These Terms of Service (Terms) govern all access to and use of the Kota smartphone application, the Kota website at www.kota.io and any related services made available by Kota (together, the Platform) and take effect from August 2026.
These Terms apply both to (a) the entity to whom Kota provides the Services (the Customer, typically the employer), and (b) each individual authorised by the Customer to access the Platform (each a User, typically an employee). References in these Terms to “you” and “your” mean the Customer and (where the context permits) Users.
By accessing, using or interacting with the Platform you confirm that you have read, understand and agree to comply with these Terms. If you do not agree with these Terms, you must immediately stop using the Platform.
If you are signing up for, accessing, or using the Platform on behalf of a user or employer, you confirm that you have the legal authority to bind them to these Terms.
Kota may amend these Terms from time to time. Where any amendment is material (meaning an amendment that has a material adverse effect on the Customer’s use of, or rights under, the Platform), Kota will give the Customer at least 30 days’ prior notice of the amendment by email, in-app notification, or by posting an updated version of these Terms on the Kota website. Where the Customer does not agree to a material amendment, the Customer’s sole remedy is to terminate the Agreement by written notice within 30 days of the notice of the amendment, without further liability save in respect of accrued rights as at the date of termination. Continued use of the Platform following the expiry of the notice period shall constitute acceptance of the amendment. Amendments which are not material may be made by Kota at any time without notice. Notwithstanding the foregoing, Kota may make any amendment required by law, regulation or order of a regulator at any time without notice.
These Terms should be read in conjunction with the following documents, where relevant. All of these documents are made available before any Customer or User proceeds with the Services and can be found on Kota’s website:
In the event of any conflict or inconsistency between these Terms and any document referred to above (other than the Fee Letter), these Terms shall prevail. The Fee Letter shall prevail over these Terms in respect of the commercial particulars expressly addressed in it.
In these Terms, the following defined terms apply (additional definitions appear in the relevant clause where used):
Affiliate: in respect of an entity, any other entity directly or indirectly controlling, controlled by, or under common control with, that entity.
Agreement: these Terms, together with any Fee Letter, the documents listed under “Documents incorporated into these Terms”, and any Schedule or Addendum referred to in these Terms.
Confidential Information: as defined in clause 8.
Customer: the entity to whom Kota provides the Services, identified in the Fee Letter (if any) or otherwise the entity that procures or makes use of the Platform.
Customer Data: all data, content and information uploaded to, or otherwise made available by or on behalf of the Customer to, the Platform, including personal data of Users that the Customer (or a User on the Customer’s behalf) submits to the Platform.
Data Protection Laws: all data protection and privacy laws applicable to a party from time to time in the course of its performance of these Terms, including (as applicable) the EU General Data Protection Regulation (Regulation 2016/679), the UK General Data Protection Regulation, the UK Data Protection Act 2018, the Irish Data Protection Acts 1988 to 2018, and any successor or replacement legislation.
Documentation: any user guides, help materials, technical documentation or other instructional materials made available to the Customer or Users by Kota in connection with the Platform from time to time, whether in electronic form or otherwise.
Fee Letter: the written document signed by or otherwise accepted by the Customer setting out the commercial particulars (including Fees and billing date) for the Customer’s access to the Platform.
Fees: the fees payable by the Customer for the Services as set out in the Fee Letter, or (where no Fee Letter has been issued) as set out in Kota’s Schedule of Fees and Charges.
Intellectual Property Rights: all intellectual and industrial property rights, including patents, know-how, registered and unregistered trade marks, registered and unregistered designs, copyright, database rights, domain names, and any other rights in any invention, discovery, process or work.
Kota: Yonder Technology Limited (a company incorporated in Ireland, registered number 711366, registered and/or Yonder Financial Technology Limited (a company incorporated in England and Wales, registered number 14135818, registered office 34-37 Liverpool St, London EC2M 7PP, United Kingdom, each trading as Kota, as applicable to the Customer’s jurisdiction.
Partner: Kota’s insurance, pension, card or other third party benefits providers.
Platform: the Kota smartphone application, the Kota website at www.kota.io, and any related services made available by Kota.
Services: the provision of access to the Platform and any related services provided by Kota under these Terms or as otherwise specified in the Fee Letter.
Term: the period during which these Terms apply, as set out in clause 17.
