diff --git a/app/main/views/index.py b/app/main/views/index.py index 47780a1e7..5ced0670a 100644 --- a/app/main/views/index.py +++ b/app/main/views/index.py @@ -26,3 +26,8 @@ def cookies(): @main.route('/help') def help(): return render_template('views/help.html') + + +@main.route('/terms') +def terms(): + return render_template('views/terms-of-use.html') diff --git a/app/templates/admin_template.html b/app/templates/admin_template.html index 7f2efc0b0..573b3f1b2 100644 --- a/app/templates/admin_template.html +++ b/app/templates/admin_template.html @@ -97,6 +97,7 @@ {% block footer_support_links %} diff --git a/app/templates/views/terms-of-use.html b/app/templates/views/terms-of-use.html new file mode 100644 index 000000000..8b36de76b --- /dev/null +++ b/app/templates/views/terms-of-use.html @@ -0,0 +1,207 @@ +{% extends "withoutnav_template.html" %} + +{% block page_title %} +Terms of use – GOV.UK Notify +{% endblock %} + +{% block maincolumn_content %} + +
+
+ +

+ Terms of use +

+ +

To accept these terms, you must be the service manager for {{ session.get('service_name', 'Service') }}. If you’re not the service manager, you’ll need to invite them.

+ +
+

+ Summary +

+ +

If we accept your service onto GOV.UK Notify, we agree to:

+ + + +

You agree:

+ + + +

Before you can send real messages:

+ + +
+ +
+

+ Our side of the agreement +

+ +

+ We agree to send all the messages you pass to us +

+ +

We will send all the messages you pass to us, as long as they meet our guidelines.

+ +

We endeavour to provide continuous uptime for both accepting messages and sending them.

+ +

We’ve made sure that GOV.UK Notify can handle large volumes of messages. For email and text messages we have several delivery providers concurrently integrated. This provides GOV.UK Notify with real-time failover capability.

+ +

GOV.UK Notify is supported 24/7 for high-priority issues. We provide a ticketing system and escalation routes for service teams to address incidents.

+ +

You’ll be able to see how our service is performing on our status page.

+ +

+ We agree to keep your data secure +

+ +

GOV.UK Notify only stores personal data for the time it takes to process it and report back to you – less than 24 hours. After this time, we delete all personal data. We keep some non-personal data for logging and reporting.

+ +

GOV.UK Notify is security accredited by the Cabinet Office Senior Information Risk Officer (siro). We maintain appropriate technical and organisational measures to protect data. We make sure our subcontractors follow the same procedures.

+ +

Cabinet Office act as data processor, as parent organisation of GOV.UK Notify. Your organisation remains the data controller.

+ +

We’ll never transfer or store data on servers outside of the European Economic Area.

+ +

+ We agree to give you three months’ notice if we change these terms +

+ +

We’ll email you if you need to change these terms. We’ll tell you clearly what is changing and when the change will come into effect.

+
+ +
+

+ Your side of the agreement +

+ +

+ You agree not to compromise the security of GOV.UK Notify +

+ +

You agree to get your service accredited by your organisation’s Senior Information Risk Officer (siro). You don’t need to include accreditation of GOV.UK Notify or our delivery partners, since we’ve already done that.

+ +

You must tell us immediately if you have any security breaches. This is so we can make sure other services are not affected.

+ +

You must follow industry best practices for keeping your API keys secure.

+ +

You must not perform any load testing on GOV.UK Notify, since we’ve already done it.

+ +

+ You agree not to use GOV.UK Notify to send marketing messages +

+ +

GOV.UK Notify is for sending transactional messages.

+ +

Transactional messages relate directly to something the user did. For example:

+ +
    +
  • The user completed a transaction, you send them a confirmation email
    • +
  • The user got an MOT a year ago, you remind them that it’s about to expire
    • +
  • The user signed up for email alerts, you send them said email alerts
    • +
+ +

You don’t need to ask permission to send messages that directly relate to a transaction. By using a transaction, a user is implicitly agreeing to receive messages about that transaction.

+ +

Marketing messages don’t relate directly to something the user did. For example:

+ +
    +
  • Telling users about your webinar
    • +
  • Sending users government advice
    • +
  • Continuing to update someone about a service they no longer use
    • +
+ +

You agree not to use GOV.UK Notify to send marketing messages.

+ +

If you attempt to use GOV.UK Notify for marketing, your templates won’t pass our content review.

+ +

+ You agree to send messages consistent with our design patterns, style guide and information security guidelines +

+ +

Your messages must follow our design patterns, style guide and information security guidelines.

+ +

+ You agree to use GOV.UK Notify delivery data to continuously improve the quality of your contact data +

+ +

When you send messages through GOV.UK Notify, we provide feedback on the status of every text message, email and letter.

+ +

You agree to use our delivery data to remove bounced email addresses, mobile numbers and postal addresses from your database.

+ +

If you have consistently high bounce rates, we will investigate and may refuse to accept further messages for delivery. This is to protect delivery rates for other services using GOV.UK Notify.

+ +

+ You agree not to exceed your estimated sending volumes by more than ten percent +

+ +

As part of requesting to go live, you must estimate how many text messages, emails and letters you plan to send each year, including any spikes or seasonal variation.

+ +

If you exceed your sending limits by more than ten percent, we may refuse to accept further messages for delivery. This is to protect delivery rates for other services using GOV.UK Notify.

+ +

If you need to increase your sending limits, let us know.

+
+ +
+

+ Requesting to go live +

+ +

Before you can send real messages:

+ +
    +
  • you must tell us approximately how many text messages, emails and letters you plan to send
    • +
  • if you plan to send more than 250,000 text messages per year or any number of letters, your organisation must agree to pay any costs you run up using GOV.UK Notify
    • +
  • we will check the messages you plan to send to make sure they meet our guidelines
    • +
+ +

+ You must tell us how many text messages, emails and letters you plan to send +

+ +

You must estimate how many text messages, emails and letters you plan to send each year, including any spikes or seasonal variation.

+ +

We will make sure GOV.UK Notify is easily able to handle your estimated sending volume.

+ +

+ Your organisation must agree to pay any costs you run up using GOV.UK Notify +

+ +

If you plan to send more than 250,000 text messages per year or any number of letters, your organisation must agree to pay these costs by signing a memorandum of understanding.

+ +

If you plan to send fewer than 250,000 text messages per year or you only plan to send email, you don’t need a memorandum of understanding.

+ +

+ We’ll check your templates before you can go live +

+ +

We’ll check your templates to make sure they are transactional, not marketing, and follow our design patterns, style guide and information security guidelines.

+
+ +
+

+ Leaving GOV.UK Notify +

+ +

You can remove your service from GOV.UK Notify at any time. Contact us and we’ll delete your account.

+
+ +
+
+ +{% endblock %}