EX-10.3 4 dex103.htm SERVICE LEVEL AGREEMENT Service Level Agreement

Exhibit 10.3

 

THIS AGREEMENT DATED 15 JULY 2004

 

PARTIES

 

1    Tesco    TESCO IRELAND LIMITED a company registered in Ireland (no. 19542) whose registered office is at Gresham House, Marine Road, Dun Laoghaire, Co. Dublin, Ireland; and
2    eDiets    eDIETS.COM, INC., a company registered in Delaware whose principal place of business is at 3801 W. Hillboro Blvd, Deerfield Beach, Florida, USA.

 

RECITALS

 

A. Tesco and eDiets (or members of their respective Group) have entered into agreements, including a Business Transfer Agreement and a Technology Licence Agreement (each as hereinafter defined), to enable Tesco to enter into the business of utilising eDiets’ content and technology.

 

B. Tesco is desirous of having eDiets provide services for providing and maintaining a website for performing the activities in accordance with the Business (as hereinafter defined).

 

C. eDiets is desirous of performing services for supporting such website.

 

OPERATIVE PROVISIONS

 

1 Definitions and interpretation

 

1.1 In this agreement and the recitals, where the context so admits, the following definitions apply:

 

AlertSite    a third party software tool used to measure availability of websites and/or servers (or such replacement measurement tool as agreed between the parties from time to time);
Available    the availability of the Tesco Production Infrastructure (and “Availability” shall have a corresponding meaning and “non-Availability” shall be construed accordingly);

 

1

Business    the business of delivering personalized weight loss and diet related fitness services in any online (including, but not limited to, Internet, 3G, WAP, SMS, fax and phone) or offline medium purposely directed to customers residing in the Territory and for the avoidance of doubt shall include the fitness service as incorporated in the eDiets Service, but shall not include any standalone online personalised fitness service or the services as currently offered at http://www.eFitness.ie;
Business Transfer Agreement    the agreement between eDiets Europe Limited (a subsidiary of eDiets), Tesco, eDiets and Unislim Limited of even date transferring certain assets and employees of eDiets Europe Limited to Tesco;
Change Control Procedure    the procedure for agreeing to major changes to the Services provided by eDiets set out in schedule 2;
Control    the power to direct the affairs of a company, whether by ownership of shares, management influence or otherwise;
Customers    users of the Tesco Diet Service;
eDiets Service    the personalised weight loss and diet related fitness business carried out by eDiets;
Effective Date    the date of Completion of the Business Transfer Agreement (as defined in that agreement);
Group    in respect of a party, that party and any company which is a Subsidiary Company (as defined in the Technology Licence Agreement) or a Holding Company (as defined in the Technology Licence Agreement) of that party or any company which is a Subsidiary Company of any Holding Company;

 

2

Implementation Services Procedure    the procedure by which Improvements made to the eDiets Service are evaluated and implemented on the Tesco Production Infrastructure and Tesco Application System (as applicable) as set out in schedule 4;
Improvements    shall have the meaning set out in the Technology Licence Agreement;
Intellectual Property Rights    all copyright and rights in the nature of copyright, database rights, patents, design rights, trade marks, applications and rights to apply for any of the above, moral rights, know-how, inventions, confidential information and any other intellectual property rights, whether now known or in future subsisting in the United Kingdom, Ireland or any other part of the world;
Maintenance Window    00:01 am to 03:00 am (Greenwich Mean Time) every Friday;
Quarter    the four three month periods in the Year, the first such period beginning on the Effective Date and each subsequent such period beginning three months thereafter;
Royalties    the Royalties payable by Tesco to eDiets Europe Limited under the Technology Licence Agreement;
Security Policy    the Tesco security policy setting out Teco.com Limited’s third party IT security requirements set out in schedule 3;
Service Credits    the compensation calculated in accordance with clause 15 payable by eDiets to Tesco for failure to meet the Service Levels;
Service Levels    the minimum standards (to be no greater than eDiets then current standard as applied to the

 

3

     eDiets Service (unless such standard falls below the standards set out in schedule 1, in which case the higher standard in schedule 1 shall prevail)) to be achieved by eDiets in carrying out its obligations under this agreement as set out in schedule 1;
Services    all services provided by eDiets under this agreement (including the service relating directly to the management of the hardware (including network) and software components that comprise the Tesco Production Infrastructure and the services listed under the heading “Associated services” in schedule 1) and such other services as are agreed to be provided by eDiets to the Tesco Group under this agreement from time to time;
Technology    shall have the meaning set out in the Technology Licence Agreement;
Technology Licence Agreement    the agreement between eDiets Europe Limited, eDiets and Tesco of even date setting out arrangements for the licensing to Tesco of certain technology and content relating to the Business;
Term    shall have the meaning set out in clause 20.3;
Tesco Application System    all application code residing on the Tesco Production Infrastructure used to provide the Tesco Diet Service (including but not limited to Cold Fusion application code and custom tags, any code indirectly called as a result, SQL statements, HTML code, Javascript and Flash script) but excluding the software components of the Tesco Production Infrastructure;
Tesco Data    any data whether in electronic or paper form and whether provided by the Tesco Group or produced by eDiets as a result of the processing of data provided by Tesco;

 

4

Tesco Diet Service    all services provided by Tesco in connection with the Business (including the Tesco Diet Website);
Tesco Diet Team    the technical, nutrition, content, marketing and customer service team of the Tesco Group that is operating the Tesco Diet Service;
Tesco Diet Website(s)    the website(s) made available to public Internet users via the Tesco Production Infrastructure using the Tesco Application System;
Tesco Production Infrastructure    the hardware (including network) and software components managed and maintained by eDiets listed under the headings “Hardware and software components” and “Network components” in schedule 1;
Tesco Systems    any and all computer and telecommunications infrastructure (including hardware and software) owned, licensed or leased by or on behalf of Tesco excluding the Tesco Production Infrastructure and Tesco Application System;
Third Party Services    as defined in clause 5.2;
Year    a period of 12 months from the Effective Date or an anniversary thereof.

 

1.2 Save as otherwise provided herein, any references in this agreement to clauses or paragraphs are references to clauses and paragraphs of this agreement unless the context otherwise admits or so requires.

 

1.3 Words such as hereunder, hereof and herein and other words commencing with here shall, unless the context clearly indicates to the contrary, refer to the whole of this agreement and not to any particular clause hereof.

 

1.4 References to the singular shall include the plural and vice versa and reference to any gender shall include other genders.

 

1.5 The headings to the clauses in this agreement are for reference only and shall not affect the interpretation of this agreement.

 

5

1.6 This agreement may be executed in any number of counterparts and by the different parties hereto on separate counterparts, each of which when executed and delivered shall constitute an original, all such counterparts together constituting as one and the same instrument.

 

1.7 Amendments to or modifications of this agreement may be made only by mutual agreement of all parties in writing and shall be subject to whatever approvals or appropriate authorities as may be required by law.

 

1.8 A waiver by either party of any breach by any other party of any other terms, provisions or conditions of this agreement or the acquiescence of such party and any act (whether by commission or omission) which but for such acquiescence would be a breach as aforesaid shall not constitute a general waiver of such term, provision or condition or of any subsequent act contrary thereto.

 

1.9 This agreement shall not authorize any party, the legal representative, partner or agent of the other parties or any of them nor (save as expressly provided in this agreement) shall any party, or any successor of any party, have the right or authority to assume, create or incur any liability or obligation of any kind express or implied against or in the name of or on behalf of any other party.