User: an individual authorised by the Customer to access and use the Platform, typically an employee, contractor or other authorised representative of the Customer.
References to clauses are to clauses of these Terms; references to a statute include any amendment, extension or re-enactment of it; words following “including”, “for example” or similar are illustrative and do not limit what precedes them.
2.1 Kota provides the Platform for Employee Benefits services.
2.2 Kota does not accept any responsibility or legal liability whatsoever for any act or omission of any Partner or the Customer, save as expressly set out in these Terms.
2.3 Insurance or Pension Partners may enforce additional terms on the Customer in relation to insurance or pensions. Such additional terms will be made available to the Customer before the relevant service is procured.
2.4 Service improvements. Kota may change or modify the Services from time to time. Kota will give the Customer reasonable prior notice of any change only where such change is material and would substantially adversely affect the Customer’s use of the Services. If such a change has a material adverse effect on the Customer’s use of the Platform, the Customer’s sole remedy is to terminate the Services in accordance with clause 17.
2.5 Not bespoke. Unless otherwise agreed in writing, the Customer acknowledges that the Services have not been developed to meet the Customer’s or any User’s individual requirements and it is the Customer’s responsibility to ensure that the facilities and functions of the Services meet its own requirements.
3.1 Right to access. Subject to the Customer paying the Fees and complying with these Terms, Kota grants the Customer (and its Users) a personal, non-exclusive, non-transferable, non-sub-licensable, revocable right to use the Platform solely for the Customer’s internal business operations during the Term.
3.2 Availability. Kota will use commercially reasonable endeavours to make the Platform available 24 hours a day, 7 days a week, except for: (a) planned maintenance; and (b) unscheduled emergency maintenance. Kota does not warrant that access to the Platform will be uninterrupted or error-free.
3.3 Acknowledgement of limitations. The Customer acknowledges that the Platform may be subject to limitations, delays and other problems inherent in the use of internet and other communications networks, and that Kota is not responsible for any delays, delivery failures or other loss or damage resulting from such matters.
4.1 In order to access the Platform, a User must create an account and register a profile on the Platform. The User must provide a valid login name and a password (Account Information).
4.2 A User may also create an account by providing access via a third party account (such as Google), in which case the User consents to Kota’s access to the third party account and access to the Platform remains subject to compliance with the terms and conditions of the third party account and applicable privacy settings.
4.3 The User is responsible for keeping their Account Information secure. Each User shall:
4.4 The Customer and each User is solely responsible for the use, security and confidentiality of their account, irrespective of who is using it, whether with or without their permission.
4.5 Kota shall not be responsible for any loss, damage, claim or liability (whether financial or otherwise) suffered or incurred by the Customer or any User arising from (a) the Customer's or any User's failure to keep Account Information secure; (b) unauthorised access to or use of an account by any person; or (c) the Customer's failure to comply with its obligations under this clause 4
4.6 The Customer shall (a) ensure that all Users are aware of and comply with these Terms; (b) be responsible for any User’s access to or use of the Platform as if it were the Customer’s own act; and (c) immediately disable any User’s access where the User no longer requires access (for example on leaving employment) or where the User has breached these Terms.
4.7 All organisations should ensure that access to their account is monitored and reviewed regularly and Users who no longer need access are removed immediately in order to protect personal and confidential information.
5.1 The Customer shall be fully responsible for any tax and other liability, deduction, contribution, assessment or claim arising from or made in connection with use of the Platform.
5.2 The Customer shall indemnify Kota against all reasonable costs and expenses and any tax, penalty, fine or interest incurred or payable by Kota arising out of or in connection with any such liability, deduction, contribution, assessment or claim, except to the extent it arises directly from Kota’s breach of these Terms or Kota’s negligence or wilful default.
5.3 The Customer must cooperate with Kota and comply with all reasonable requirements, including providing information and documents relating to its use of the Platform.
5.4 The Customer shall: (a) perform its obligations under these Terms in a timely and efficient manner; (b) comply with all applicable laws and regulations with respect to its activities under these Terms and its use of the Services; (c) be solely responsible for the Customer’s own equipment, network connections, telecommunications links and internet connectivity used to access the Platform, and for any problems, delays or failures arising from them; and (d) operate best practice and ensure appropriate security precautions are taken in connection with its use of the Platform, including operating firewalls and virus checks.
