Book a Demo

Terms and Conditions

Data Safe Solutions EULA

Smart Wipe Engine – DSS Data Destruction Engine for Block Storage

Overview

The Smart Wipe Engine is a patent-published software platform that automatically determines, executes and verifies data destruction on block storage devices without any manual method selection by the operator.

The Platform operates as a fully controlled execution environment and records the final data state of each Asset.

Unlike traditional approaches which rely on confirmation that a process has been performed, the Platform is designed to verify the Data Destruction Outcome of each Asset.

Platform Model

The Platform facilitates and controls data destruction activities performed by or on behalf of the Customer.

The Customer is responsible for the physical handling and presentation of Assets.

The Platform is responsible for the execution, verification and recording of each Execution Event.

Outcome-Based Model

Under this Agreement, the primary deliverable is the Data Destruction Outcome.

A Data Destruction Outcome is achieved only where the Platform records an Execution Event as successfully completed.

Where a Successful Execution Event is recorded, the Platform provides a device specific Certificate confirming that data has been destroyed and is irrecoverable.

Where a Successful Execution Event is not recorded, no such confirmation is given.

This Agreement reflects that distinction.

  1. Definitions

Execution Event: a process initiated and controlled by the Platform in respect of an Asset for the purpose of performing data destruction.

Successful Execution Event: an Execution Event recorded by the Platform as successfully completed following execution and verification.

Failed Execution Event: an Execution Event not recorded as successfully completed.

Platform: the software system and associated technology provided by the Supplier which determines, initiates, executes and verifies data destruction processes.

Smart Wipe Engine: the patent-published automated component of the Platform that selects, applies and verifies the correct destruction method for each Asset without any manual intervention by the operator.

Data Destruction Outcome: the final data state of an Asset in which data cannot be accessed, retrieved, reconstructed or otherwise recovered using currently known data recovery techniques and tools.

Certificate: the document generated by the Platform confirming the outcome of a Successful Execution Event.

Asset: any data bearing device, whether standalone storage media or part of a host device.

Verification: automated processes performed by the Platform to confirm the Data Destruction Outcome.

Evidential Record: system generated record of an Execution Event including asset data, execution parameters, verification results and outcome status.

  1. Platform Model

2.1 The Supplier provides the Platform to facilitate, control, execute and verify data destruction.

2.2 The Platform determines and manages each Execution Event without manual method selection.

2.3 The Customer is responsible for physical handling and presentation of Assets.

2.4 The Supplier does not provide manual destruction services.

  1. Data Destruction Outcome Warranty

3.1 For each Successful Execution Event, the Supplier warrants that the Platform has verified and recorded that the final data state of the Asset is irrecoverable (i.e. all data on the Asset cannot be accessed, recovered or reconstructed using currently known data recovery techniques and tools).

3.2 This outcome is determined solely by the Platform’s automated execution and verification processes.

3.3 Warranty applies only to Successful Execution Events.

3.4 No warranty applies to Failed Execution Events.

  1. Liability for Platform Outcome

4.1 The Supplier shall be liable where the Platform records an Execution Event as successfully completed but the outcome described in clause 3.1 has not been achieved.

4.2 The Supplier shall have no liability where:

(a) the Platform has not recorded the Execution Event as successfully completed;
(b) the Customer has failed to comply with clause 6;
(c) the Asset has been altered, damaged or interfered with following completion; or
(d) the Asset presented was not the Asset identified in the relevant record.

  1. Verification and Evidence

5.1 The Platform performs Verification as part of each Execution Event.

5.2 The Platform generates an Evidential Record for each Successful Execution Event.

5.3 A Certificate is issued for each Successful Execution Event.

5.4 The Certificate is the formal and definitive record of the Data Destruction Outcome.

5.5 The Certificate and Evidential Record are designed to be tamper-evident and constitute the definitive record for the purposes of demonstrating compliance with Data Protection Legislation.

  1. Execution Requirements

6.1 The Customer shall ensure that all Assets are:

(a) correctly presented, whether as standalone storage media or part of a host device;
(b) capable of being accessed by the Platform; and
(c) free from external interference.

6.2 The Customer shall not interfere with any Execution Event.

6.3 The Customer is responsible for all physical handling, storage and environment.

6.4 The Supplier has no liability where failure arises from:

(a) Customer non-compliance; or
(b) a Failed Execution Event.

