual‑control ephemeral credentials; customer can observe and revoke at any time; all access logged.
6) Human oversight & safe use
-
Decision rights: Investigators/analysts/operators retain final say; AI outputs are advisory.
-
Uncertainty & limitations: Surfaces confidence/ambiguity flags and known error modes; force review when thresholds are met.
-
No dark patterns: Interfaces avoid coercive UI; users can see what a feature does and configure/disable where allowed.
7) Prohibited uses & high‑risk gating
Inteliate systems must not be used for:
-
Unlawful discrimination or targeting based on protected characteristics.
-
Social scoring of individuals or groups.
-
Undisclosed mass surveillance, or real‑time biometric identification, unless explicitly lawful, contractually permitted, and approved through the ethics review (see §8).
-
Automated decisions with legal/similar significant effects without required human review and lawful basis.
High‑risk use cases (e.g., public‑sector enforcement, safety‑critical workflows) require an Ethics & Risk Assessment and explicit senior approval before go‑live.
8) Governance & oversight
-
Roles:
-
Executive owner: accountable for policy effectiveness and resourcing.
-
AI Ethics Lead (or delegate): maintains standards, chairs reviews, signs off high‑risk deployments.
-
Engineering leads: enforce SDLC controls, documentation, and testing.
-
Customers: control local data, users, and lawful use; run local access approvals.
-
-
Ethics Review: Standing group (eng/PM/legal/security) reviews new features/integrations, high‑risk deployments, and red‑flags. Can pause or block releases.
-
Records: Keep model cards, risk assessments, approvals, and audit logs for the duration required by contract/law.
9) Monitoring, drift & continuous improvement
-
Operational monitoring: Check outputs for bias and drift against baselines; alert on anomalous behaviour.
-
Updates & retraining: Validate against benchmark suites before release; document changes; provide rollback.
-
Feedback loop: In‑product or portal feedback routes; classify, track, and respond; incorporate fixes into releases.
-
Periodic audits: At least annually, review models, data pipelines, and access logs; remediate findings.
10) Third‑party data & integrations
-
Due diligence: Vet vendors/APIs/feeds for legality, licence terms, privacy posture, and reliability.
-
Allow‑list only: External calls (if enabled) restricted to approved endpoints; all traffic logged.
-
OSINT & sensitive sources: Record provenance and usage constraints; tag context to avoid scope creep.
-
Custom integrations: Subject to technical and ethical compatibility review; document shared responsibilities.
11) Legal & regulatory compliance
-
Data protection: Comply with applicable data‑protection laws (e.g., UK GDPR/EU GDPR). Inteliate typically is not a processor; if support requires data access, a DPA must be executed first.
-
Sectoral rules: Customers remain responsible for lawful use in their jurisdiction (e.g., public‑sector, security, or financial regulations).
-
Export/sanctions & localisation: Respect export controls, sanctions, and data‑residency mandates.
-
Records & disclosure: Maintain documentation required by law; cooperate with lawful audits and requests.
12) Incident reporting & response
-
Report channels: contact@inteliate.com (subject: Ethics/Incident) or customer’s internal channel.
-
Timelines: Prompt triage; high‑severity issues prioritised; root‑cause analysis with corrective actions.
-
Customer control: Customers can isolate systems, revoke support access, and export logs for forensics.
13) Training & awareness
-
Inteliate staff: mandatory onboarding and annual refresh on responsible AI, data protection, bias, and secure on‑prem operations.
-
Customer training: role‑based training at deployment; covers limits, audit features, safe operation, and escalation paths.
-
Non‑retaliation: Good‑faith reporting is protected.
14) Policy maintenance
-
Review cadence: Annual review or on major legal/product change.
-
Change control: Version‑controlled; material changes notified to customers at least 30 days before enforcement.
-
Exceptions: Only by written approval of the CEO and CTO, with recorded rationale and expiry.
Appendix A — On‑prem baseline checklist (publish or keep internal)
Before go‑live, confirm:
-
Offline mode (no egress), or documented/approved allow‑lists.
-
Storage encrypted, backups tested, keys managed locally.
-
RBAC mapped to job roles; admin changes require approvals.
-
Immutable local audit logging enabled and retained per contract.
-
Model Cards completed; risk assessment filed; bias tests passed.
-
Support access disabled by default; dual‑control temporary access only.
-
Kill‑switch/rollback documented and tested.
-
User training delivered; escalation routes tested.