5.5 The Customer and each User acknowledges that Kota and its Partners rely on the accuracy and completeness of all information provided during the registration process, in completing the User’s profile and in updating it on the Platform. The Customer and User shall be responsible for keeping their account details and profile up to date.
5.6 The Customer and each User warrants and represents that all information provided to Kota is accurate, complete and not misleading and remains so. The Customer and User must notify Kota of any change to such information.
5.7 Where relevant, the Customer must provide Kota with any additions, changes and cancellations of insured persons or members (employees). Kota will take the required actions on a reasonable timeframe and as communicated to the Customer.
5.8 Each User agrees to:
6.1 The Customer shall not (and shall procure that its Users shall not):
6.2 Kota reserves the right, without liability, to remove any material and to suspend or disable access to the Platform in accordance with clause 12 in the event of any breach of this clause 6.
7.1 Application of policies. The Customer has been made aware (and shall ensure that its Users will be made aware) of Kota’s Privacy Policy and Cookie Policy, which describe how Kota processes personal data in connection with the Platform. The Privacy Policy and Cookie Policy are available on Kota’s website and may be amended in accordance with the Variation paragraph in the Introduction to these Terms.
7.2 The Customer shall own all Customer Data uploaded by or on behalf of the Customer to the Platform, and shall be solely responsible for the accuracy, completeness, legality and intellectual property rights in or to such Customer Data, including obtaining all necessary rights, consents and authorisations to upload Customer Data and to permit Kota to process it under these Terms. Kota shall own all non-personal data generated or collected by Kota in providing the Services, including aggregated and anonymised data. Where Kota processes personal data collected directly from Users for the purposes of administering the Services or for compliance with its own legal and regulatory obligations, Kota acts as a controller in accordance with clause 7.3 and the Privacy Policy.
7.3 The Customer and Kota acknowledge that, in the course of providing the Services Kota acts as a controller in respect of personal data that Kota collects directly from Users, personal data Kota processes for the purposes of administering the Services or for compliance with Kota’s own legal and regulatory obligations, and personal data are processed in connection with insurance, pension or other regulated services where Kota is required by applicable law to act as a controller.
The detailed obligations of each party are set out in Kota’s Data Privacy Policy. In the event of any conflict between this clause 7 and the Data Privacy Policy, the Data Privacy Policy shall prevail.
Where both parties process personal data as independent controllers in connection with the Services, the parties' respective obligations are further set out in the Data Sharing Addendum appended hereto. The Data Sharing Addendum forms part of and is incorporated into these Terms. In the event of any conflict between the Data Sharing Addendum and the body of these Terms in respect of controller-to-controller data sharing, the Data Sharing Addendum shall prevail.
7.4 Compliance. Each party shall comply with applicable Data Protection Laws in respect of the personal data it processes under or in connection with these Terms.
8.1 Definition. “Confidential Information” means all information disclosed by a party (the “Disclosing Party”) to the other (the “Receiving Party”) that is either designated as confidential at the time of disclosure or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. Customer Data is the Customer’s Confidential Information; the Platform, the Services and the Documentation are Kota’s Confidential Information; and the terms of any Fee Letter (including pricing) are the Confidential Information of both parties.
8.2 Exclusions. Confidential Information does not include information that: (a) is or becomes publicly available without breach of these Terms; (b) was lawfully known to the Receiving Party before disclosure; (c) is lawfully received from a third party without confidentiality restriction; or (d) is independently developed by the Receiving Party.
8.3 Protection and use. The Receiving Party shall use the same degree of care it uses to protect its own confidential information of like kind, but in any event no less than reasonable care, to: (a) not use the Disclosing Party’s Confidential Information for any purpose outside the scope of these Terms; and (b) limit access to those of its and its Affiliates’ employees, officers and contractors who need access for purposes consistent with these Terms and who are subject to confidentiality obligations no less protective than those in this clause. Kota may disclose Confidential Information to its sub-processors and Partners to the extent necessary to perform Kota’s obligations under these Terms, under terms of confidentiality no less protective than those in this clause.
8.4 Compelled disclosure. The Receiving Party may disclose Confidential Information to the extent compelled by law, court order or regulator, provided that the Receiving Party gives the Disclosing Party prior written notice (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure.
