Version
1.6 as of July 12th, 2026
Company Details
Company Name: Jube Operations Limited trading as Jube (“JOL”).
Company Number: 14442207
Registered Address: Northgate House, North Gate, New Basford, Nottingham, England, NG7 7BQ
Preamble
These terms are published, versioned, and written to be read. They represent a fair commercial arrangement for both parties. The Provider operates as a specialist boutique and these terms reflect that — they are not negotiable in the way that enterprise procurement processes might expect, nor however is the price point. The pricing reflects a deliberate commitment to accessibility and forms part of the consideration under this Agreement. In the context of enterprise fraud and AML management, where proprietary alternatives carry a materially higher cost of ownership, this is not incidental.
The Provider’s approach to intermediary relationships, co-delivery arrangements, and the conditions under which direct engagement with end Clients may occur is set out in Sections 21 and 23.
For the avoidance of doubt, the Expert of Record designation set out in this Agreement is a governance, audit, and regulatory documentation designation only. It is not intended to create approval dependencies, oversight obligations, or any restriction whatsoever in relation to the free and liberal use of documented Jube platform functionality, which remains entirely at the discretion of the Client or intermediary.
The commercial terms set out in this Agreement are structured to be fair, transparent, and easy to exit. The Provider’s confidence in the value of the Services is reflected in the brevity of its notice periods and the accessibility of its pricing, not in contractual complexity designed to retain clients beyond the point at which the relationship serves them.
Company Introduction
JOL is a UK company that architects, develops, and implements horizontally scalable, high-throughput software for real-time transaction and event monitoring. Engagements with Clients typically span software development, data engineering, machine learning (both supervised and unsupervised classification), and increasingly artificial intelligence, including integration, embedding, and inference where distinct from machine learning.
JOL’s stated mission is to work with Clients on the training, support, and implementation of Jube — an Open-Source Anti-Money Laundering (“AML”) and Fraud Detection Transaction Monitoring software, which it maintains. Under the umbrella of JOL, there is also a corpus of advanced analytics know-how.
JOL’s commercial services are organised around three service lines, which reflect the natural progression of a Client engagement:
Training and Integration is the sole entry point to the Jube ecosystem and a prerequisite for all subsequent engagement. It is a structured, hands-on programme — delivered in person or remotely — through which Client personnel gain practical mastery of the Jube platform, configure it against real-world scenarios, and progress to a state of pre-production readiness. Training and Integration comprises two components: a training delivery component, invoiced as a fixed fee on Work Order acceptance and covering the initial structured training programme; and a post-training integration support component, which operates on the same in-arrears monthly billing model, subject to the Minimum Monthly Retainer, as PAYG and Enterprise Support. The integration component begins on completion of initial training delivery and continues until certification and pre-production deployment are confirmed. The Training and Integration engagement concludes with certification of the relevant Client personnel as Jube Certified Application Specialists and confirmation of successful pre-production deployment. Upon conclusion, the engagement transitions naturally into a PAYG or Enterprise Support arrangement, reflecting the expectation that Training and Integration marks the commencement of a long-term operational relationship. No Client shall proceed to PAYG or Enterprise Support without having completed Training and Integration; the certification programme constitutes the technical and commercial gateway to any ongoing support arrangement.
PAYG (Pay As You Go) Support is available to certified Clients who require ongoing access to the Provider’s expertise without a minimum annual commitment. PAYG engagements are billed monthly in arrears, subject to a Minimum Monthly Retainer, giving Clients flexible access to support as their operational needs evolve without any prepayment obligation.
Enterprise Support is available to certified Clients who require a committed, higher-availability support relationship, including callout obligations and, where the Client’s committed support hours meet the applicable threshold, Expert of Record designation. Enterprise Support operates on the same in-arrears monthly billing model as PAYG, with a larger Minimum Monthly Retainer and the ancillary service commitments set out in Section 16.
Engagements under any of these service lines may include elements of bespoke software development, data engineering, or machine learning work where the Client’s implementation requires it. Such work is delivered under the same monthly in-arrears billing model within the applicable Work Order and does not constitute a separate service line or commercial arrangement.
Where engagements are delivered through or alongside an intermediary, the Provider may participate as a specialist technical contributor within the intermediary’s delivery structure under a co-delivery arrangement, as set out in Section 23. Co-delivery reflects the Provider’s deliberate commitment to operating within its defined part of the value chain, and its recognition that intermediaries and partners are essential to extending the reach of the Jube platform into markets and client relationships that a direct engagement model could not serve alone.
All three service lines operate on the same underlying payment model — monthly billing in arrears, a guaranteed Minimum Monthly Retainer, and consistent commercial rhythm — reflecting the Provider’s commitment to a fair, transparent, and predictable engagement for both parties, without the administrative overhead of prepayment, deposit reconciliation, or refund processing.
Definitions
For the purposes of these Terms of Service, the following terms shall have the meanings set out below:
Agreement: These Terms of Service together with any Work Orders, statements of work, or quotations entered into under it.
Client: The party receiving the Services from JOL.
Provider: Jube Operations Limited trading as Jube (“JOL”), providing the Services.
Services: The support, software development, consulting, training, or other services provided by the Provider to the Client.
Deliverables: Any materials, software, documentation, models, or other outputs created by the Provider in connection with the Services.
Confidential Information: Any information disclosed by one party to the other that is identified as confidential or that ought reasonably to be treated as confidential.
Personal Data: Information relating to an identifiable individual processed by JOL as a data processor under GDPR.
Excluded Uses: Uses of the Services or Deliverables that are expressly excluded in Section 8, including but not limited to use as or in place of a ledger, settlement engine, or system of financial record, safety-critical systems, financial trading systems, and medical systems. The Deliverables are designed and intended to operate as a real-time monitoring and validation layer only, and any use beyond that characterisation may constitute an Excluded Use.
Work Order: A written document confirmed by email exchange or accepted via the quote acceptance function within the Provider’s invoicing platform, that details the specific Services to be provided, the applicable fees, and any particularisation of intellectual property rights. Acceptance via the Provider’s quote acceptance function shall constitute agreement to the Terms of Service version referenced in the relevant quote. No oral agreement or informal communication shall constitute a Work Order.
Force Majeure Event: Any event beyond a party’s reasonable control that prevents or delays performance of its obligations, as described in Section 9.