Inteliate Mutual Non-Disclosure Agreement
This Non-Disclosure Agreement (this “Agreement”) is made and entered into as of this day of (“Effective Date”) (day of signup), by and between Inteliate LTD, a company registered under the laws of UK (“Inteliate”), the company signing up to the Partner portal (each, a “Party”, and collectively, the “Parties”). Whereas, each Party may disclose certain confidential information to the other in order to facilitate discussions for evaluating a potential business or other collaboration between the Parties (the “Purpose”).NOW, THEREFORE, the Parties hereby agree as follows:
Confidential Information.
For the purposes of this Agreement, “Confidential Information” shall mean any information and data of a proprietary and/or confidential nature, whether in oral, written, electronic or other form relating to a Party's business, technology, materials and/or products disclosed and/or made available by one Party (“Disclosing Party”) to the other Party (“Receiving Party”) or otherwise acquired pursuant to this Agreement and/or the discussions in connection with the Purpose (whether prior to the execution hereof or thereafter). Confidential Information will be deemed to include, without limitation, (a) trade secrets, patents and patent applications, ideas, improvements and inventions (whether patentable or not) and other works of authorship, chemical compounds and compositions, formulations, molecules, cells, tissues, methods, techniques, know-how, research, clinical information and protocols, regulatory information, information of third parties, marketing, sales, pricing, forecasts, proposals, customer lists, suppliers, consulting relationships, operating and all record bearing media containing or disclosing the same; and (b) the terms of this Agreement, the fact that discussions or negotiations are or may be taking place with respect to the Purpose, and the proposed terms of any transaction between the Parties. Notwithstanding the foregoing, certain details regarding this Agreement, the Parties hereto and the nature hereof may be disclosed by either Party if and to the extent required in the fulfillment of any reporting requirements to competent authorities under applicable security laws and/or by any applicable securities exchange.
Confidentiality and Non-Use.
Receiving Party shall maintain the Confidential Information in strict confidence, using the same degree of care and confidentiality as such Party maintains with respect to its own confidential information, but no less than a reasonable degree of care. The Confidential Information may be used by Receiving Party solely for the Purpose and for no other Purpose and shall not be made available in any way or form by Receiving Party to any third party without the prior written consent of Disclosing Party, except that, Receiving Party may disclose Confidential Information of Disclosing Party to those of its employees, officers, advisors and/or service providers on a “need to know” basis for the Purpose, provided that such persons are bound by written confidentiality obligations similar to those contained herein and are advised of the confidential nature of such information. Without derogating from the generality of the above, in no event shall Receiving Party, directly or indirectly, reverse engineer, de-compile or disassemble, Confidential Information, or allow any of the above.
Notification of Misuse.
Receiving Party shall (a) promptly notify Disclosing Party in writing of the details and circumstances of any unauthorized disclosure, misuse or misappropriation of Confidential Information of Disclosing Party which may come to its attention; (b) take all reasonable steps to rectify or cure such misuse or misappropriation and/or retrieve any such disclosed Confidential Information; and (c) provide reasonable assistance to and cooperate with Disclosing Party to cure the same and to prevent further misuse or disclosure of Confidential Information.
Exclusions.
The confidentiality obligations of this Agreement shall not apply to any information that Receiving Party can demonstrate (i) is or becomes generally available to the public, through no breach by Receiving Party of this Agreement; (ii) was lawfully in its possession or known by such Party prior to receipt from Disclosing Party, as evidenced by written records; (iii) was rightfully disclosed to such Party without restriction by a third party who is not bound by any confidentiality obligations with respect thereto; or (iv) is independently developed by Receiving Party without use of or reference to the Confidential Information of Disclosing Party, as evidenced by written records. Confidential Information shall not be deemed to be in the public domain merely because any part of the Confidential Information is embodied in general disclosure or because individual features, components or combination thereof are known or become known to the public. A disclosure by Receiving Party of Confidential Information in response to a valid order by a competent court or other competent governmental body, or as otherwise required by applicable law, and to such extent necessary, shall not be considered to be a breach of this Agreement, provided, however, that, to the extent possible, Receiving Party shall provide prompt prior written notice thereof to Disclosing Party to enable it to seek a protective order or otherwise prevent or contest such disclosure.
Term.
This Agreement shall become effective on the Effective Date and shall remain in effect for a period of 1 (one) year thereafter. Notwithstanding the foregoing, the confidentiality and non-use obligations of Receiving Party contained herein shall survive the termination or expiration of this Agreement for any reason for a period of 7 (seven) years thereafter.
Return of Confidential Information.
Upon the termination or expiry of this Agreement or, if earlier, upon the written request by Disclosing Party at any time, Receiving Party will cease any use of the Confidential Information of Disclosing Party and shall promptly (within 14 (fourteen) days) return or destroy (at the direction of Disclosing Party) all Confidential Information to Disclosing Party and all documents or media containing any such Confidential Information, retaining only one copy for archival purposes only. Notwithstanding the foregoing, it is agreed that Receiving Party shall not be required to destroy any computer files created during automatic system back up which are subsequently stored securely by Receiving Party.