8.5 Duration. The obligations in this clause 8 continue during the Term and thereafter for so long as the relevant Confidential Information remains confidential.
8.6 Equitable relief. Each party acknowledges that any actual or threatened breach of this clause 8 may cause irreparable harm to the Disclosing Party and that the Disclosing Party may seek injunctive or other equitable relief in addition to any other remedies available.
9.1 Ownership of the Platform. The Customer acknowledges and agrees that Kota and/or its licensors are the sole and exclusive owners of all Intellectual Property Rights and other proprietary rights in the Platform, the Services and any related documentation. Except as expressly set out in these Terms, no right, title or interest in any Intellectual Property Rights is transferred to the Customer or any User.
9.2 All content on the Platform is Kota’s copyright and property and may be used for any purpose relating to the Platform or Kota’s business. Without Kota’s express written permission, the Customer (and Users) shall not copy the Platform for the Customer’s own commercial purposes, including:
9.3 All content remains Kota’s Intellectual Property, including (without limitation) any source code, product recipes, usage data, ideas, enhancements, feature requests, suggestions or other information provided by any Partner or any Customer.
10.1 The Platform may contain information and advertising from third party businesses, people and websites (Third Parties). The Customer (and Users) consent to receiving this information as part of their use of the Platform.
10.2 Kota is not responsible for any information transmitted by Third Parties or liable for any reliance the Customer (or any User) makes upon the services provided by, or information or statements conveyed by, Third Parties (or in relation to dealings with Third Parties), nor for the accuracy of any advertisements. This is described in more detail in Kota’s Privacy Policy.
10.3 Third Parties operate under their own terms and regulatory frameworks. Kota is not responsible for their actions, omissions or services, and use of such services is entirely at the Customer’s (or User’s) discretion and subject to those Third Parties’ own terms.
10.4 Platform integrations. Where the Platform offers the ability to integrate with third party products, software or applications, the Customer acknowledges that: (a) operation may depend on the Customer accepting and complying with the relevant third party terms; (b) such integrations may not operate reliably at all times and may impact the Platform; (c) Kota is not responsible for any losses arising from the use, operation or failure of such integrations; and (d) the relevant third party may at any time remove, disable or discontinue the integration.
11.1 The Customer agrees to pay the Fees as set out in the Fee Letter. Insurance and Pension contributions are separate to the Fees.
11.2 Payments will generally be collected on the 10th of each calendar month, with the exception of UK services, which will be collected on the 1st of each calendar month, or as otherwise specified in the Fee Letter. Customers may change their payment details via the “Billing” section of the Platform.
11.3 If a policy is cancelled, the direct debit will remain active to collect any monies owed.
11.4 Kota sets out its Schedule of Fees and Charges on its website, which includes additional fees and charges that are not addressed in the Fee Letter. Kota reserves the right to update these at any time and will notify the Customer of any material changes.
11.5 Kota sets out its Remuneration Policy on its website. This will be maintained on Kota’s website.
11.6 Kota will enforce cancellation proceedings if the Customer defaults on payments and the Customer’s access to the Platform may be revoked. Kota reserves the right to levy additional charges for missed payments.
11.7 Cancellations. Kota will enforce cancellation of a policy due to, but not limited to, non-payment, non-disclosure, provision of incorrect information or failure to submit necessary documentation within a required timeframe by the policyholder.
11.8 Nature of Fees. All Fees are non-cancellable and non-refundable, save where a refund is expressly required by these Terms or by applicable law. Fees are exclusive of VAT and any other applicable taxes, which shall be added at the appropriate rate.
11.10 The Kota Platform fee is non-refundable. Where the Customer is due a return of premium or fees or charges, Kota will communicate the timelines accordingly and will refund through the original method of payment.
12.1 Grounds for suspension. Without limiting any of its other rights or remedies, Kota may suspend access to the Platform (in whole or in part) at any time and without liability to the Customer where Kota reasonably determines that:
12.2 Customer cooperation. The Customer shall cooperate with any reasonable investigation Kota carries out in connection with a suspected breach. Failure to cooperate is itself a ground for suspension under clause 12.1.