Configuration Artifacts: Any configuration, extensions, inline scripts, custom DLLs, dependency injection add-ins, rule extensions, stored procedures, or related documentation created by the Client within or in relation to Jube’s supported extensibility frameworks, which are treated as configuration data rather than modifications to Jube’s core codebase.
Service Activation Letter: A written confirmation issued by the Provider to the Client on the commencement date of a Work Order, confirming that Services have been activated thereunder. The Service Activation Letter records the start date for the purposes of billing, notice periods, and IP vesting.
Technical Presales: The scoping, assessment, and preparatory work undertaken by the Provider prior to the issuance of a Service Activation Letter, carried out in connection with and in anticipation of a Work Order. Technical Presales activity is considered rendered and paid upon issue of the relevant Service Activation Letter and shall not be separately invoiced.
Expert of Record: A formal designation, available to Enterprise Support Clients, whereby the Provider acts as the named technical authority on the Client’s Jube implementation for the purposes of governance, audit, and regulatory documentation, including a periodic technical account review check-in. The Expert of Record designation is available where the Client’s Minimum Monthly Retainer meets or exceeds the hours threshold, and the Client maintains the check-in cadence, specified for that purpose in the applicable Work Order, as set out in Section 16.
PAYG (Pay As You Go): A support arrangement under which a certified Client accesses ongoing Services without a minimum annual commitment. PAYG engagements are billed monthly in arrears, subject to a Minimum Monthly Retainer. The absence of a minimum commitment period and ancillary service obligations distinguishes PAYG from Enterprise Support; billing mechanics and rhythm are otherwise identical.
Enterprise Support: A support arrangement under which a certified Client commits to a minimum annual engagement, with access to callout obligations and, where the Minimum Monthly Retainer meets the applicable threshold, Expert of Record designation, as set out in Section 16. Enterprise Support operates on the same in-arrears monthly billing model as PAYG, with a larger Minimum Monthly Retainer as specified in the applicable Work Order. The premium of Enterprise Support is the level of committed service and ancillary obligations, not a different payment model.
Minimum Monthly Retainer: The minimum fee payable by the Client in respect of each monthly billing period during which an engagement is active, as specified in the applicable Work Order. For PAYG engagements and the integration support component of Training and Integration, the Minimum Monthly Retainer is one (1) hour at the applicable hourly rate. For Enterprise Support engagements, the Minimum Monthly Retainer is as specified in the applicable Work Order and shall not be less than one (1) hour at the applicable hourly rate. The Minimum Monthly Retainer is payable in respect of each monthly billing period regardless of whether any hours were recorded during that period, and represents the minimum consideration payable for the Provider’s availability and commitment during that period. Where hours recorded and billable during a monthly billing period, valued at the applicable hourly rate, exceed the Minimum Monthly Retainer, the Client shall pay for those hours in place of, and not in addition to, the Minimum Monthly Retainer — that is, the Client pays whichever is greater for that period.
The tiered structure of the Minimum Monthly Retainer reflects why it exists at all. Any Minimum Monthly Retainer secures the Client’s access to the hourly rate specified in the Work Order — a reduced rate offered only to Clients maintaining an active monthly engagement under this Agreement — together with the baseline response time and availability commitments set out in Section 3, including the four (4) business hour response commitment under clause 3.3. Where a Client’s Minimum Monthly Retainer meets the higher threshold specified for Enterprise Support, it additionally unlocks the further bundle of commitments set out across this Agreement: 24/7 callout under clause 3.12, Expert of Record designation and its associated check-in cadence under Section 16, the security patching response commitment under Section 18, and regulatory feature mapping under Section 19. These are not independent add-ons; they are different facets of the same underlying purpose — keeping the Provider’s familiarity with the Client’s implementation current, and the Provider’s confidence in supporting it, so that the commitments the Client is paying for can actually be relied upon when they are needed, including in support of the Client’s own operational uptime. A Client who allows their engagement to lapse, or who has no active Work Order, is not entitled to any of these commitments, and any subsequent engagement shall be treated as a new Work Order, chargeable at the Provider’s then-current standard rate card until a new Minimum Monthly Retainer is established.
.jemp: Jube Encrypted Message Pack. A portable, encrypted snapshot of a Jube tenant’s configuration, used for backup, migration, and diagnostic purposes. A .jemp file is a compressed, encrypted, binary serialisation of a Jube tenant configuration export, produced via the configuration export functionality within the Jube platform. A .jemp contains all tenant configuration data and all subordinate definitions, but expressly excludes production data including transaction archive data, case data, cache data, and user configuration.
Time Records: A monthly summary of hours recorded against the Client’s project, prepared by the Provider and submitted to the Client at the end of each calendar month. Time Records are prepared by the Provider from internal records and shared with the Client via email or file share. They do not constitute a portal or live system to which the Client has independent access.
1. Scope of Services
- These Terms of Business govern the provision of support services and/or software development services (Services) by JOL (Provider) to the Client.
- Any proposal, statement of work, quotation, or similar document agreed between the parties shall be deemed incorporated into these Terms.
- The Provider reserves the right to modify these Terms of Business from time to time. The applicable version shall be included in each Work Order and shall take effect upon the Client’s acceptance of that Work Order.
- Upon commencement of a Work Order, the Provider shall issue a Service Activation Letter recording the start date of the Services. The start date stated in the Service Activation Letter shall govern billing, notice periods, and IP vesting for that engagement. Work Orders shall typically be preceded by a period of Technical Presales, which shall be considered rendered and paid in full upon issue of the Service Activation Letter, with no separate invoice raised in respect of that activity.
- Where Services are engaged through an intermediary rather than directly with the end Client, the Provider shall issue the Service Activation Letter to the intermediary upon commencement. The intermediary shall furnish a copy of the Service Activation Letter to the named end Client within five (5) business days of receipt. Failure to do so shall entitle the Provider to issue the Service Activation Letter directly to the end Client and to treat the intermediary’s obligation as unmet.
- Each Work Order and Service Activation Letter shall identify the named end Client by full legal entity name. Services provided under a Work Order are scoped exclusively to the named end Client. The Provider shall not be obliged to provide Services in respect of any other entity, client, or environment not named in the Work Order, and any such request shall require a separate Work Order.