 

1.10 Except as otherwise provided, this agreement, or the benefit hereof, may not be assigned or sublicensed by either party in whole or in part without the prior and mutual written consent of the other party (such consent not to be unreasonably withheld, delayed or conditioned) save that:

 

  1.10.1  either party may assign this agreement or the benefit of it, to any member of its Group;

 

  1.10.2  eDiets may assign this agreement outside of its Group as part of a sale of substantially all of the assets of eDiets, or its Group, or a change of Control or merger of eDiets, or its Group, provided always that such assignment is not permitted to Wal-Mart Stores, Inc. or a member of its Group.

 

1.11 This agreement and all rights and obligations hereunder shall for all purposes be treated and construed as being separate and apart from any other agreement or agreements or any rights or obligations thereunder save only insofar as the express provision requires to the contrary.

 

6

1.12 The parties hereto enter this agreement as principals for and on their own behalf.

 

1.13 This agreement represents the entire of the understanding of the parties concerning the subject matter hereof and overrides and supersedes all prior promises, representations (unless fraudulent), undertakings, understandings, arrangements, agreements, side letters or heads of agreement concerning the same which are hereby revoked by mutual consent of the parties.

 

1.14 This agreement shall become effective only upon the same being executed by or on behalf of all parties hereto.

 

1.15 References to “liability”, unless the context otherwise requires includes claims, demands, proceedings, damages, losses, costs and expenses.

 

1.16 Any reference to any statutory enactment includes all amendments, re-enactments and secondary legislation.

 

1.17 If the British Pound (£) shall be discontinued then the values stated herein shall be converted to Euros (€) or any such official currency of the United Kingdom using the conversion rate as posted in the London Financial Times (or similar periodical if discontinued) on the date just prior to discontinuation.

 

1.18 This agreement is wholly conditional upon and no rights or obligations shall arise for either party under this agreement until such time as the Business Transfer Agreement has been executed and Completion (as defined in that agreement) has taken place.

 

2 Performance of the Services by eDiets

 

2.1 eDiets shall provide the Services for the Term in accordance with the terms and conditions of this agreement from the Effective Date, in particular in accordance with the Service Levels. Tesco acknowledges that, in order to provide certain parts of the Services to Tesco, eDiets must put in place certain procedures or elements not in place within the eDiets Service prior to the Effective Date (these procedures and elements are set out in schedule 5). eDiets shall be excused from meeting the Service Levels to the extent that meeting the Service Levels requires those procedures or elements of the Service listed in Schedule 5 to be in place and provided that all such procedures or elements of the Service shall be put in place by eDiets within the time periods from the Effective Date set out in schedule 5. For the avoidance of doubt, the absence of these elements of the Service shall not excuse eDiets of its obligations under this agreement (in particular, in relation to Availability under clause 3.1).

 

7

2.2 eDiets will perform its obligations under this agreement with reasonable skill, care and diligence and in any event it shall use the skill, care and diligence that it applies to the eDiets Service and not any lower standard.

 

2.3 eDiets shall be responsible for obtaining and maintaining all licences, consents, approvals, permits and authorisations required to be obtained under any applicable law in connection with the performance of its obligations under this agreement at its own cost and expense.

 

3 Availability of the Tesco Diet Service

 

3.1 eDiets shall ensure that the Tesco Production Infrastructure is Available for 99.7% of the time in each calendar month during the Term (excluding Maintenance Windows). eDiets shall use AlertSite to measure Availability as follows: AlertSite will ping the Tesco Production Infrastructure and if a return ping is received by AlertSite indicating the Tesco Production Infrastructure is Available more than 99.7% of the time, the Available uptime goal under this clause 3.1 will have been achieved by eDiets. eDiets shall make best efforts to ensure that the Tesco Production Infrastructure is accessible by the Tesco Diet Team for an equivalent period of time to the Availability requirements under this clause 3.1.

 

3.2 It is expected that eDiets will need much less than the scheduled Maintenance Window. Should an emergency dictate a need for any period of non-Availability to the Tesco Production Infrastructure outside the Maintenance Window, or for a period of non-Availability exceeding 3 hours, eDiets will schedule each instance of such non-Availability at least 12 hours in advance of its commencement by agreement with a designated Tesco representative. Any period of non-Availability outside of the Maintenance Window shall be treated by eDiets as a ‘critical’ Issue (as defined in schedule 1). During any period of non-Availability of the Tesco Diet Website(s) eDiets shall re-direct all Customers to a holding page provided by Tesco.

 

3.4 To the extent that the following have occurred to the Tesco Production Infrastructure, they shall not be included in any calculation of non-Availability for the purposes of clause 3.1:

 

  3.4.1  loss of Availability due to external issues outside of eDiets’ reasonable control (for example, failure of the hosting provider or catastrophic Internet shutdown arising from country code (or similar) top level domain failure);

 

  3.4.2  if ordered by emergency services or any governmental authority;

 

  3.4.3  patching a change to the Tesco Production Infrastructure by or as instructed by Tesco;

 

8

  3.4.4  a fault in an application on the Tesco Application System if such fault can be reasonably traced to the Tesco System;

 

  3.4.5  an error caused by the administration of the Tesco Production Infrastructure, or the Tesco Application System, where that error has been caused by a member of the Tesco Diet Team;

 

  3.4.6  a fault in Tesco’s connection to the Internet;

 

  3.4.7  a failure as a result of excessive page view demand where eDiets has reasonably discharged its responsibilities under schedule 1;

 

  3.4.8  as a direct result of a withdrawal by Tesco of a change proposal as set out in paragraph 5.2 of schedule 2.

 

4 Description of Support Services and Service Levels

 

4.1 eDiets shall support the Tesco Production Infrastructure (by way of server and database pinging, 24/7 tech support, server capacity review, security patching and hardware and software installation as more particularly described in the schedules) in accordance with the Service Levels.

 

4.2 eDiets is not responsible for support or bug fixing of the Tesco Application System.

 

4.3 eDiets is responsible for the installation but not the configuration or administration of the Tesco Production Infrastructure upon which the Tesco Application Systems run.

 

4.4 eDiets shall not maintain and monitor the Tesco Application System. Furthermore, eDiets is not responsible for tuning the Tesco Application System (e.g. databases, application servers).

 

4.5 eDiets and Tesco shall estimate capacity for the Tesco Application System based on page view demand in accordance with schedule 1. Tesco shall implement any additional capacity to the Tesco Production Infrastructure in accordance with schedule 1.

 

4.6 If the Services cannot be provided in the manner contemplated herein, eDiets will notify Tesco and the procedures set out in schedule 1 shall apply. Contact information is set out in schedule 1 and shall be updated by the relevant party any time personnel or contact information changes.

 

4.7 eDiets shall at all times have such resource and expertise available – whether on site or on call – to ensure the uninterrupted Availability of the Tesco Production Infrastructure under clause 3.1.

 

9

5 Tesco Rights and Obligations

 

5.1 eDiets shall make the Tesco Production Infrastructure accessible to Tesco via a secure manner (as agreed between the parties from time to time) for the purpose of updating the Tesco Application System (including the Tesco Diet Website(s)) with the Availability set out in clause 3.1.

 

5.2 Tesco shall have the right to contract with any third party to:

 

  5.2.1  perform any service outside of the scope of, or in addition to, the Services, including systems operations and related services to augment or supplement the Services or to interface with Tesco Systems; however, any modification of any eDiets software shall be owned by eDiets and eDiets retains copyright in such modifications, and if ownership cannot be obtained, then Tesco shall obtain an irrevocable license to use such modification from eDiets (unless such modification is an Improvement under the Technology Licence Agreement, in which case the terms and conditions relating to ownership of Improvements shall apply); and/or

 

  5.2.2  to provide IT and/or business process outsourcing or administration services to Tesco in connection with the subject matter of this agreement;

 

(collectively, “Third Party Services”).