12.3 Notice. Where the Platform is or appears to be subject to attack or unauthorised access, where suspension is required by law, regulator or court order, or where Kota reasonably determines immediate suspension is necessary, Kota may suspend access without prior notice and shall notify the Customer of the suspension as soon as reasonably practicable. In all other cases, Kota shall give the Customer reasonable prior notice and a reasonable opportunity to remedy the underlying issue, having regard to the nature and severity of the issue.
12.4 Restoration. Kota shall promptly restore access to the Platform once the cause of the suspension has been resolved to its reasonable satisfaction.
12.5 Effect on payment. Suspension of access (other than where caused directly by Kota’s breach of these Terms) does not relieve the Customer of its obligation to pay Fees during the period of suspension.
13.1 The Customer (and User) acknowledges that, save for Kota’s commitments under clause 3.2, Kota is not required to keep the Platform available at all times and makes no warranty that the Platform will operate continuously or error-free.
13.2 Subject to clause 16, Kota is not responsible for the unavailability of the Platform, or any interruption or malfunction caused by failures of Kota’s internet provider or web hosting service provider, third party intrusions or force majeure, and the Customer agrees that Kota is not liable for any loss or damage that results from inability to access the Platform in such circumstances.
14.1 The Customer’s Affiliates may use the Platform under the Customer’s account, provided that (a) such use is in accordance with these Terms and any applicable usage limits; (b) the Customer is liable for each Affiliate’s acts, omissions and breaches of these Terms; (c) any claims brought against Kota in connection with such use must be brought by the Customer; and (d) Kota shall have no direct contractual or other obligation to any Affiliate, and Kota’s liability to the Customer in respect of any Affiliate’s use of the Platform is in all respects subject to the limitations and exclusions in clause 16.
15.1 Customer’s indemnity to Kota. The Customer shall defend Kota and its Affiliates, officers, directors, employees and contractors from and against any third party claim, demand, suit or proceeding made or brought against Kota (each a “Claim Against Kota”) arising from or based on the Customer’s or any User’s use of the Platform, the Customer’s breach of these Terms, or the Customer’s or any User’s fraud, gross negligence or wilful misconduct, including (without limitation) any Claim Against Kota arising from or based on:
and the Customer shall indemnify Kota for all damages, reasonable legal fees and costs finally awarded against Kota, or for any amounts paid by Kota in a settlement approved by the Customer in writing, in connection with such Claim Against Kota.
15.2 Kota’s IP indemnity to the Customer. Subject to clauses 15.4 and 15.7, Kota shall defend the Customer against any third party claim, demand, suit or proceeding made or brought against the Customer alleging that the Customer’s authorised use of the Platform infringes or misappropriates the intellectual property rights of that third party (an “IP Claim”), and shall indemnify the Customer from any damages, reasonable legal fees and costs finally awarded against the Customer, or for any amounts paid by the Customer in a settlement approved by Kota in writing, in connection with such IP Claim.
15.3 Procedure. Each party’s obligations under clauses 15.1 and 15.2 are conditional on the indemnified party (a) promptly giving the indemnifying party written notice of the relevant third party claim; (b) giving the indemnifying party sole control of the defence and settlement of that claim, except that the indemnifying party may not settle the claim unless the settlement unconditionally releases the indemnified party of all liability and does not admit fault on the indemnified party’s behalf; and (c) providing the indemnifying party with all reasonable assistance at the indemnifying party’s expense.
15.4 Exclusions to Kota’s IP indemnity. Kota shall have no obligation under clause 15.2 to the extent the alleged infringement arises from:
15.5 Mitigation. If an IP Claim arises, or in Kota’s reasonable opinion is likely to arise, Kota may at its option and expense: (a) procure for the Customer the right to continue using the Platform; (b) modify or replace the affected parts of the Platform so they become non-infringing without materially diminishing the Platform’s functionality; or (c) terminate the Customer’s access to the affected parts of the Platform on 30 days’ written notice and refund any prepaid Fees covering the remainder of the then-current term that relate to the parts of the Platform terminated.
15.6 The Customer’s liability under this clause 15 is subject to the limitations and exclusions in clause 16.
15.7 Kota’s total aggregate liability in respect of any and all claims arising under clause 15.2 shall not exceed €200,000.