- Where the Provider has reasonable grounds to believe that support hours or Services are being consumed on behalf of an entity other than the named end Client, the Provider reserves the right to suspend Services pending clarification. The Provider shall notify the Client of the suspension and the grounds for it promptly upon exercising this right, and shall confirm or withdraw the suspension within five (5) business days of receiving a satisfactory written response from the Client. The Provider may invoice separately for any Services determined to have been delivered outside the scope of the named Work Order.
- Support Services are scoped to the documented functionality of the Jube platform as published at the official documentation site. The Provider is not obliged to support undocumented usage, integrations outside the supported extensibility framework, or any configuration or operational practice not covered by the platform documentation.
2. Fees and Payment
The payment model operates on an in-arrears monthly billing cycle, subject to the Minimum Monthly Retainer defined above. The clauses below set out the operative payment obligations governing each engagement type.
- Fees for the Services will be as set out in the applicable Work Order, which shall specify the hourly rate and the Minimum Monthly Retainer applicable to the engagement. In the case of Training and Integration, the Work Order shall specify the fixed fee for the training delivery component and the hourly rate and Minimum Monthly Retainer applicable to the integration support component, which operates on the same in-arrears monthly billing model as PAYG.
- All fees are exclusive of taxes, which shall be payable by the Client in addition.
- All engagements operate on a monthly billing cycle, billed in arrears. At the end of each calendar month, the Provider shall issue an invoice for that month, accompanied by a Time Record showing the hours recorded during the month. The fee payable for the month shall be the greater of (a) the fees for the hours actually recorded during the month at the applicable hourly rate, or (b) the Minimum Monthly Retainer. A month in which no hours are recorded is invoiced at the Minimum Monthly Retainer and accompanied by a Time Record showing no hours recorded, and constitutes a valid monthly statement for the purposes of this Agreement. Invoices are payable within thirty (30) days of the invoice date.
- Training and Integration engagements are invoiced in two parts. The training delivery component is a fixed fee as particularised in the applicable Work Order, due and payable upon Work Order acceptance; no delivery shall commence until this fee has cleared. The integration support component begins on completion of initial training delivery as confirmed by the Provider in writing, and operates on exactly the same in-arrears monthly billing model as a PAYG engagement: hours are recorded as they are incurred and invoiced monthly in arrears in accordance with clause 2.3, subject to the Minimum Monthly Retainer specified in the applicable Work Order. The integration support component continues until certification and pre-production deployment are confirmed, at which point the engagement concludes and transitions to PAYG or Enterprise Support. In the event of termination of a Training and Integration engagement prior to completion, the training delivery fixed fee is non-refundable, and hours recorded under the integration support component up to the effective termination date shall be invoiced in accordance with clause 2.3.
- There is no prepayment requirement for the commencement of any PAYG, Enterprise Support, or Training and Integration Support Work Order. Services commence on the basis of the applicable Work Order and Service Activation Letter, with fees invoiced monthly in arrears in accordance with clause 2.3.
- If any payment is not made when due, the Provider reserves the right to charge statutory interest at the rate applicable under the Late Payment of Commercial Debts (Interest) Act 1998, accruing daily until payment is received in full.
- To the extent that on-site visits to the Client’s premises (or any other location) are required, the Provider shall be entitled to charge for reasonable travel and subsistence expenses. Such expenses will be billed in accordance with the HMRC international scale rate directory (as updated from time to time — see HMRC guidance) and must be agreed with the Client in advance.
- Where the Provider is registered for Value Added Tax (VAT) with HMRC, applicable VAT will be charged on fees at the prevailing rate and shown separately on invoices. Clients outside the UK should satisfy their own VAT or equivalent obligations in their respective jurisdictions.
- Any discount agreed between the parties is a confidential commercial arrangement and forms part of the applicable Work Order. Neither the Client nor any intermediary shall disclose the existence or terms of any discount to any third party without the prior written consent of the Provider.
- Where Services are engaged through an intermediary, fees remain payable to the Provider in full in accordance with the applicable Work Order, regardless of whether the intermediary has collected payment from the end Client. The intermediary’s failure to collect from the end Client shall not constitute grounds for withholding or reducing payment to the Provider.
3. Service Delivery
The Provider operates an async-first service delivery model. The primary working channel is WhatsApp Business, through which the majority of day-to-day service activity is conducted. This channel supports direct, responsive communication without the overhead of scheduled meetings, and is actively monitored during UK business hours.
Email is reserved for formal business communications and notices — including Work Order acceptance, Service Activation Letters, written sign-offs, and other communications where a traceable formal record is required. Email is not regularly monitored for day-to-day service requests and is not an appropriate channel for ongoing technical dialogue. Where an email initiates a service request or raises a technical matter, the Provider will typically acknowledge receipt by email and continue the dialogue through WhatsApp rather than by email thread.
The Provider’s strong preference is to resolve matters asynchronously — through chat, voice notes, and screen recordings — avoiding the need for scheduled meetings wherever possible. This approach eliminates project stall between meetings and keeps delivery moving continuously. Meetings are available but treated as a channel of last resort, called only where async communication has proven insufficient to resolve a matter.
Service requests may be submitted through WhatsApp Business, a dedicated support contact or group, or a subordinate channel where volume or complexity warrants separation. The Provider will not be obliged to monitor or respond to service requests submitted through any other channel, including client-operated platforms, ticketing systems, or tools not listed above.
Jira is the Provider’s internal system of record for the Client’s engagement — housing the tickets, notes, and logged time arising from the Services. WhatsApp is the conversational interface to that record: service requests are submitted via WhatsApp, and where a request constitutes a discrete, scoped piece of work — as distinct from a quick query resolved within the same conversation — the Provider frames it as a ticket in Jira, with notes and time logged against it as work proceeds. The Client has no direct access to Jira; it is not a portal or live system to which the Client has independent access, consistent with the Time Records definition above, and it does not replace WhatsApp as the Provider’s primary channel for day-to-day dialogue. Instead, the WhatsApp channel is self-service in respect of a Client’s own tickets, notes, and logged time: the Provider makes available a set of commands, from time to time, through which a Client may request that information, with the Provider responding within that same channel. Such a response reflects that record as it stands at the time of the request; it is provided for informational convenience only and does not itself constitute a Time Record. The record is closed off and realised as the Time Record for the relevant billing period only once a month, at the point the Provider issues the Time Record and invoice under Section 2, and a self-service response is not a substitute for that monthly Time Record and invoice.
The basis on which time is recorded and charged across all engagement activities is set out in Appendix B: Basis of Time Recording.
