Service Terms & Conditions

Service Agreement Terms

1. Formation of contracts

All contracts for the provision of services on behalf of LSP Leadership Ltd as specified in the Statement of Work (“SOW”) and in any other linked documentation shall be deemed to be made upon and subject to these terms of business. No variation of or addition to these terms of business shall form part of any contract unless specifically expressed and accepted by both parties in writing. Any variation to work carried out on behalf of LSP Leadership not covered in the proposal or letter will be the subject of separate arrangements and confirmed in writing.

2. Scope of Services

LSP Leadership Ltd agrees to provide consultancy, coaching, training, and other services as specified in the Statement of Work and any linked documentation.

3. Delivery of Services

LSP Leadership Ltd commits to deliver services that meet the Client's full requirements as specified in the Statement of Work and any linked documentation.

4. Fees and Payment Terms

  • The Client agrees to pay for services delivered at the rates set out in the contract/Statement of Work.
  • No work will be undertaken without written agreement from the Client.
  • Rates are subject to review from 1 January each year and may change due to major fluctuations in applicable foreign exchange rates.
  • Daily fees are based on an eight-hour working day; part days are rounded up to the nearest half day.
  • Payment terms are 30 calendar days from the date of invoice.
  • Late payment of invoices will incur interest at the rate of 10% above the Bank of England base rate, calculated daily from the due date.

5. Invoicing

LSP Leadership Ltd will raise one invoice per intervention. Additional invoices requested by the Client may incur an administrative charge.

6. Approved Subcontractors

LSP Leadership Limited uses Subcontractors to perform specified obligations under the Statement of Work. All Subcontractors are required to complete a Material Subcontractor Attestation and Due Diligence Questionnaire as a part of the iron boarding with LSP Leadership Ltd. This is reviewed annually.

7. Cancellation or Postponement of Work

  • Work cancelled or postponed within 28 calendar days of the scheduled start date will incur a % of scheduled fees as set out in the Statement of Work, plus any non-refundable expenses.
  • Work cancelled or postponed more than 28 calendar days in advance will not incur charges.
  • If LSP Leadership Ltd is unable to deliver services due to illness or accident, efforts will be made to provide a replacement or reschedule the services.

8. Expenses

The Client agrees to pay for all additional expenses associated with the delivery of services, including travel, accommodation, materials, room hire and other related costs.

9. Confidentiality

Both parties agree to maintain the confidentiality of any proprietary or sensitive information disclosed during the engagement. This obligation shall survive the termination of the Statement of Work.

10. Intellectual Property

Any intellectual property that a party already owns before the SOW remains its exclusive property. All intellectual property developed by LSP Leadership Ltd during the provision of services shall remain the property of LSP Leadership Ltd. The Client agrees not to disclose or use these materials without prior written consent.

11. Cyber Security

LSP Leadership Ltd is Cyber Essentials Plus certified and is currently awaiting Cyber Assurance L2 accreditation (as at Mar 2025 and having already achieved L1in Jan 2025).

12. Data Processing

  • The Client is the data controller, and LSP Leadership Ltd is the data processor.
  • LSP Leadership Ltd will process personal data only as necessary to perform the services and in accordance with the Client's instructions and applicable data protection laws. (See appendix 1.1 for further information)
  • LSP Leadership Ltd will take appropriate measures to protect personal data and assist the Client in fulfilling its data protection obligations.
  • Any data used by LSP Leadership Ltd for the provision services relating to the Statement of Work will be deleted within 6months of the date of completion of the project unless the Client deems it necessary to extend this period for any reason.

LSP Leadership Ltd is Cyber Essentials Plus certified and is currently awaiting Cyber Assurance L2 accreditation (as at Mar 2025 and having already achieved L1in Jan 2025).

13. Publicity

The Client agrees that LSP Leadership Ltd may use the Client's name and logo in its client portfolio. Detailed case studies or descriptions of the work will only be published with the Client's prior permission.

14. Staff and Associate Consultants

The Client agrees not to make offers of employment to LSP Leadership Ltd staff or associate consultants without written consent.

15. Termination of Contract:

  • The Client may terminate the contract with 28 calendar days' written notice. A % of fees are chargeable for all work scheduled during this period as per Statement of Work.
  • LSP Leadership Ltd may terminate the contract with 28 calendar days' written notice and agrees to fulfil all scheduled commitments during this period.

16. Governing Law

The Statement of Work shall be governed by and construed in accordance with the laws of England and Wales.

17. Dispute Resolution

Any disputes arising out of or in connection with the Statement of Work shall be resolved through mediation or arbitration before resorting to legal action.