 

5.3 If Tesco contracts with any third party to perform Third Party Services, eDiets shall cooperate with Tesco and any such third party to the extent reasonably required by Tesco including by providing (subject to equivalent confidentiality as set out in clause 19) all reasonable assistance to Tesco and such third party. In relation to clause 5.2.2, eDiets agrees that the outsourcing service provider may exercise any of Tesco’s rights, or perform any of Tesco’s obligations, under this agreement as if the outsourcing provider were Tesco. Tesco shall pay eDiets’ reasonable and documented increased costs (at cost, and as pre-agreed with Tesco) for complying with its obligations under this clause 5.3.

 

5.4 All payments made by Tesco under this agreement shall be payable by Tesco under its standard payment procedures (i.e., within 30 days from the end of the month in which Tesco receives the invoice). In the event that Tesco fails to make a payment for services under this agreement, and that payment is not the subject of a bona fide dispute between the parties, eDiets may charge interest on the amount unpaid, at the rate of two percent per annum above Barclays Bank plc base rate from time to time until the payment in full is made.

 

10

5.5 eDiets acknowledges and agrees that Tesco may source hardware, software and services relating to the Tesco Production Infrastructure from any supplier of its choice and at its sole discretion, providedthat the hardware, software and services do not conflict with eDiets’ then-current hardware, software or services used for the eDiets Service.

 

6 Insurance

 

6.1 Without prejudice to the warranties and undertakings given by eDiets in this agreement, eDiets shall maintain in force (at its own expense) for the Term and for six years thereafter general liability insurance as related to eDiets responsibilities to maintain the web hosting (sometimes referred to cyber liability insurance) to cover loss of $1m.

 

6.2 The insurance policies referred to in clause 6.1 shall be with a reputable insurer and shall not include unreasonable excesses which are unusual for this type of insurance.

 

6.3 Within 14 calendar days of a request by Tesco, eDiets shall provide evidence of the insurances which it is obliged to maintain under clause 6.1.

 

6.4 eDiets shall be responsible for insuring any equipment which it brings onto any Tesco premises. Tesco shall have no responsibility for any loss of or damage to this equipment except for loss or damage caused by damage to Tesco premises or the negligent acts of Tesco.

 

7 Hosting of the eDiets Europe Limited websites on the Tesco Production Infrastructure

 

7.1 Subject to Security Policy, for the period beginning on the Effective Date and ending six months thereafter, Tesco grants eDiets (solely for the benefit of its Subsidiary Company eDiets Europe Limited) the following:

 

  7.1.1  the ability to host the eDiets Europe Limited websites on the Tesco Production Infrastructure; and

 

  7.1.2  the right to access the Tesco Production Infrastructure for the purposes of administering and maintaining the eDiets Europe Limited websites.

 

8 Reports; Data

 

8.1

eDiets, at its sole cost, in fulfilment of all monitoring requirements, shall use AlertSite to measure and report on eDiet’s performance under this agreement. eDiets shall provide

 

11

 

Tesco with a log in facility to AlertSite via a dedicated web page. Reports will be available to Tesco daily by Tesco logging into the AlertSite web page. Tesco shall retain all necessary AlertSite data (“AlertSite Data”) to produce monthly rollups reports to measure eDiets compliance against the Availability metrics stated in clause 3.1. The historical availability of the AlertSite Data is subject to the operation procedures of AlertSite and Tesco will have the responsibility for retrieving and archiving such data should it require functionality beyond that provided by AlertSite.

 

8.2 All data and information (including Tesco Data) submitted to eDiets by the Tesco Group in connection with the Services and all data developed, generated and processed by eDiets on behalf of the Tesco Group in performance of its obligations under this agreement or the Technology Licence Agreement is and shall remain the exclusive property of Tesco (or its licensors, as the case may be). Tesco Data shall not be used by eDiets other than in connection with providing the Services and may not be sold, leased or otherwise provided to third parties or in any way commercially exploited by or on behalf of eDiets, its employees or agents or by any third party save with Tesco’s prior express written agreement.

 

9 Change Control Procedure

 

9.1 eDiets and Tesco will use the Change Control Procedure to agree any proposed major changes to the Services at least 10 working days before their application (including changes to the procedures referred to in clause 2.1).

 

9.2 eDiets will conduct tests of the security and integrity of the changes to the Tesco Production Infrastructure under clause 2.1. The nature and benchmarks for such tests shall be mutually agreed as part of the Change Control Procedure before each change.

 

10 Co-operation; Benchmarking; Service Improvements

 

10.1

Where eDiets becomes aware of system security vulnerabilities, e.g. Microsoft Critical Alerts, in relation to the Tesco Production Infrastructure, it shall advise Tesco of available updates/patches at the earliest opportunity (and in any event within 24 hours of the alert) and seek Tesco’s approval to apply the updates/patches. If Tesco is unavailable to approve the update/patch following eDiets’ best endeavours to contact Tesco using the contact information provided from time to time and if, in eDiets’ opinion, the Tesco Diet Service is exposed to an attack that threatens to materially adversely affect the Tesco Production Infrastructure or the Tesco Diet Service, eDiets may apply an update/patch or disconnect the Tesco Diet Service from the Internet (and any disconnection under this clause 10.1 shall be deemed a critical level support issue, “critical” having the meaning set out in schedule

 

12

 

1). Provided eDiets uses its best endeavours to contact Tesco, eDiets will have no liability to Tesco for non-Availability as a result of taking such action without the consent of Tesco and any non-Availability as a direct result of such action will not be used to calculate the Availability of the service under clause 3.1.

 

10.2 eDiets shall not be permitted to make any changes or modifications to the Tesco Production Infrastructure that would adversely alter the functionality, degrade performance or materially affect the Tesco Diet Service (including the Tesco Diet Website(s)) or the day to day operation of Tesco’s business (including the Business). In addition, eDiets shall be responsible, at no charge to Tesco, for any alteration or substitution of Tesco Application System or Tesco Production Infrastructure necessitated by unauthorised alterations.

 

10.3 Access by eDiets to the Tesco System is only permitted to the extent necessary for the performance of the Services and is subject to eDiets complying with Tesco’s physical and electronic security procedures (including the Security Policy) and other relevant Tesco practices and guidelines relating to the use of computer systems as notified to eDiets by Tesco from time to time.

 

10.4 As part of the Services, eDiets shall identify ways to improve delivery of the Services and the Service Levels, including applying proven techniques and tools from which Tesco would benefit either operationally or financially. eDiets will inform Tesco (via the Steering Committee under the Technology Licence Agreement) (either in writing or by way of meeting followed by a written attendance note) of eDiets’ planning activities as they relate to the eDiets Service. If Tesco requests, any such improvements (which shall be deemed to be Improvements) shall be implemented in accordance with schedule 4. (For the avoidance of doubt, eDiets is under no obligation to implement such Improvements as part of the eDiets Service for itself.) The parties agree that Tesco may benchmark the provision of the Services on an annual basis provided such benchmarking does not mandate eDiets to provide a higher level of service than the then current eDiets Service and the performance of eDiets’ obligations under this agreement.