Mutual Disclaimers;
No Proprietary Rights. It is understood and agreed that Confidential Information is provided “AS IS”. No warranties, express or implied, of any kind are given by Disclosing Party with respect to Confidential Information provided hereunder. In no event shall Disclosing Party be liable for any use by Receiving Party or disclosure of Confidential Information or for any loss, claim, damage or liability which may arise from or in connection with this Agreement or the use, handling or storage of Confidential Information provided hereunder. Receiving party shall be entitled to rely solely on representations and warranties made in a definitive agreement, if any entered into by the Parties. All Confidential Information of Disclosing Party shall remain the sole property of Disclosing Party, and no patent, copyright, trademark or other proprietary or other right or license is granted by this Agreement. Receiving Party further understands that nothing herein requires the disclosure of any Confidential Information, which shall be disclosed, if at all, solely at the option of Disclosing Party. Furthermore, nothing herein shall be construed as an obligation of either Party to enter into any future agreement with the other Party.
Injunctive and Other Relief.
Since a breach by Receiving Party of any of the undertakings or agreements contained herein may result in irreparable damage to Disclosing Party for which there may be no adequate remedy at law, Disclosing Party shall be entitled to injunctive relief, without proof of actual damages, and any such other relief as may be proper (including monetary damages if appropriate). Nothing in this Agreement shall be construed as derogating from any right or remedy that Disclosing Party may be entitled to under applicable law. Notwithstanding anything to the contrary contained in this Agreement, Disclosing Party may seek injunctive relief in any court of competent jurisdiction.
Miscellaneous.
This Agreement represents the entire understanding and agreement between the Parties in respect of the subject matter hereof and supersedes all prior communications, agreements and understandings relating to the subject matter hereof. No modification or amendment of this Agreement will be valid unless executed in writing by both Parties. The observance of any term hereof may be waived (either prospectively or retroactively and either generally or in a particular instance) only with the written consent of the Party against whom such waiver is sought and to such extent set forth therein; no failure or delay in enforcing any right will be deemed a waiver. Nothing herein shall be deemed to create any principal agent, employee-employer, joint venture or other business relationship between the Parties. This Agreement and/or the rights or obligations hereunder, may not be assigned by either Party to any third party without the prior written consent of the other Party, which consent will not be unreasonably withheld. This Agreement shall bind upon and inure to the benefit of the Parties and their successors and permitted assigns. In the event that any of the provisions of this Agreement shall be held by a court of competent jurisdiction to be illegal, invalid or unenforceable, such provisions shall be limited or eliminated to the minimum extent necessary so that this Agreement shall otherwise remain in full force and effect. The laws of the State of Israel shall exclusively govern this Agreement, and the Parties hereby submit to the exclusive jurisdiction of the competent courts located in Tel Aviv-Jaffa, Israel in any matter arising out of or relating to this Agreement. This Agreement may be executed in counterparts (including via facsimile or electronic mail in pdf format), each of which shall be deemed an original, but both of which together shall constitute one and the same instrument.
Privacy Notice & GDPR Information
Last updated: 2 November 2025
Company: InteliATELtd (Company No. 15514345)
Registered office: London, United Kingdom
Postal contact: 35 Cedars Close, Hendon, London, UK
Privacy contact: contact@InteliATE.com (use subject line: Privacy)
InteliATE builds and installs software on‑premises. We do not host, see, or process client personal data as part of our product or delivery model. This notice explains what (little) data we handle for our own website and customer portal, and your rights under UK GDPR and (where relevant) EU GDPR.
1) Scope
This policy covers:
-
Public website at InteliATE.com (no forms, no analytics, no tracking).
-
Customer portal (password‑protected, used for updates/support coordination; strictly necessary cookies only).
-
Direct communications you choose to send us (e.g., email to contact@InteliATE.com).
It does not cover your own on‑prem environments. For client deployments, you are the data controller of any personal data in your systems; InteliATE does not act as your processor because we design our service so we do not access that data.
2) Key points (TL;DR)
-
No customer data: We never access or process client personal data in production.
-
No tracking: We don’t run Google Analytics, advertising pixels, or third‑party trackers.
-
Cookies: None on the public site; the portal sets only strictly necessary session/auth cookies.
-
Website logs: Minimal security logs (e.g., IP addresses) with short retention.
-
Legal bases: Legitimate interests and (when you email us to request something) contract necessity.
-
ICO: Registered with the UK Information Commissioner’s Office (registration number to be published once issued).