18. Force Majeure

  • Neither party shall be liable for any failure to perform its obligations due to events beyond its reasonable control, including natural disasters, war, or other unforeseen events.
  • LSP Leadership Ltd shall not be liable to the Client if LSP Leadership Ltd are unable to perform the services described in this Agreement as a result of any cause beyond their reasonable control. In the event of any such occurrence affecting LSP Leadership Ltd, the Client shall be notified as soon as is reasonably practicable.
  • Force majeure events shall not relieve the Client of its obligation to pay for services already rendered.

19. Entire Agreement

The Statement of Work, together with any attachments or exhibits, constitutes the entire agreement between the parties and supersedes all prior agreements or understandings, whether written or oral.

Appendix 1.1

Personal Data

Upon successful award of the contract and depending on the nature and purpose of personal data, LSP Leadership can undertake a Data Protection Impact Assessment (DPIA) as required.

It is important to note that LSP Leadership only utilises public cloud offerings from Microsoft. Apart from desktop and laptop computers, there is no physical infrastructure, or private data centres utilised in the provision of IT Services. All staff work from home locations on individual company machines, so a network diagram would not assist in any further understanding of this very basic set up.

LSP utilise several layers of control to protect their data assets utilising the built-in controls from Microsoft 365 and third party tools.

Access Control: All users have their own individually unique login to any systems they use, and all users have MFA enabled, along with conditional access for access to only known locations of devices.

Security Monitoring: Audit logs are kept for 90 days from the M365 environment and are automatically reviewed to raise incidents for escalation. Such incidents may include events for escalation such as:

  • Risky IP address
  • Login failures
  • Admin activity
  • Inactive accounts
  • Location
  • Impossible travel
  • Device and user agent
  • Activity rate

LSP also operates all company devices on a zero trust principle with MDR. Unless something is explicitly allowed to run, then a default deny is in place. This is also backed up with a 24/7 service where any IOCs are reported by phone for escalating, and machines can be locked down remotely.

All company machines are remotely monitored and managed for the deployment of security updates and as stipulated by their holding of Cyber Essentials Plus, any high and critical severity updates (those with a CVSS score of 7.0 or more) are deployed within 14 days.

All data is encrypted at transit and at rest within the Microsoft 365 public cloud environment, with individual company machines also having encrypted local hard drives, using native manufacturers methods, namely bitlocker or filevault.

All data is stored in our Microsoft public cloud environment, for details of the Microsoft 365 encryption standards please see https://learn.microsoft.com/en-us/purview/encryption

The Microsoft data centres used are the UK, Dublin and Amsterdam for data storage and processing.

Data held within our Microsoft environment is segregated on the principle of ‘least privilege’ meaning that only those requiring access to the data for their work, will be granted access, no one with in the environment operates with administrative privileges.

LSP Leaderships Microsoft 365 environment is hardened beyond its default state with:

  • Multifactor Authentication
  • Conditional Access
  • Safe Links
  • Safe Attachments
  • Advanced Threat Protection
  • Anti Phishing / Spam / Malware
  • Audit Logging

LSP Leadership have an automated patch deployment system, and we are certified to Cyber Essentials Plus, any high and critical severity updates (those with a CVSS score of 7.0 or more) are deployed within14 days.

LSP Leadership also subscribe to a MDR service backed by a 24/7 SOC that proactively monitors logs, looking for IOCs as part of our IPS and IDS services from the Microsoft Environment and local devices.

No private systems are utilised to require penetration testing, only public cloud services are used. As part of our Cyber Essentials Plus we have a yearly audited vulnerability scan of local systems, and an ongoing quarterly scan to identify any vulnerabilities on an ongoing basis.

The logging across LSP Leaderships Digital Environment includes the collection of logs for automatic processing from company devices and it’s Microsoft 365 environment.

These logs are analysed for IOCs 24/7/365 by our SOC who also call us on a 24/7 basis to alert us to them and assist if required in locking down devices or accounts.

This policy has been approved & authorised by:

Name: Sharon Warner

Position: Business Manager

Date: 26/03/25

Date of last review: 26/03/26

Our commitments

Six Inches of Soil LogoCDP LogoOblong Trees LogoMarine Conservation Society Logo1% For The Planet Logo
Close Cookie Popup
Cookie Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation and analyse site usage.
Privacy Policy
Cookie Policy
Accept All Cookies
Cookie Settings
Close Cookie Preference Manager
Cookie Settings
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage and assist in our marketing efforts.
Privacy Policy
Cookie Policy
Strictly Necessary (Always Active)
Cookies required to enable basic website functionality.
Accept All Cookies
Save Settings
Made by Flinch 77
Oops! Something went wrong while submitting the form.