Details:
- Remote Delivery: The Services shall be delivered remotely by default unless otherwise agreed in writing.
- Service Request Channels: All service requests must be submitted through WhatsApp Business, in accordance with this Section.
- Response Time: The Provider shall acknowledge and respond to all service requests within a maximum of four (4) business hours during UK office hours (09:00–17:30 GMT/BST, Monday to Friday, excluding UK public holidays). A response within this timeframe acknowledges receipt and initiates engagement with the request. It does not imply resolution within that period nor constitute a service level commitment to the same.
- Urgent Matters: Where a matter is time-sensitive or urgent, the Client should contact the Provider via WhatsApp Business, which generates audible alerts and is appropriate for urgent matters. Email cannot be relied upon for urgent matters under any circumstances.
- Service Management: All service requests are recorded and tracked by the Provider against the relevant Client project for the purposes of time recording and billing, using Jira as an internal system of record. The Provider maintains internal records using its own tools and processes. Clients do not have direct access to Jira or any other of the Provider’s internal tracking systems; time records are instead submitted to the Client monthly in accordance with the Time Records definition above, and information about a Client’s own tickets, notes, and logged time is available on a self-service basis via WhatsApp as set out in this Section.
- Deliverables and Documentation: Deliverables and supporting materials created as part of the Services will be shared via file share, such as Microsoft OneDrive or equivalent, to which the Client will be granted appropriate access.
- Meetings and Screencasts: Where a synchronous meeting is not required, the Provider may make use of asynchronous screen recordings to communicate findings, walkthroughs, or guidance, and Clients are encouraged to do the same. This approach is often more efficient than a scheduled call for straightforward technical explanations. Screen recordings will be shared via the same file share channel as Deliverables. Scheduled online meetings will be conducted via a video conferencing tool nominated by the Provider, arranged on demand, and only where async communication has proven insufficient.
- Client Control of Production: The Provider will not take control of or directly implement changes to the Client’s production systems. Responsibility for implementing changes rests solely with the Client. The Provider shall produce documentation and procedures for any such changes, which shall require written acceptance by an authorised representative of the Client via email or other traceable written communication prior to implementation. In the absence of such written acceptance, the Provider shall have no liability for outcomes arising from the Client’s implementation of those changes. The Client acknowledges that written acceptance constitutes confirmation that the Client has reviewed, understood, and taken responsibility for the implementation of the relevant changes.
- Testing and Sign-Off: The Client is responsible for testing all Deliverables in a suitable non-production environment. Promotion to production requires written acceptance by an authorised representative of the Client via email or other traceable written communication. The Provider shall have no liability for issues arising from promotion undertaken without such written acceptance.
- Client Security Obligations: The Client is responsible for maintaining appropriate security measures and controls for their systems, networks, and data. The Provider shall not be liable for security incidents arising from the Client’s environment, hosting, or data handling practices.
- Production Support: The fees charged under this Agreement are not intended to cover production support, critical incident response, or 24x7 on-call obligations. Responsibility for the stability, monitoring, and support of production systems rests solely with the Client, and production support is not within the scope of the Services as defined in this Agreement. Any out-of-hours or emergency response provided by the Provider is delivered on a best endeavours basis only, at the Provider’s discretion, and will be billed as an emergency call-out in accordance with the Provider’s current rate card, subject to any discounts agreed in the applicable Work Order. For the avoidance of doubt, the Provider does not assume responsibility for production systems and does not form part of the Client’s production support chain.
- Enterprise Support Callout: For clients on an Enterprise Support arrangement, out-of-hours and emergency response is available on a 24/7 basis, with a guaranteed response during 06:00–18:00 GMT, Monday to Friday, excluding UK public holidays. Outside those hours, response is on a best endeavours basis. Enterprise Support callout obligations apply to all Enterprise Support Clients and are independent of the Expert of Record designation described in Section 16.
4. Confidentiality
- Each party (“Receiving Party”) undertakes to keep confidential and not to disclose to any third party any Confidential Information of the other party (“Disclosing Party”) received in connection with these Terms, except as permitted.
- Confidential Information means any information disclosed by the Disclosing Party that is identified as confidential or that ought reasonably to be treated as confidential.
- The Receiving Party may disclose Confidential Information: a. to employees, agents, or subcontractors who need to know it for carrying out the Services, provided they are bound by confidentiality obligations no less stringent than these; b. as required by law, regulation, or court order, provided that (where lawful) the Disclosing Party is given prior written notice.
- The obligations do not apply to information that: a. is or becomes publicly available other than through breach of these Terms; b. was lawfully in possession before disclosure; c. is independently developed without use of the Disclosing Party’s Confidential Information.
- The obligations survive termination of these Terms for five (5) years.
5. Data Processing Compliance
For the purposes of the UK GDPR and EU GDPR, the parties acknowledge that JOL acts as a data processor. Terms and obligations relating to processing Personal Data are set out in Appendix A: Data Processing (GDPR).
6. Intellectual Property
- Only as expressly particularised in the Work Order, ownership of rights in any materials, Deliverables, or software created by the Provider shall vest in and transfer to the Client upon payment of all fees in full, excluding clause 6.2 exceptions and pre-existing IP.
- Notwithstanding clause 6.1, vesting does not include:
- Jube Open-Source real-time AML and Fraud Detection Transaction Monitoring software (AGPLv3).
- Advanced analytics (e.g., machine learning models) developed using only JOL or consortium data.
- Supporting materials to Jube Open-Source real-time AML and Fraud Detection Transaction Monitoring software ( AGPLv3) (e.g., platform documentation, scripts), being materials of general application to the Jube platform rather than specific to the Client’s implementation.
- Configuration Artifacts and documentation developed by the Provider specifically for the Client as expressly particularised in a Work Order, which are expressly excluded from this clause and shall vest in the Client in accordance with clause 6.1.
- The Provider retains ownership of methodologies, know-how, tools, frameworks, and pre-existing IP used in providing the Services. The Provider grants the Client a non-exclusive, non-transferable license to use such elements solely as incorporated into the Deliverables. For the avoidance of doubt, Jube’s core platform software is maintained as open-source under the AGPLv3 licence, and nothing in this clause shall be construed as granting rights in that software beyond those already conferred by AGPLv3.