 

11 Warranties and Undertakings

 

11.1 eDiets warrants and undertakes to Tesco that:

 

  11.1.1  it has the necessary right and authority to enter into this agreement and its entering into this agreement is not a breach of any agreements with third parties;

 

  11.1.2

 the provision of the Services by eDiets does not (and shall not) infringe any

 

13

 

third party Intellectual Property Rights or breach any applicable laws;

 

  11.1.3  the Services received by Tesco under this agreement are the only services required by Tesco to operate the Technology as operated by the eDiets Group on the date of this agreement (and to continue to operate the Technology as operated by the eDiets Group throughout the Term);

 

  11.1.4  the Services shall be regularly updated and improved (by way of Improvements, benchmarking (as contemplated by clause 10, or otherwise) to ensure that the Services provided to Tesco under this agreement are the same or better than services provided to eDiets (either by itself or third parties) in relation to the Technology;

 

  11.1.5  the Improvement Implementation Services shall be delivered using the Improvement Implementation Services Procedure outlined in schedule 4;

 

  11.1.6  the Services shall only be provided using appropriately qualified and skilled personnel;

 

  11.1.7  in providing the Services, eDiets will not interfere with the business of the Tesco Group;

 

  11.1.8  the Services shall be (and at all times during the Term remain) free from defects or errors in material or workmanship and eDiets shall repair or replace any such defects or errors in accordance with the Service Levels at no cost to Tesco.

 

11.2 Tesco warrants it has the necessary right and authority to enter into agreement and its entering into this agreement is not a breach of any agreements with third parties.

 

12 Indemnity

 

12.1 eDiets shall indemnify Tesco against all reasonable costs and expenses (including legal costs and disbursements) which the Tesco Group incurs as a result of any claim that the Services infringe any Intellectual Property Rights of a third party or any applicable laws.

 

12.2 Tesco shall notify eDiets promptly in writing of any claim under clause 12.1 of which it is aware.

 

12.3 eDiets shall not use Tesco’s name in any action or claim without Tesco’s prior written consent. However, if Tesco must be named as a party to provide standing for any action, it agrees to be named as a party.

 

14

12.4 If the Services (or any part of them), are held to constitute an infringement, eDiets may at its option and expense:

 

  12.4.1  procure for the Tesco Group the right to continue using the Services;

 

  12.4.2  modify the Services so that they are non-infringing without materially detracting from their overall performance; or

 

  12.4.3  replace the infringing Services with other non-infringing services having a capability materially equivalent to the infringing Services.

 

12.5 eDiets shall indemnify Tesco against all claims, demands, actions, costs and expenses (including legal costs and disbursements) which the Tesco Group incurs as a result of any loss of use except any loss arising in accordance with clause 3.4 or agreed normal maintenance, during and/or following modification or replacement of the Services under clause 12.4.

 

13 Limitation of Liability

 

13.1 The aggregate liability of each party any one Year under or in connection with this agreement whether arising from contract, negligence or otherwise, shall be limited in the first Year to £300,000 and in subsequent Years to 125% of the Royalty payments made under the Technology Licence Agreement in the previous Year for each Year thereafter. Any sums paid by a party under the Technology Licence Agreement by reference to a breach by that party of the Technology Licence Agreement shall reduce the figures referred to in this clause 13.1 on a £ for £ basis.

 

13.2 Neither party shall be liable for any indirect or consequential loss. The following losses shall not be treated as indirect or consequential losses under this clause 13.2:

 

  13.2.1  Tesco’s reasonable and documented costs of internal staff (including associated expenses reasonably incurred by such staff) necessitated as a direct result of eDiets’ negligence or default (including, but not limited to, costs of staff providing or re-providing that which should have been provided under this agreement by eDiets);

 

  13.2.2  the costs of taking emergency measures, including changing over to other hosting suppliers.

 

13.3 The exclusions and limitations of liability set out in clause 13 do not apply to:

 

  13.3.1  liability arising from death or injury to persons caused by negligence;

 

15

  13.3.2  eDiet’s liability under clause 12;

 

  13.3.3  either party’s liability arising as a result of fraud;

 

  13.3.4  any liability which cannot by law be limited or excluded.

 

14 Exclusions

 

14.1 The parties agree that eDiets will not be liable to Tesco for any failure to provide the Services where such failure arises from the following:

 

  14.1.1  failure of Tesco or its agent to install virus-checking software on Tesco’s equipment;

 

  14.1.2  the failure of Tesco to keep virus checking software up to date;

 

  14.1.3  Tesco’s material failure to provide eDiets with access to Tesco’s technical staff;

 

  14.1.4  any willful action on a production or test system taken by Tesco staff that causes a failure.

 

15 Service Credits

 

In the event of the non-Availability of the Tesco Production Infrastructure for reasons other than (a) Force Majeure, (b) reasons excluded under this agreement for scheduled and agreed periods of non-Availability or (c) by the default or action of Tesco against the express instructions of eDiets, eDiets shall pay compensation (or procure the payment of compensation from another member of its Group) to Tesco of an amount equal to one percent (1%) of any Royalties payable by Tesco to eDiets Europe Limited during the month for each 0.1% (or part thereof) of any Quarter of non-Availability during which the Tesco Production Infrastructure suffers non-Availability.

 

16 Tesco Responsibilities

 

16.1 Tesco shall not post, transmit, retransmit or store material on or through the Tesco Production Infrastructure that: (i) is in violation of any applicable local, state, federal law, regulation, treaty or tariff; or (ii) violates the rights of any person, including rights protected by copyright, trade secret, patent or other intellectual property or similar laws or regulations, including, but not limited to, the installation or distribution of pirated or other software products that are not appropriately licensed for use by Tesco.

 

16

16.2 Tesco shall:

 

  16.2.1  generate all new website application code and database changes in relation to the Tesco Application System including all development required to localise and integrate any Improvements so that they fit with the application and database structure maintained by Tesco;

 

  16.2.2  use reasonable endeavours to ensure the correct functioning of all website application code (including but not limited to Cold Fusion application code and custom tags, any code indirectly called as a result, SQL statements, HTML code, Javascript and Flash script) and the publishing of all web content;

 

  16.2.3  be responsible for the configuration and administration of the application software installed on the Tesco Production Infrastructure by Tesco and all generated log files.;

 

  15.2.4  be responsible for monitoring the application software, application services (ColdFusion, IIS, SQL Server) to ensure the Tesco Diet Service is available;

 

  15.2.5  be responsible for understanding the capacity needs, including but not limited to bandwidth, database scaling, and web server scaling to run the Tesco Diet Service. Scaling the components is subject to the terms in schedule 1;

 

  15.2.6  be responsible for the timely purchase and installation of all SSL certificates required by the web servers;

 

16.3 Tesco is responsible for testing, publishing and monitoring the Tesco Application System, but both parties shall agree in good faith a mutually acceptable method of:

 

  16.3.1  testing such the Tesco Application System code and content so as to minimise any potentially negative effect on the Tesco Production Infrastructure and Tesco Systems; and

 

  16.3.2  publishing the Tesco Application System code and content to the Tesco Application Infrastructure;

 

  16.3.3  monitoring the Tesco Application System using industry standard tools and methodologies including, but not limited to, ‘ping’ monitoring.

 

16.4 Any method agreed shall include responsibilities for monitoring the effect of SQL statements to ensure they do not overload the Tesco Production Infrastructure database server.

 

17

16.5 In the event of a loss of the Tesco Diet Service to Customers, where Alert Site is not reporting an error and upon reasonable request by eDiets, Tesco shall verify that the code base of the Tesco Application System is not the source of the problem before requesting further support of such loss of service from eDiets.

 

17 Data Protection

 

17.1 Each party agrees that it will comply with data protection laws and regulations that apply to the performance of its obligations under this agreement. eDiets agrees that it will only process any personal data (including any which forms part of the Tesco Data) as a result of, or in connection with, the provision of the Services to Tesco strictly in accordance with Tesco’s instructions and/or all applicable data protection laws and regulations and not otherwise. eDiets will take reasonable, appropriate technical and organisational measures against accidental or unauthorised destruction, loss, alteration or disclosure of any personal data and adequate security programs and procedures to ensure that unauthorised persons will not have access to any equipment used to process personal data as part of the Services.