-
ISO 27001: We are preparing for ISO 27001 certification; controls are in place accordingly.
-
Global audience: We honour UK/EU data rights where applicable.
3) How we operate: on‑prem by design
-
We install and support our software on your infrastructure.
-
We do not require copies, extracts, or remote access to any personal data in your systems.
-
Support is delivered using test/synthetic/redacted data and standard operational logs under your control.
-
If a unique situation would ever require access to personal data, we will refuse or—subject to your decision—execute a specific Data Processing Agreement (DPA). Our default stance is no access.
4) Data we handle about you
4.1 Public website
-
We don’t collect personal data via the site (no contact forms, no sign‑ups, no analytics).
-
Security logs: Our web server may record IP address, user‑agent, URL, timestamp, and response codes solely for security and troubleshooting.
-
Retention: typically 30 days, then deletion/rotation unless required for security investigations.
-
Note: IP addresses can be personal data under GDPR. We keep logs minimal and short‑lived.
4.2 Customer portal (password‑protected)
-
Used only to coordinate updates/support and share operational notes.
-
No “secret” or sensitive personal data is collected.
-
Access uses credentials issued by InteliATEor your organisation.
-
We may process pseudonymous account identifiers and strictly necessary technical data (session tokens, access timestamps) to operate the portal.
-
Cookies: strictly necessary session/auth cookies only (no analytics/advertising).
-
Retention: session cookies expire automatically; access logs retained 90 days for security.
-
4.3 Direct communications
-
If you email us (e.g., contact@InteliATE.com), we will process the contents of your message and your email address to respond.
-
Retention: up to 24 months after the matter closes, unless legal retention requires longer.
-
We do not sell, rent, or share your data for marketing. We do not profile or make automated decisions.
5) Legal bases (UK GDPR / EU GDPR)
-
Legitimate interests (Art. 6(1)(f)):
-
Running a secure website and portal (security logging, access control).
-
Handling ordinary business communications you initiate.
-
-
Contract necessity (Art. 6(1)(b)):
-
Where you ask us to do something pre‑contract or under a contract (e.g., respond to a support request you send via email).
-
We do not rely on consent because we don’t run optional analytics or marketing cookies.
6) Cookies
-
Public site: No cookies.
-
Portal: Strictly necessary session/auth cookies only. These are essential for login and cannot be disabled without breaking the portal. No analytics or advertising cookies, so no cookie banner is required.
7) Sharing and transfers
-
We do not share your data with third parties except:
-
Service providers we use for core operations (e.g., hosting/email), under confidentiality and data protection terms.
-
Legal or security disclosures when required by law or to investigate abuse.
-
-
International transfers: Where a provider processes data outside the UK/EEA, we use appropriate safeguards (e.g., UK IDTA/EU SCCs) or equivalent legal mechanisms. Given our minimal processing, such transfers are limited.
8) Security
We apply risk‑appropriate technical and organisational measures aligned with ISO 27001 practices, including: least‑privilege access, MFA for admin systems, encryption in transit, hardening and patching, logging/monitoring, change control, and supplier due diligence. We are preparing for ISO 27001 certification and maintain documentation accordingly.
If we become aware of a personal data breach involving our own systems (e.g., email mailbox), we will assess and notify the ICO and affected individuals when required by law.
9) Retention
-
Website security logs: ~30 days.
-
Portal access logs: ~90 days.
-
Business correspondence: up to 24 months after closure.
-
Longer retention may apply if needed to establish or defend legal claims or meet legal obligations.
-
When retention ends, we delete or irreversibly anonymise.
10) Your rights
Where UK/EU GDPR applies to our limited processing, you may have the right to access, rectify, erase, restrict, object, and port your personal data. You can also complain to your local authority and, in the UK, to the ICO.
-
Contact us: contact@InteliATE.com (subject: Privacy)
-
UK ICO: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (ico.org.uk)
We respond within one month (extendable by two months for complex requests). Because we deliberately avoid processing personal data, we may explain that we hold no data about you beyond technical logs or correspondence.
11) Children
Our website, portal, and services are for business use only and not directed at children.
12) Controllers, representatives, and ICO
-
Controller: InteliATELtd (Company No. 15514345), London, United Kingdom.
-
ICO: We are registered; registration number will be published here once issued.
-
EU representative: Based on our current model (no regular EU personal‑data processing beyond occasional business correspondence), we believe the Article 27 EU representative requirement does not apply. If this changes, we will appoint a representative and update this notice.
13) Changes to this notice
We will post any updates here and adjust the “Last updated” date.
Contact
InteliATE Ltd
35 Cedars Close, Hendon, London, UK
Email: contact@InteliATE.com (use subject: Privacy)