- Notwithstanding clause 6.1, Configuration Artifacts shall vest in and remain the proprietary intellectual property of the Client upon creation. Configuration Artifacts are stored as data within the system (not merged into source code), compiled or interpreted at runtime, and deployable without modifying Jube’s core binaries or source files. This is consistent with the well-established open-source practice whereby Configuration Artifacts remain proprietary to the user and fall outside the scope of the underlying platform’s licence. Accordingly, the Client shall not be required to disclose or release Configuration Artifacts by virtue of the AGPLv3 licence governing Jube’s core platform, and the Provider makes no claim to ownership of any Configuration Artifacts.
7. Standard of Service and Warranty
- The Provider shall exercise reasonable skill and care in providing the Services and producing Deliverables.
- Subject to clause 7.1, the Services and Deliverables are otherwise provided “as is” and “as available”. To the fullest extent permitted by law, the Provider disclaims all further warranties, conditions, and representations, including implied warranties of merchantability, fitness for purpose, accuracy, or non-infringement.
- The Deliverables are designed and intended to operate as real-time monitoring and validation tools, generating alerts, scores, and decline recommendations in support of automated and human decision-making. The execution of any resulting action, including transaction decline, rests with the Client’s systems and is not performed by the Provider directly. The Provider accepts no liability for decisions made by the Client or any third party in reliance on outputs from the Services.
8. Limitation of Liability and Indemnification
- To the maximum extent permitted by law, the Provider shall not be liable for: a. indirect, incidental, consequential, or special loss or damage; b. loss of profit, revenue, savings, data, goodwill, or opportunity; c. claims arising from Client misuse of Deliverables.
- The Provider’s total liability shall not exceed fees paid by the Client under the relevant Work Order in the preceding 12 months.
- Excluded Uses: The Provider excludes liability for claims arising from use of Deliverables in:
- Industrial/engineering process control
- Financial trading (high-frequency or algorithmic)
- Transactional processing systems where the Deliverables are used as or in place of a ledger, settlement engine, or system of financial record; for the avoidance of doubt, use of Deliverables as monitoring or validation layers operating alongside such systems is not an excluded use.
- Medical-related systems
- Safety-critical systems
- Aerospace, automotive, or military applications
- The Client warrants it will not use Deliverables for Excluded Uses. Any proposed use of Deliverables for an Excluded Use must be agreed in writing by both parties and is subject to the express prior approval of the Provider’s professional indemnity insurers. The Provider reserves the right to decline any such request without obligation or liability.
- The Client shall indemnify and hold harmless the Provider from claims, losses, or liabilities arising from Client misuse of the Services or Deliverables, or from content/data supplied by the Client.
9. Force Majeure
- Neither party is liable for failure or delay caused by events beyond reasonable control (Force Majeure Event).
- The affected party shall notify the other and take reasonable steps to mitigate the effects.
- If the event continues for over sixty (60) days, either party may terminate with written notice.
10. Alternate Dispute Resolution (ADR)
- Parties shall attempt to resolve disputes by good faith negotiation in the first instance.
- If unresolved within thirty (30) days, the matter shall be referred to mediation administered by the Centre for Effective Dispute Resolution (CEDR), an independent UK-based organisation providing professional mediation services, before litigation.
- Nothing in this Section prevents either party from seeking urgent injunctive relief from the courts of England and Wales.
11. Termination
- Either party may terminate a PAYG engagement by giving not less than one (1) month’s prior written notice to the other party.
- Either party may terminate an Enterprise Support engagement by giving not less than three (3) months’ prior written notice to the other party.
- Training and Integration engagements may be terminated by either party upon written notice at any point prior to completion. Upon termination: the training delivery fixed fee is non-refundable and shall be retained by the Provider in full as consideration for the training programme delivered or commenced; hours recorded under the integration support component up to the effective termination date shall be invoiced in arrears in accordance with Section 2. No minimum notice period shall apply to the termination of a Training and Integration engagement.
- Either party may terminate any engagement with immediate effect by written notice if the other party materially breaches these Terms and fails to remedy such breach within thirty (30) days of receiving written notice specifying the breach in reasonable detail.
- Upon termination of any engagement, the Client shall pay the Provider for all Services performed and expenses incurred up to the effective date of termination, including the Minimum Monthly Retainer for the billing period in which termination occurs, invoiced in accordance with Section 2.
- On termination of any engagement, the Provider shall delete all Client configuration assets held by the Provider, including any .jemp exports, within thirty (30) days of the effective termination date, and shall confirm deletion to the Client in writing. Notwithstanding this, the Provider may retain such assets for a period of up to six (6) years from the termination date where retention is required to satisfy legal obligations or to defend against a potential claim. Assets retained under this exception shall be held securely, used for no other purpose, and deleted promptly on expiry of that period or earlier resolution of any relevant matter. The Provider shall confirm deletion to the Client in writing at that time.
12. Entire Agreement and Variations
- This Agreement, together with any Work Orders, constitutes the complete agreement between the parties and supersedes all prior discussions, representations, and understandings.
- Variations are effective only if: a. Written letter of variation signed by authorised representatives; or b. Replaced by a superseding agreement explicitly stating it constitutes the complete agreement.
- Each party acknowledges it has not relied on any representation not expressly set out in this Agreement.
13. Governing Law and Jurisdiction
- These Terms are governed by the laws of England and Wales.
- Subject to Section 10 (ADR), the courts of England and Wales have exclusive jurisdiction over any dispute arising under or in connection with this Agreement.
14. Miscellaneous
- Severability: If any provision of this Agreement is found to be invalid, unlawful, or unenforceable, that provision shall be severed and the remaining provisions shall continue in full force and effect.
- Assignment: Neither party may assign nor transfer any rights or obligations under this Agreement without the prior written consent of the other party.
- Notices: Any formal notice under this Agreement must be in writing and delivered by email or by post to the addresses notified by the parties from time to time.
- Non-Waiver: A failure or delay by either party to enforce any right or remedy under this Agreement shall not constitute a waiver of that right or remedy, nor shall a single or partial exercise of any right or remedy preclude further exercise of that or any other right or remedy.
- Non-UK Tax Obligations: The Provider is a UK-registered entity operating within HMRC’s compliance regime. Clients are solely responsible for satisfying all applicable tax, withholding, regulatory, and reporting obligations in their respective jurisdictions arising from engagement with the Provider, including but not limited to withholding taxes, service taxes, digital services taxes, and any deductions required by local law. The Provider shall not be liable for any tax obligations arising outside the United Kingdom, and any such deductions shall not reduce the fees payable to the Provider unless expressly agreed in writing in the relevant Work Order. Clients engaging from jurisdictions where local tax or withholding obligations may apply are encouraged to confirm the position with their own advisors prior to Work Order acceptance.