 

18 Backup; Step In Rights

 

18.1 eDiets shall, using standard industry practice, regularly back-up all data stored on behalf of Tesco as part of the provision of the Services in a manner similar to the standard of recovery and maintenance of the currently existing eDiets Service.

 

18.2 Tesco may itself provide or may employ a third party to provide the Services or any part of the Services:

 

  18.2.1  if Force Majeure (as defined in clause 21.1) prevents eDiets from providing part or all of the Services in accordance with this agreement in any material respect for more than two days (and eDiets shall treat any Force Majeure as a ‘critical’ support issue); or

 

  18.2.2  if eDiets fails to provide all or part of the Services in accordance with this agreement in any material respect and eDiets does not remedy the failure within the time period applicable for resolution of ‘critical’ or ‘non-critical’ issues under schedule 1.

 

18.3 Tesco’s reasonable costs in providing or procuring the provision of the Services under clause 18.2 may, at Tesco’s option, be deducted from any sums due to eDiets or shall be recoverable by Tesco from eDiets as a debt.

 

18

18.4 eDiets shall co-operate with Tesco and third party supplier engaged by Tesco under clause 18.2. So that Tesco and any third party supplier can provided the Services or any part of the Services, eDiets shall make available to Tesco and the third party supplier all relevant materials, including (without limitation) documentation, information, premises, data, employees, agents and sub-contractors, software, hardware and other assets previously used by eDiets to provide the Services.

 

18.5 To the extent which the Services are being provided by Tesco or a third party supplier under clause 18.2, eDiets is relieved of its obligations to provide the Services. eDiets will not be liable for the acts or omissions of Tesco or the third party supplier in providing the Services.

 

18.6 Tesco may require eDiets to resume delivery of the Services once Tesco is satisfied on reasonable grounds that eDiets will be able to resume delivery of the Services in accordance with this agreement.

 

19 Confidential Treatment of Information

 

19.1 For the purposes of this agreement, “Confidential Information” shall include all information of whatever nature which has been or is disclosed to the other party or to which either party has been given access, whether in oral, written, graphic, photographic, digital, binary, electronic or paper or in any other form whatsoever, howsoever stored.

 

19.2 The provisions of clause 19.1 do not apply to:

 

  19.2.1  Confidential Information which at the time of disclosure is within the public domain;

 

  19.2.2  Confidential Information which after such disclosure comes into the public domain (other than by reason of a breach of any of the undertakings in clause 19.3 below); or

 

  19.2.3  Confidential Information which was lawfully in the possession of the party prior to its being furnished by or on behalf of the other party provided that such information was not bound by a confidentiality agreement or other obligation of secrecy in respect thereof as demonstrated by the party’s ordinary business records.

 

19

19.3 In consideration of Confidential Information being made available under this agreement, each party will procure that:

 

  19.3.1  use of the Confidential Information will only occur for purposes relating to this agreement only;

 

  19.3.2  each party will treat and safeguard as private and confidential all the Confidential Information received at any time. This clause 19 shall remain in force after expiration or termination of this agreement;

 

  19.3.3  either party shall not at any time without the prior written consent of the other party disclose or reveal the Confidential Information to any other person or party whatsoever, other than the officers, employees, advisors and agents or authorised third parties who are required in the course of their duties to receive and consider the same and who shall be required to observe the same restrictions on the use and disclosure of the Confidential Information as are contained in this confidentiality clause.

 

19.4 Each party shall make known without delay to the other party any improper disclosure on the part of an employee or customer or any other person, which may come to that party’s knowledge.

 

19.5 It shall not be considered a breach of this agreement if disclosure is made in response to a formal request by a court or governmental agency, after notice to the other party, sufficient to oppose such formal request.

 

20 Default; Term and Termination

 

20.1 Within five (5) days after receipt of a notice from Tesco in respect of eDiet’s material failure to provide the Services or eDiet’s repeated failure to provide elements of the Services in accordance with the Service Levels, eDiets shall:

 

  20.1.1  perform a root-cause analysis to identify the cause of such failure;

 

  20.1.2  provide Tesco with a written report detailing the cause of, and the procedure for correcting, such failure;

 

  20.1.3  correct such failure; and

 

  20.1.4  provide Tesco with reasonable assurance and documented evidence that such failure shall not reoccur.

 

20.2 Any notice given by Tesco under clause 20.1 shall be without prejudice to Tesco’s termination rights under this agreement.

 

20

20.3 Subject to the provisions of clause 20.4 below, this agreement shall remain in force (a) until termination or expiration of the Technology Licence Agreement or (b) for 15 years from the Effective Date and thereafter be renewable for successive one year terms upon notice by Tesco, whichever shall first occur.

 

20.4 Without prejudice to any other sub-clause in this clause 20, Tesco may, at any time during the Term, give eDiets three months notice to terminate this agreement and move the Tesco Production Infrastructure to a hosting facility of Tesco’s choice. If Tesco terminates this agreement under this clause 20.4 the provisions relating to Transition Assistance below shall apply.

 

20.5 eDiets or Tesco shall be entitled by notice in writing to the other, but without prejudice to any other rights or remedies of either party in respect of any matter or event which shall have arisen or taken place prior to such notice, to terminate this agreement:

 

  20.5.1  by reason of a material breach, default, non-performance or non-observance by the other party of any provisions, terms or obligations herein and on the other party’s part to be performed and observed, which the terminating party has required the other party by notice in writing to remedy (such notice specifying the relevant terms, provisions, or obligations and stating the intention of the terminating party to terminate under clause 20.5.1) and the other party has not within thirty (30) days of such notice remedied (whether such breach is capable of remedy or not);

 

  20.5.2  if the either party becomes insolvent, unable to pay its debts as they fall due within the meaning of Section 123 of the Insolvency Act 1986 or makes any arrangement or composition with its creditors or passes a resolution or any court shall make any order that a party shall be wound up (save and excepting only a member’s winding up for the purposes of reconstruction or amalgamation to which Tesco has approved in writing) or if a receiver, administrator or similar officer is appointed over the whole or any part of a party’s assets, or if circumstances shall arise which entitle a court or a creditor to appoint a receiver, administrator or similar officer or to make a winding up order or a party suffers or undergoes any analogous process to the above under any national laws applicable to it.

 

20.6

Tesco shall be entitled by notice in writing to eDiets, but without prejudice to any other rights or remedies of Tesco in respect of any matter or event which shall have arisen or taken place prior to such notice, to terminate this agreement if eDiets (a) materially breaches the Service Levels, and/or, (b) persistently breaches the Service Levels (for the

 

21

 

purpose of this agreement, a persistent breach of the Service Levels shall be three non-material breaches of the Service Levels in any Quarter).

 

20.7 Tesco shall be entitled by notice in writing to eDiets to terminate this agreement upon a change of Control of eDiets or eDiets.com (unless such change of Control is solely the result of a bona fide intra-Group reorganisation).

 

20.8 On termination of this agreement for any reason:

 

  20.8.1  eDiets shall return all Tesco Data in such format and on such media as requested by Tesco and then delete (so that no undelete is possible, including the overwrite of any back-up media) all Tesco Data held by eDiets; and

 

  20.8.2  eDiets shall not obstruct Tesco should they move the Tesco Production Infrastructure to a new facility, and shall provide all information and assistance necessary to ensure the smooth transition of services and functions included in the Tesco Production Infrastructure;

 

(collectively, “Transition Assistance”).