  1. Treatment of Failed Execution Events

7.1 The Customer shall not treat any Asset subject to a Failed Execution Event as having achieved a Data Destruction Outcome. The Customer acknowledges that the data on such Assets may remain accessible and that alternative destruction methods (including physical destruction) must be applied.

  1. Failed Execution Events

8.1 A Failed Execution Event is any Execution Event not recorded as successful.

8.2 The Supplier has no liability for such Assets.

8.3 Failures may arise from damage, faults or inaccessibility.

8.4 Failed Execution Events remain chargeable unless the failure is caused solely by a fault in the Platform.

  1. Commercial Model and Charges

9.1 Charges are based on Execution Events initiated by the Platform.

9.2 The Customer shall be charged for every Execution Event, regardless of whether the Event is recorded as Successful or Failed.

9.3 The only exception is where the Platform records a Failed Execution Event that is caused solely by a fault in the Platform itself; in such cases the Supplier shall not charge for that Event (or shall issue a credit if already invoiced).

9.4 The Supplier may review and adjust charges annually.

9.5 Adjustments shall reflect operating costs, market conditions or Platform development and shall not exceed CPI unless otherwise agreed.

9.6 The Supplier shall provide 60 days’ written notice of any adjustment.

  1. Billing

10.1 Monthly invoicing in arrears.

10.2 30 day payment terms.

10.3 Access may be suspended for non-payment.

  1. Certificates and Records

11.1 Certificates are issued for all Successful Execution Events.

11.2 Certificates are definitive evidence of outcome.

11.3 Evidential Records shall be made available via the Platform.

11.4 The Customer may use such records for audit and compliance purposes.

  1. Platform Use

12.1 The Customer is granted a limited right to use the Platform.

12.2 The Customer shall not reverse engineer, replicate or misuse the Platform.

  1. Regulatory Alignment

13.1 The Platform is designed to support compliance with Data Protection Legislation.

13.2 Certificates and records support accountability under Articles 5(1)(f), 24 and 32 UK GDPR.

  1. Performance

14.1 The Platform is designed to operate efficiently and at scale.

14.2 Execution times may vary depending on Asset condition and configuration.

14.3 No execution time is guaranteed.

  1. Liability

15.1 Liability under clause 4.1 (Platform Outcome) is uncapped. All other liability is capped at 125% of the fees paid or payable under this Agreement in the twelve months preceding the claim.

15.2 Indirect losses are excluded.

15.3 No liability applies outside Platform scope.

  1. Insurance

16.1 The Supplier shall maintain professional indemnity insurance with a reputable insurer at a level appropriate to the risks associated with the Platform and its obligations under this Agreement.

16.2 The Supplier shall, upon reasonable request, provide evidence of such insurance.

16.3 The existence of insurance shall not limit or restrict the Supplier’s liability under this Agreement.

  1. Term and Termination

17.1 This Agreement shall commence on the Commencement Date and continue for an initial term of five (5) years (Initial Term).

17.2 Following expiry of the Initial Term, this Agreement shall automatically renew for successive periods of one (1) year (each a Renewal Term) unless either party gives not less than 90 days’ written notice prior to the end of the Initial Term or the then current Renewal Term.

17.3 Neither party may terminate this Agreement for convenience during the Initial Term.

17.4 Notwithstanding clause 17.3, the parties may agree in writing to vary the commercial terms of this Agreement where there is a material change in the Customer’s requirements or operational environment.

17.5 The Supplier may suspend or terminate access to the Platform immediately where:

(a) the Customer fails to pay any undisputed invoice within 14 days of the due date;
(b) the Customer commits a material breach of this Agreement.

17.6 Certificates issued prior to termination shall remain valid and effective.

  1. Intellectual Property

18.1 All Platform IP remains with the Supplier.

18.2 No rights granted beyond use.

  1. System of Record

19.1 The Certificate and associated Evidential Record generated by the Platform shall constitute the authoritative and definitive record of the outcome of each Execution Event.

19.2 In the event of any dispute, the records generated by the Platform shall prevail unless demonstrated to be incorrect.

  1. General

20.1 This Agreement constitutes the entire agreement between the parties.

20.2 This Agreement is governed by the laws of England and Wales.