15. Independent Status and Representations
JOL operates as an independent contractor and is not an employee, agent, or partner of any Client, intermediary, or third party engaged in connection with the Services. No Client, subcontracting party, or intermediary is authorised to:
- Make representations on behalf of JOL or its personnel;
- Hold out JOL or its personnel as employees, staff, or exclusive resources of any other entity;
- Include JOL or its personnel in proposals, tenders, or submissions to third parties without prior written consent from JOL;
- Submit JOL or its personnel details in visa applications, government submissions, or regulatory filings without prior written consent from JOL;
- Make technical representations about the capabilities, limitations, or compatibility of the Jube platform to any third party or end Client without prior written approval from the Provider;
- Seek to influence or represent influence over the Jube product roadmap, development priorities, or release schedule on behalf of JOL, or represent to any third party that such influence exists, without prior written consent from JOL.
Any such representation made without written consent is unauthorised and shall not bind JOL. The Provider reserves the right to withdraw from any engagement where this clause has been breached, without liability.
Where an intermediary repeatedly draws on Provider time in connection with their own client delivery — whether framed as support queries, presales activity, or otherwise — and that activity appears to the Provider to be substantively co-delivery in nature, the Provider will raise this with the intermediary in the first instance with a view to agreeing an appropriate co-delivery Work Order. Where no such agreement is reached within a reasonable time, the Provider reserves the right to invoice that time at the co-delivery rate and to require a co-delivery Work Order before continuing engagement.
16. Expert of Record
- The Expert of Record designation is available to Enterprise Support Clients whose Minimum Monthly Retainer, as specified in the applicable Work Order, meets or exceeds the hours threshold, and whose engagement maintains the check-in cadence, specified for that purpose in that Work Order. No infrastructure review, sign-off, or operational audit is a precondition of the designation; it is a factor of committed support hours and check-in cadence only.
- Where a Client’s Minimum Monthly Retainer is varied such that it no longer meets the applicable threshold, or where the Client does not maintain the check-in cadence required under clause 16.4, the Expert of Record designation shall lapse with effect from the start of the next billing period, and the Provider shall confirm this to the Client in writing. Where the threshold and cadence are subsequently restored, the designation shall resume from the start of the next billing period following restoration.
- While holding the Expert of Record designation, the Provider acts as the named technical authority on the Client’s Jube implementation for the purposes of governance, audit, and regulatory documentation. This is a naming and documentation function only; it does not entail infrastructure sign-off, Runbook authority, or any approval dependency over the Client’s operation of the platform, consistent with the Preamble.
- Because Expert of Record designation is only available to Enterprise Support Clients, who separately receive 24/7 callout coverage under clause 3.12, the Provider’s ability to respond effectively to a callout depends on maintaining current familiarity with the Client’s implementation. Accordingly, Clients holding the Expert of Record designation shall maintain a periodic technical account review check-in with the Provider, at the cadence specified in the applicable Work Order and no less frequently than quarterly, conducted asynchronously in accordance with Section 3 wherever practicable. Time spent on a check-in is recorded and billed as ordinary Services time in accordance with Section 2 and Appendix B, drawn against the Client’s Minimum Monthly Retainer or billed as an overage in the same manner as any other Services time. The check-in does not entail the production or ongoing maintenance of documentation, configuration records, or reports on the Client’s behalf.
- The Provider accepts no liability for outcomes arising from the Client’s infrastructure, deployment, or architectural decisions, whether or not the Provider holds the Expert of Record designation at the relevant time.
17. Diagnostic Information Requirements
- As a condition of support engagement, the Client shall provide the Provider with sufficient diagnostic information to assess and investigate the reported issue. The minimum required information is: a. Relevant application and infrastructure logs covering the period of the incident; and b. A .jemp capturing the current tenant configuration at the time of the incident.
- Where the Client is unable or unwilling to provide the minimum diagnostic information specified in clause 17.1, the Provider reserves the right to defer or decline support engagement until such information is made available. Where a Client is unable to provide the required information due to data protection or regulatory obligations, the parties shall cooperate in good faith to agree an appropriately anonymised or redacted alternative.
- Where Services are engaged through an intermediary, the Provider reserves the right to request diagnostic information directly from the named end Client if the intermediary is unable or unwilling to provide it within a reasonable timeframe. The intermediary shall not unreasonably withhold or delay the transmission of diagnostic information.
- The Provider shall treat all diagnostic information as Confidential Information in accordance with Section 4. The Client shall ensure that any diagnostic exports are appropriately anonymised or masked in accordance with their data handling obligations prior to transmission to the Provider.
- The Provider shall not be liable for misdiagnosis or failure to resolve incidents where diagnostic information provided is incomplete, inaccurate, or withheld.
18. Security Patching and Vulnerability Management
- The Provider shall make reasonable efforts to address credible, documented security vulnerabilities identified in the Jube platform software through timely patches and releases, prioritised according to the severity and exploitability of the vulnerability as assessed by the Provider.
- The Provider’s obligation under clause 18.1 extends to vulnerabilities identified through credible security scanning tools and recognised vulnerability databases (such as the National Vulnerability Database), where such vulnerabilities relate directly to Jube’s core platform software and its documented dependencies.
- The Provider does not accept responsibility for vulnerabilities arising from the Client’s infrastructure, hosting environment, third-party dependencies outside Jube’s documented stack, or modifications made outside the supported extensibility framework.
- The Client is responsible for applying patches and releases provided by the Provider in a timely manner. The Provider shall not be liable for security incidents arising from the Client’s failure to apply available patches.
- Security patching obligations under this Section apply to Enterprise Support arrangements. PAYG clients receive patches as and when released but have no guaranteed response timeline.
19. Regulatory Feature Mapping
Regulatory feature mapping is an Enterprise Support benefit. The Provider maintains Jube’s feature set with the objective of supporting compliance with applicable AML and fraud detection regulatory requirements, and provides mapping of platform functionality against the Client’s applicable regulatory requirements as part of Enterprise Support. This does not constitute legal advice or regulatory advice, and is provided without warranty as to the sufficiency of any implementation for the Client’s specific regulatory obligations. The Client remains solely responsible for its own regulatory compliance and for obtaining appropriate legal and compliance advice. PAYG and Training and Integration Clients do not receive regulatory feature mapping as part of their engagement, though the Provider may respond to an ad hoc regulatory query as ordinary billable Services time upon request.