 

20.9 Tesco may require that Transition Assistance commence upon eDiet’s receipt of a notice to terminate the agreement and continue through to the effective date of the termination and for a period of up to three (3) months following the date of termination, unless otherwise agreed by both parties. Charges for Services provided after termination of this agreement will be at eDiets reasonable and documented actual cost (calculated on the basis of third party invoices or the actual cost to eDiets of its own personnel). Tesco will have the option to purchase from eDiets, at fair market value (taking into account wear and tear), any equipment or material primarily used by eDiets to provide Services under this agreement.

 

21 General Provisions

 

21.1

Force Majeure. Neither party shall be responsible or liable for any failure or delay or consequence thereof in the performance of any of its obligations in this agreement owing to fire, strike, lock-out, industrial dispute (unless such dispute is caused by the party seeking to rely on this clause), delay in transport, shortage of fuel, inability to obtain materials, embargo, act, demand or requirement of any Government or any Government department or agency or of any local authority or of a consequence of war or of hostilities or armed conflict (whether war be declared or not) or to any other cause whatsoever beyond the party’s reasonable control or the after effects of any of the foregoing. If any such delay occurs, then (unless the cause thereof shall frustrate or render impossible or illegal the

 

22

 

performance of this agreement or shall otherwise discharge the same) the period for the party to perform its obligations hereunder shall be extended by such period (not limited to the length of the delay) as the party may reasonably require to complete such performance.

 

21.2 Notices. Notices and other communications to the parties to this agreement required or permitted hereunder shall be deemed duly given upon being transmitted by facsimile to the correct facsimile number of any party or one day after being left at the address of the party to which it is given or seven days after it has been posted by prepaid registered post to the party to which it is to be given at its address hereinbefore set out or such other address as such party shall have previously communicated by notice to the party giving such first mentioned notice or other communication. Notices to Tesco shall be delivered by registered post to the CEO of Tesco.com Limited with copies to the Company Secretaries of Tesco.com Limtied and Tesco Stores Limited (the registered address for Tesco.com Limited and Tesco Stores Limited is Tesco House, Delamare Road, Cheshunt, Hertfordshire EN8 9SL, England).

 

21.3 Severability. If any provision of this agreement is agreed by the parties to be illegal, void or unenforceable under any law that is applicable hereto or if any court or arbitrator of competent jurisdiction in a final decision so determines, this agreement shall continue in force save that such provision shall be deemed to be deleted herefrom with effect from the date of such agreement or as declared by a decision of the said court or arbitrator or such earlier date as the parties may agree.

 

21.4 Governing Law

 

  21.4.1  All disputes between the parties arising out of or in any way relating to this Agreement or any other disputes between the parties in any way connected with the subject matter of this agreement shall be governed by the laws of England and Wales.

 

  21.4.2  The Courts of England and Wales shall have exclusive jurisdiction to hear all matters arising out of or in any way relating to this agreement.

 

21.5 Third Parties

 

  21.5.1  The parties do not intend any third party to have the right to enforce any provision of this agreement under the Contract (Rights of Third Parties) Act 1999 or otherwise except any member of Tesco’s Group, who will have the right to enforce this agreement to the extent to which it relates to the services provided to any member of Tesco’s Group under it.

 

  21.5.2 

Notwithstanding that any term of this agreement may be or become

 

23

 

enforceable by a person who is not a part to it, the terms of this agreement or any of them may be varied, amended, modified or this agreement may be suspended, cancelled or terminated by agreement in writing between the parties or this agreement may be rescinded (in each case) without the consent of the third party.

 

Signed by the parties on the date of this agreement.

 

24

Schedule 1

 

Services and Service Levels

 

eDiets will manage and maintain the Tesco Production Infrastructure (including both electronic and physical security for the Tesco Diet Service) to a standard compliant with its then current standards from time to time in relation to the eDiets Service and the Security Policy (in the event of a conflict in standards between the eDiets Service and the Security Policy requirements, the requirements of the Security Policy shall prevail).

 

eDiets will maintain the Tesco Production Infrastructure necessary for hosting the Tesco Diet Website and uploading the Tesco Application System on a Tier One hosting facility (for the purposes of this schedule a “Tier One hosting facility” is one that has (a) at least two peered network connections and (b) resilient live and back-up connectivity and electricity provision). The Tesco Production Infrastructure will be (and, subject to the Change Control Procedure, shall continue to be during the Term) architected similarly to the existing eDiets website and include normal operations such as system back-ups. At the date of this agreement, the Tesco Production Infrastructure includes the following hardware (including network components as defined below) and software components which shall be maintained and supported by eDiets under this agreement:

 

Hardware and software components:

 

  1 database cluster (two servers and disk array) including Advanced Server software and SQL Server software

 

  3 web servers each including ColdFusion software

 

  2 email servers configured with Listserv and LSMTP software respectively.

 

  1 QA Server including ColdFusion software and SQL Server software (the QA server is used for testing of code before final deployment, to act as the final staging site for tested code that is subsequently copied across to the production webservers, as a platform for various in-house utilities such as graphics uploading and log viewing and as the platform for Livestats (eDiets’ web stats application).

 

  Miscellaneous software shall comprise Statistics Server Livestats ‘webstats’ software and Remote Access Software (eg Windows Terminal Services or PC Anywhere) as agreed between eDiets and Tesco.

 

25

Network components:

 

  1 45 U server rack

 

  1 APC power strip (remote reboot)

 

The maintenance and support of the Tesco Production Infrastructure includes the following associated services, which shall be provided by eDiets under this agreement:

 

Associated services:

 

  Provision of rack space

 

  Provision of bandwidth

 

  Bandwidth

 

(These associated services do not include management of email, code development, application or web log monitoring, performance tuning, collection of web statistics (e.g., webtrends, omniture) or billing processing.)

 

Tesco shall reimburse eDiets its reasonable and documented costs for the provision of bandwidth under this agreement.

 

eDiets’ maintenance of the Tesco Production Infrastructure shall include installing software patches from the respective vendors (for example, Microsoft patches).

 

eDiets is specifically not responsible in any way for the maintaining or monitoring of the Tesco Application System that runs on the Tesco Production Infrastructure. Monitoring of application processes (whether critical or non critical), resulting from software issues in the application code of the Tesco Application System are the responsibility of Tesco.

 

eDiets and Tesco will agree a procedure to estimate the anticipated page view demand in sufficient time to allow (a) Tesco to supply and eDiets to install all necessary hardware and software to meet the anticipated demand, and (b) eDiets to provide necessary bandwidth to meet the anticipated demand.

 

eDiets will monitor the Tesco Production Infrastructure to ensure it meets the Availability requirements and provide Tesco with access to AlertSite. The reports generated by AlertSite will be the same or similar to the reports used by eDiets to manage the eDiets Service.

 

Upon receiving a notification (“Notification”) (via AlertSite or from Tesco) of an issue (or potential issue) (“Issue”) with the Service, eDiets shall investigate and classify the issue as either ‘critical’ or ‘non-critical’ (as defined below). eDiets will trace the status of outstanding Issues related to the Tesco

 

26

Diet Website(s) or the Tesco Production Infrastructure and will notify Tesco of progress, including informing Tesco whether the problem is a ‘critical’ or ‘non-critical’ problem. (Issues relating to the Tesco Application Systems are the responsibility of Tesco.)