Regulatory feature mapping is conducted on the basis that the relevant regulations, guidance, and technical standards are available in the English language. The Provider shall not be obliged to interpret, translate, or assess regulatory materials that are not available in English. Clients operating under regulatory frameworks not published in English are encouraged to raise this with the Provider at the outset of engagement, so that the parties can agree in advance on the scope and limitations of any regulatory mapping work. The Provider accepts no liability for mapping conducted on the basis of translated materials provided by the Client without prior agreement.
20. AGPLv3 Licence and End User Compliance
- Jube is distributed under the GNU Affero General Public License Version 3 (AGPLv3). The AGPLv3 licence is a contract between the intellectual property owner — Jube Operations Limited — and any party that uses, deploys, or interacts with the Jube software. This relationship exists by operation of the licence and cannot be modified, transferred, assigned, or extinguished by any intermediary or third party.
- Any end user of the Jube software — whether engaging with the Provider directly or through an intermediary — accepts the terms of the AGPLv3 licence by virtue of their use of the software. No separate agreement with an intermediary constitutes acceptance of the AGPLv3 on the end user’s behalf, nor does it discharge the end user’s obligations under the licence.
- Intermediaries engaging the Provider in connection with an end user deployment shall inform the end user of their obligations under the AGPLv3 licence prior to deployment. No intermediary shall represent to the end user that the software is proprietary, closed-source, or that the end user’s AGPLv3 obligations have been satisfied or waived by virtue of any commercial arrangement with that intermediary.
- The end user is solely responsible for maintaining compliance with the AGPLv3 licence in respect of their use and deployment of the Jube software, including any obligation to make source code available where required by the licence. The Provider accepts no liability for the end user’s failure to comply with the AGPLv3, but reserves the right to enforce its intellectual property rights against any party in breach.
- Configuration Artifacts, as defined in these Terms, remain the proprietary intellectual property of the party that created them and are not subject to the AGPLv3 licence, consistent with the documented extensibility framework of the Jube platform. This clause does not affect the AGPLv3 obligations of any party in respect of Jube’s core platform software.
- The boundary between independent tooling and a derivative work of the Jube platform requires honest consideration by any party building on Jube’s APIs or extensibility framework. Integrations that interact with Jube through its published APIs are generally independent — but not automatically so. Where tooling exists solely to present Jube’s functionality under a different form — including but not limited to a reskinned or rebranded user interface — the derivative work provisions of the AGPLv3 are likely engaged regardless of how that tooling is described or structured. The tightness of the coupling and the purpose of the work are the operative considerations, not its name or commercial framing. The Provider does not make that determination on behalf of any party. Parties uncertain of their position should take appropriate legal advice. Any representation to the end Client that such tooling is proprietary or independent of the AGPLv3 without proper legal basis shall constitute a breach of clause 20.3.
The Provider maintains a plain language AGPLv3 compliance guide at jube-agplv3-open-source-compliance, which sets out its interpretation of common deployment and integration scenarios. That guide does not form part of this Agreement but reflects the Provider’s current position and is updated from time to time. Where any inconsistency arises between the guide and this Agreement, this Agreement prevails.
21. Direct Communication with End Clients
- Where Services are engaged through an intermediary, the Provider reserves the right to communicate directly with the named end Client in connection with the delivery of Services, the performance of obligations under these Terms, or the exercise of its rights, including but not limited to: a. the issue or reissue of a Service Activation Letter under clause 1.5; b. the request for diagnostic information under clause 17.3; c. the notification of AGPLv3 licence obligations under clause 20; and d. any circumstance where the intermediary’s conduct may affect the Provider’s ability to perform its obligations or protect its interests.
- The exercise of this right shall not be construed as bypassing or replacing the intermediary’s role under the applicable Work Order, but as a necessary safeguard in the interests of the end Client and the integrity of the Services.
- Intermediaries shall not instruct or seek to prevent the Provider from communicating directly with the named end Client.
22. Professional Indemnity and Liability Insurance
The Provider maintains Professional Indemnity insurance with a UK-authorised insurer. The specific level of coverage in force at any time is particularised in the applicable Work Order and is confidential between the parties. Notwithstanding, £1,000,000 per claim represents the upper limit of coverage that JOL will seek to maintain, and no Client should expect or request coverage beyond this level. Evidence of current coverage is available on request.
Clients whose governance requirements call for higher indemnity thresholds are encouraged to consider engaging through a larger implementation partner or system integrator within whose value chain the Provider may participate in a capacity that is commercially and contractually appropriate for all parties.
For the avoidance of doubt, this Section applies solely to parties engaged with the Provider under a Work Order. The use of Jube as AGPLv3-licensed software carries no insurance or indemnity obligations on the part of the Provider, and any rights and obligations arising from that licence are governed exclusively by its terms.
23. Co-Delivery
- Co-delivery is a distinct service arrangement under which the Provider works alongside an intermediary’s team in the direct delivery of a Jube implementation to an end Client. Co-delivery is not a support service, does not form part of any existing support arrangement, and is not included within Technical Presales. Any co-delivery engagement requires a separate Work Order.
- The Provider reaffirms, in the context of any co-delivery engagement, its commitment to operating within its defined part of the value chain as set out in the Preamble. The Provider’s participation is as a specialist technical contributor and for no other purpose.
- Where an intermediary repeatedly draws on Provider time in connection with their own client delivery — whether framed as support queries, presales activity, or otherwise — and that activity appears to the Provider to be substantively co-delivery in nature, the Provider will raise this with the intermediary in the first instance with a view to agreeing an appropriate co-delivery Work Order. Where no such agreement is reached within a reasonable time, the Provider reserves the right to invoice that time at the co-delivery rate and to require a co-delivery Work Order before continuing engagement.
- The Provider’s role in a co-delivery engagement is as a specialist technical contributor alongside the intermediary’s team. It does not constitute assumption of the intermediary’s delivery obligations, project management responsibilities, or client relationship. The intermediary remains solely responsible for their own delivery commitments to the end Client.
- Intellectual property produced during a co-delivery engagement shall vest in accordance with Section 6, as particularised in the applicable Work Order. Where Deliverables are produced jointly by the Provider and the intermediary’s team, the Work Order shall specify ownership clearly. In the absence of such particularisation, IP produced by the Provider shall vest in the end Client upon payment of the Provider’s fees, and IP produced solely by the intermediary’s team shall remain with the intermediary or vest in the end Client as agreed between those parties independently.
- The intermediary shall ensure that the end Client is informed of the Provider’s role and independent status prior to commencement of any co-delivery engagement, consistent with Section 15.
- Co-delivery engagements are only available where the co-delivery Work Order commits sufficient hours to meet the Expert of Record threshold under Section 16 for the full duration, such that the Provider holds the Expert of Record designation throughout the engagement. The Provider will not enter into a co-delivery engagement on any other basis.
Appendix A: Data Processing (GDPR)
1. Role as Data Processor
JOL acts as a data processor under GDPR. In practice, JOL does not collect, store, or process Personal Data in the course of providing the Services. All data handled during engagements is masked or anonymised prior to any involvement by JOL, and JOL does not have access to raw Personal Data. In the unlikely event that Personal Data is incidentally disclosed, JOL will process it only according to Client instructions and solely to the extent necessary to perform the Services.
2. Purpose of Processing
JOL processes Personal Data solely to:
- Provide, manage, and improve Services
- Maintain security and integrity
- Comply with legal obligations
3. Data Sharing and Transfers
JOL does not sell Personal Data. Transfers outside the UK/EEA are made only where appropriate GDPR safeguards are in place.
4. Data Retention
Data is retained only as instructed by the Client or as required by applicable law.
5. Security
JOL implements appropriate technical and organisational measures to protect Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, or damage.
6. Sub-processors
Third-party sub-processors may be used. All sub-processors are bound by GDPR-equivalent obligations.
7. Data Subject Rights
JOL assists Clients in responding to data subject requests:
- Access, rectification, erasure
- Restriction, objection
- Data portability
- Withdrawal of consent
8. Contact
For enquiries: support@jube.io
Appendix B: Basis of Time Recording
1. Purpose
1.1 This Appendix sets out the basis on which time spent on asynchronous communications, scheduled meetings, and engagement administration is recorded and charged under the Agreement.
1.2 This Appendix forms part of the Jube Terms of Service (JTOS) and should be read in conjunction with it, in particular Section 2 (Fees and Payment) and Section 3 (Service Delivery).
2. Principle of Cognitive Engagement
2.1 Time is recorded on the basis of genuine cognitive engagement rather than message transmission time or meeting clock time alone. Billable time includes the time reasonably spent reading, contextualising, reasoning, drafting, preparing, and reviewing, in addition to direct communication or meeting time.
2.2 The Provider does not apply unit-based rounding. Time is recorded to the nearest minute actually engaged.
2.3 Time spent on Jube platform development, product roadmap activity, or any work of general application to the platform is not billable and is conducted solely at the Provider’s expense. Only time directly attributable to the Client’s engagement under a Work Order is recorded and charged.
3. Asynchronous Communications
3.1 The following activities constitute billable time when conducted through asynchronous channels:
- a. Reading and re-reading a thread or prior correspondence to establish context before responding;
- b. Reasoning, analysis, or research required to formulate a response;
- c. Drafting, reviewing, and revising a response prior to sending;
- d. Follow-up review of sent communications where substantively required by the nature of the Services.
3.2 Incidental or administrative communications of a transactional nature (e.g. scheduling confirmations, acknowledgements) are not typically recorded as billable time.
3.3 This section applies to all asynchronous communication and task-tracking channels through which Services are delivered, currently including:
- a. WhatsApp (dedicated Jube support channel); and
- b. Jira (ticket descriptions, notes, and time entries relating to a discrete task raised under Section 3).
3.4 The Provider reserves the right to update the list of covered channels by written notice to the Client.
4. Provider-Initiated Communications
4.1 The Provider may, at its discretion, initiate communications with the Client to share notices, observations, or guidance of direct relevance to the Client’s specific configuration or engagement. Such communications will only be made where the Provider considers them material and nuanced to the Client’s circumstances; general platform guidance is not delivered through this mechanism.
4.2 Time recorded in respect of any single provider-initiated communication, including preparation and sending, shall not exceed six (6) minutes. The Client is under no obligation to respond, and any decision to engage further rests solely with the Client and will be treated as a client-initiated interaction from that point.
4.3 General guidance, platform updates, and broader advisory content are disseminated through the Provider’s monthly newsletter, to which the Client is encouraged to subscribe. Such content does not form part of the Services and is not billable.
5. Scheduled Meetings
5.1 Scheduled meetings are billed as a single contiguous engagement encompassing reasonable preparation, the meeting itself, and reasonable wrap-up, including follow-up notes and actions recorded immediately after the meeting.
5.2 Preparation and wrap-up time are not charged separately from the meeting; they are treated as integral to it.
6. Engagement Administration
6.1 The Provider maintains comprehensive, indexed records in connection with each Client engagement. These include but are not limited to client notes, task records, Jira tickets, interaction logs, and related documentation maintained in the Provider’s notes and knowledge management systems.
6.2 Time reasonably spent on such administration — including creating, updating, and organising records directly relating to the Client’s engagement — is billable as engagement administration time and will be recorded accordingly in the Provider’s internal records.
6.3 The Provider exercises reasonable discretion in recording only administration time that is directly attributable to the Client’s engagement and proportionate to the nature of the Services being delivered.
7. Email Communications
7.1 Email is not a primary service request channel and is not subject to the response time commitment in clause 3.3 of the Terms.
7.2 Where communications are received by email, the Provider will, where practicable, redirect them to WhatsApp. Time spent reading, triaging, and redirecting email communications is billable where it constitutes genuine cognitive engagement as described in Section 2 of this Appendix.
7.3 Email communications are subject to the same time recording principles as set out in Section 2 of this Appendix. The Provider’s preferred channel for service delivery remains WhatsApp, and the Client is encouraged to use it in preference to email.
8. Recording and Transparency
8.1 Time Records are submitted to the Client monthly in accordance with the Time Records definition set out in the Definitions section of the Agreement, and the billing obligations set out in clause 2.3.
8.2 The Provider maintains contemporaneous records of time engaged, available for Client review on request.