 

A ‘critical’ problem is defined as an inability of Customers to access the Tesco Diet Website(s) or the inability of Tesco to access the Tesco Production Infrastructure due to a failure on the part of the Services. ‘Critical’ Issues are problems with hardware or software managed by eDiets that cause an interruption in the delivery, management or maintenance of the Tesco Diet Service as well as and any non-critical Issue which has not been remedied to Tesco’s satisfaction within 7 days of Notification. Critical Issues do not include any problem resulting from a failure in the Tesco Application Systems caused by Tesco. A ‘non-critical’ Issue is defined as a problem that affects the Tesco Production Infrastructure environment but is mutually agreed by both parties to be a “bug” that must be addressed but is not immediately causing non-Availability.

 

eDiets can be contacted 24x7 for ‘critical’ problems at tescosupport@ediets.com. eDiets will correct (to the extent practicable using best endeavours) ‘critical’ Issues within 30 minutes of Notification; if such correction is not practicable, eDiets shall update Tesco in that time limit by outlining to Tesco the planned approach and anticipated timing for the resolution of the Issue. eDiets will correct (to the extent practicable using best endeavours) ‘non-critical’ Issues within 48 hours of Notification; if such correction is not practicable, eDiets shall update Tesco in that time limit by outlining to Tesco the planned approach and anticipated timing for the resolution of the Issue. Thereafter, eDiets will continue to provide Tesco with regular status updates on progress against the plan. In relation to critical Issues, such updates will be delivered at least every hour; in relation to non-critical Issues, such updates will be delivered at least every 48 hours.

 

eDiets will alert Tesco by e-mail, phone, or instant messenger, with as much notice as is reasonably practicable, to any known problems within the Service which may affect service quality (including but not limited to slow page download times) or Availability. Such notification shall not relieve eDiets of any of its obligations under this agreement.

 

Failure to provide a satisfactory response to any fault in the Services within the response times shall automatically trigger Service Credits.

 

27

Schedule 2

 

Change Control Procedure

 

1 General principles

 

1.1 No change to the Services will be binding on either party unless made in writing and signed by duly authorised representatives of both parties.

 

2 Who may request or recommend changes

 

2.1 At any time, Tesco or eDiets may request changes to any part or parts of the Services.

 

2.2 The request may be given verbally and confirmed in writing.

 

3 Tesco changes

 

3.1 If Tesco has requested a change, eDiets will submit to Tesco as soon as reasonably practicable after receipt of a proposed change to the agreement (and in any event within 7 days, unless reasonably deemed a significant modification by eDiets, in which case a non-binding estimated proposal time will be provided by eDiets) a written proposal for the change specifying:

 

  3.1.1  the impact of implementing the proposed change on the Services; and

 

  3.1.2  a timetable for implementing the proposed change; and

 

  3.1.3  material changes which will be required to the agreement; and

 

  3.1.4  its reasonable additional costs required to implement the proposed change (for the avoidance of doubt, such costs are only applicable if the requested change by Tesco requires the implementation of a service which eDiets does not currently implement in relation to the eDiets website); and

 

  3.1.5  (if applicable) the cost savings or cost reductions resulting from the change.

 

3.2 eDiets will investigate the impact of implementing the proposed change and prepare the written estimate at no additional charge to Tesco.

 

4 eDiets Changes

 

4.1 eDiets may recommend changes to Tesco by a written proposal, specifying sufficient detail about the change to allow Tesco to evaluate the change in full, including:

 

  4.1.1  the impact of implementing the proposed change on the Services; and

 

28

  4.1.2  a timetable for implementing the proposed change (specifying whether there are any dates by which a decision by Tesco is critical);

 

  4.1.3  material changes which will be required to the agreement; and

 

  4.1.4  its reasonable additional costs required to implement the proposed change (for the avoidance of doubt, such costs are only applicable if the requested change by Tesco requires the implementation of a service which eDiets does not currently implement in relation to the eDiets website); and

 

  4.1.5  (if applicable) the cost savings or cost reductions resulting from the change; and

 

  4.1.6  eDiet’s reasons for requesting the change.

 

4.2 eDiets will investigate the impact of implementing the proposed change and prepare the recommendation at no additional charge to Tesco.

 

5 Evaluation of the change

 

5.1 After receipt of the estimate or recommendation the proposed change will be considered by Tesco, who will decide in its absolute discretion whether:

 

  5.1.1  to accept eDiet’s estimate or recommendation in which case the Services will be amended in accordance with eDiets estimate or recommendation;

 

  5.1.2  to withdraw the proposed change;

 

  5.1.3  if the change is to be implemented by a subcontractor of eDiet’s, to request eDiet’s to obtain competitive quotes from other suitable sub-contractors (eDiets is not obliged to obtain such requests, but shall not unreasonably fail to do so);

 

  5.1.4  to request eDiets to benchmark the proposed change (including the estimated cost of the change) in accordance with the benchmarking criteria agreed between the parties (eDiets is not obliged to carry out such benchmarking under this schedule, but shall not unreasonably fail to do so); and/or

 

  5.1.5  to query the estimate.

 

29

5.2 For the purposes of paragraph 5.1.2 of schedule 2, if eDiets and Tesco (each acting reasonably and in good faith) agree that the proposed change is required by eDiets’ meeting its Availability obligations under clause 2.1 and yet Tesco withdraws the proposed change, any period of unavailability caused as a direct result of this shall not be included in the calculation of unavailability for the purposes of clause 3.1.

 

5.3 At Tesco’s request, eDiets will provide any additional information requested by Tesco to evaluate the estimate or recommendation fully.

 

5.4 Until a change is formally agreed in writing between the parties in accordance with this procedure, eDiets will continue to perform its obligations under the agreement as if the change had not been proposed. If eDiets implement changes to the Services before they have been agreed under this schedule, then it will do so at its own risk and expense.

 

30

Schedule 3

 

Security Policy

 

eDiets shall comply with the following security requirements:

 

1 Business continuity planning

 

Aspects of business continuity management:

 

There must be a documented and practiced process for Disaster Recovery

 

2 System access control

 

2.1 Network access control

 

Only authorised IT staff must have access to network equipment, configuration and software.

 

2.2 Operating system access control

 

Only authorised IT staff must have access to server operating system configuration and systems/application software.

 

2.3 Monitoring system access and use

 

There must be a system in place to manage and monitor all servers and notify of any errors, failures or security breaches

 

2.4 Mobile computing and networking

 

Any mobile access must be via secure access.

 

3 System development and maintenance

 

3.1 Security requirements of systems

 

There must be documented and practiced system security guidelines, surrounding all aspects of the system above the hardware and below the application (such as removal of non-required components, patch management, configuration lock-down).

 

3.2 Security of system files

 

Only authorised IT staff must have access to production system files

 

31

4 Physical and environmental security

 

4.1 Secure areas

 

All production IT equipment must be housed in a secure data centre environment, with restricted access and appropriate levels of monitoring

 

4.2 Equipment security

 

All production IT equipment should be physically secured and should be marked to reduce the risk of theft

 

5 Compliance

 

5.1 Compliance with legal requirements

 

The company must comply with the requirements of the Data Protection Act and any other relevant legislation concerning the use of Information Technology and Information Security.

 

5.2 System audit considerations

 

The company must allow themselves to be audited externally by Tesco in relation to their performance under this agreement.

 

6 Security organisation

 

6.1 Security in job definition and resourcing

 

The company should have a defined (and resourced) role within the organisation responsible for IT security

 

6.2 User training

 

The company should give all of their users appropriate training and awareness in the secure use of their systems

 

6.3 Responding to incidents & malfunctions

 

The company should have a documented process for responding to incidents (such as security breaches, virus attacks etc)

 

7 Computer and operations management

 

7.1 Information Security Infrastructure

 

32

The company must have infrastructure equipment that provides balanced security in-depth. Evidence of firewalls, anti-virus, intrusion detection

 

7.2 Security of third party access

 

Any third party access to the company must be by a secure route

 

7.3 Outsourcing

 

Any outsourcing done by the company must be covered by the same information security policy terms as the main company

 

7.4 Operational procedures & responsibilities

 

There must be a documented set of procedures for incident and problem management and standard operational processes such as support and escalation

 

7.5 System planning and acceptance

 

There must be a documented set of procedures for testing, change, configuration and release management

 

7.6 Protection against malicious software

 

There must be a documented process for checking for software updates/vulnerabilities/patches, analysing them, risk assessment and testing and implementation. All critical vulnerabilities identified by this process must be patched.

 

7.7 Housekeeping

 

There must be documented and practiced processes for backup and recovery.

 

7.8 Network management

 

There must be a network management system in place to manage and monitor all network equipment and notify of any errors, failures or security breaches.

 

7.9 Media handling and security

 

There should be a secure location for storage of media (software, images, data backups etc), with regular offsite storage.

 

33

Schedule 4

 

Implementation Services Procedure

 

1 Improvements requiring the implementation of application code only (i.e., Improvements not requiring the addition of new components of the Tesco Production Infrastructure)

 

1.1 Where an Improvement has been developed by eDiets and is made up of new web application code which does not require the addition of any new supporting infrastructure to be added to the Tesco Production Infrastructure, whether hardware or software, eDiets will, at Tesco’s request, make available to Tesco sufficient information (including application source code, database schematics and application description) to allow Tesco to be able to estimate the resources needed for Tesco to incorporate the new code into the Tesco Diet Service.

 

1.2 If Tesco wish to incorporate the new Improvement, Tesco shall draw up an implementation timetable to incorporate the new Improvement into the Tesco Diet Service, and the incorporation of the Improvement onto the Tesco Production Infrastructure will be agreed at a time and in a manner convenient to both parties.

 

1.3 Tesco will be responsible for any code reconfiguration, content localisation and database modifications necessary to enable the applicable new Improvement to be incorporated into the Tesco Diet Service.

 

1.4 Although eDiets is not responsible for the Tesco Application System, Tesco may request, and eDiets shall make best efforts to carry out such tasks as Tesco requests on the Tesco Application System where Tesco does not have sufficient knowledge and skill to carry out such tasks itself (for example, Cold Fusion expertise). Tesco shall reimburse eDiets its reasonable and documented actual costs of providing any such services under this schedule provided such costs are agreed by Tesco in writing before being incurred by eDiets (and payment of such costs shall be governed by clause 5.4).

 

2 Improvements requiring the addition of new components of the Tesco Production Infrastructure

 

2.1 Where an Improvement requires the addition of new components to the Tesco Production Infrastructure, the addition of such new components shall be at the discretion and cost of Tesco. To enable Tesco to determine whether or not to add the new component(s) the parties shall carry out the procedure set out in paragraph 2.2 below.

 

34

2.2 In circumstances where Tesco notifies eDiets that it may wish to make an addition to the Tesco Production Infrastructure to incorporate an Improvement the following shall apply:

 

  2.2.1  eDiets shall produce a reasonable estimate of both the cost of implementing the additional component to the Tesco Production Infrastructure to incorporate the Improvement and the benefits that would accrue to Tesco as a result of the Improvement.

 

  2.2.2  Implementation of the additional component to the Tesco Production Infrastructure to incorporate the Improvement shall then only proceed where it is agreed by Tesco that the Improvement would be beneficial to it.

 

  2.2.3  If it has been agreed to implement the additional component to the Tesco Production Infrastructure to incorporate the new Improvement, both parties shall draw up an implementation timetable to implement the additional component and the incorporation of the Improvement onto the Tesco Production Infrastructure will be agreed at a time and in a manner convenient to Tesco.

 

  2.2.4  The costs for the implementation the additional component to the Tesco Production Infrastructure to incorporate shall be borne by Tesco.

 

3 Other (non-Improvement) new components of the Tesco Production Infrastructure

 

3.1 Where Tesco wishes to implement any non-Improvement components (including any associated software) to the Tesco Production Infrastructure, such new components shall be at the discretion and cost of Tesco. To enable Tesco to determine whether or not to add the new component(s) the parties shall carry out the procedure set out in paragraph 3.2 below.

 

3.2 In circumstances where Tesco notifies eDiets that it may wish to make an addition to the Tesco Production Infrastructure to incorporate any non-Improvement components the following shall apply:

 

  3.2.1  eDiets shall produce a reasonable estimate of both the cost of implementing the additional component to the Tesco Production Infrastructure.

 

  3.2.2  Implementation of the additional component to the Tesco Production Infrastructure to incorporate the Improvement shall then only proceed where it is agreed by Tesco that the non-Improvement would be beneficial to it.

 

35

  3.2.3  If it has been agreed to implement the additional non-Improvement component to the Tesco Production Infrastructure both parties shall draw up an implementation timetable to implement the additional component and the incorporation of the component onto the Tesco Production Infrastructure will be agreed at a time and in a manner convenient to Tesco.

 

3.3 The costs for the implementation the additional component to the Tesco Production Infrastructure to incorporate shall be borne by Tesco.

 

36

Schedule 5

 

Procedures and elements of the Service with a delayed Effective Date

 

The following procedures and elements of the Service shall have the following delayed Effective Date:

 

  eDiets compliance with the Security Policy is required from the Effective Date. However, eDiets obligations to document its policies and procedures under the Security Policy shall have a delayed Effective Date of six weeks from the Effective Date.

 

  In relation to the Tesco Production Infrastructure, eDiets shall leave the current eDiets Europe Limited UK and Ireland website server stack running in Miami (to ensure an uninterrupted service). The non-UK and Ireland eDiets Europe Limited website will also be present on the same server stack (which will result in eDiets Europe Limited and Tesco posting content to the same server stack). Unless otherwise agreed between the parties following a mutual review of the service provided using the same server stack, eDiets shall (or shall procure that eDiets Europe Limited shall) migrate the non-Tesco websites to a dedicated server within 6 months of the Effective Date (however any documentation requirements under schedule 3 shall be completed by eDiets within 8 weeks of the Effective Date).

 

37

SIGNED by

for and on behalf of

TESCO IRELAND LIMITED

   

)

)

)

SIGNED by

for and on behalf of

eDIETS.COM, INC.

   

)

)

)

 

38

DATED 15 JULY 2004

 

eDIETS.COM, INC.

 

TESCO IRELAND LIMITED

 

SERVICE LEVEL AGREEMENT

 

CONTENTS

 

1   

Definitions and interpretation

    1
2   

Performance of the Services by eDiets

    7
3   

Availability of the Tesco Diet Service

    8
4   

Description of Support Services and Service Levels

    9
5   

Tesco Rights and Obligations

    10
6   

Insurance

    11
7   

Hosting of the eDiets Europe Limited websites on the Tesco Production Infrastructure

    11
8   

Reports; Data

    11
9   

Change Control Procedure

    12
10   

Co-operation; Benchmarking; Service Improvements

    12
11   

Warranties and Undertakings

    13
12   

Indemnity

    14
13   

Limitation of Liability

    15
14   

Exclusions

    16
15   

Service Credits

    16
16   

Tesco Responsibilities

    16
17   

Data Protection

    18
18   

Backup; Step In Rights

    18
19   

Confidential Treatment of Information

    19
20   

Default; Term and Termination

    20
21   

General Provisions

    22
Schedule 1    25
Schedule 2    28
Schedule 3    31
Schedule 4    34
Schedule 5    37