16.1 Disclaimers. Except as expressly and specifically provided in these Terms, the Services are provided “as is” and “as available”, and Kota makes no representation or warranty of any kind, whether express or implied, regarding the Services’ timeliness, error-free operation or fitness for any particular purpose.
16.2 Liability that is not limited or excluded. Nothing in these Terms excludes or limits the liability of either party for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; or (c) any other liability which cannot lawfully be excluded or limited.
16.3 General cap on liability
Subject to clauses 16.2 and 16.4, and except in respect of the Customer’s obligation to pay Fees under these Terms together with the Customer’s obligations under Clause 6.1 and Clause 9.2 and Kota’s liability under Clause 15.7, each party’s total aggregate liability arising under or in connection with these Terms in any 12-month period, whether in contract, tort (including negligence), breach of statutory duty, misrepresentation, restitution or otherwise, shall not exceed the greater of: (a) the total amount of Fees paid or payable by the Customer to Kota under these Terms in the twelve (12) months preceding the first event giving rise to the claim; or (b) €100,000.
16.4 Exclusion of consequential losses. Subject to clause 16.2, neither party shall be liable to the other, whether in contract, tort (including negligence), breach of statutory duty or otherwise, for: (a) loss of profits, revenue, business, goodwill or anticipated savings; (b) loss or corruption of data; or (c) any indirect, special, punitive, exemplary or consequential loss or damage, in each case howsoever arising.
16.5 Kota Spend. Kota makes no representations or warranties regarding the availability, accuracy or operation of the Kota Spend card, which is issued and managed by Stripe. Subject to clause 16.2, Kota shall not be liable for any direct or indirect losses or damages arising from or related to the operation of the card, including delays, declined transactions, or service outages, nor for any losses arising from unauthorised or fraudulent use of a card (including where such use occurs as a result of mismanagement or misuse by an employer, employee, organisation, administrator or User).
16.6 Acts and omissions of Partners. Subject to clause 16.2, Kota shall have no liability for any act or omission of any Partner or for any product or service provided by any Partner.
17.1 Term. These Terms apply from the date the Customer first accesses or uses the Platform (or, where there is a Fee Letter, from the date of that Fee Letter) and continue until terminated in accordance with this clause 17.
17.2 Termination for convenience. Either party may terminate these Terms (or any individual Service) for convenience on 30 days’ written notice to the other party, save where a longer or shorter notice period is set out in the relevant Fee Letter.
17.3 Termination for breach. Without affecting any other rights, either party may terminate these Terms by written notice without liability if the other party: (a) commits a material breach of these Terms and (if remediable) fails to remedy that breach within 30 days of being notified in writing of the breach; or (b) becomes subject to insolvency proceedings, has a receiver or administrator appointed, passes a resolution for winding up (other than for a solvent reconstruction), enters into a voluntary arrangement with its creditors, or ceases or threatens to cease to carry on business.
17.4 Kota’s additional termination rights. Without affecting any other rights, Kota may terminate these Terms for breach if (a) any Fees or other invoiced amount remains overdue (other than where disputed in good faith) for more than 7 business days after a further written notice from Kota; or (b) the Customer breaches clause 6 (Acceptable Use and Restrictions).
17.5 Cancellations by Kota. Kota will enforce cancellation of a policy due to, but not limited to, non-payment, non-disclosure, provision of incorrect information or failure to submit necessary documentation within a required timeframe.
17.6 Consequences of termination. On termination of these Terms:
18.1 Customer use of Kota brand. The Customer shall not produce any marketing material for Kota’s services or use Kota’s name, logo or trade marks on any marketing material for the Services without the prior written consent of Kota. Where Kota gives such consent, the Customer shall comply with all instructions Kota makes available regarding the use of Kota’s name, logo and trade marks.
18.2 Specific approvals. Kota will obtain the Customer’s prior written approval (not unreasonably withheld or delayed) before publishing case studies, testimonials, endorsements or customer quotes featuring the Customer’s brand assets. Generic use of the Customer’s logo or name to identify the Customer as a Kota customer does not require separate approval.
Neither party shall have any liability under these Terms if it or its sub-contractor is prevented from or delayed in performing its obligations by acts, events, omissions or accidents beyond its reasonable control, including (without limitation) strikes or other industrial disputes, internet or telecommunications failures, denial of service attacks, compliance with any law or governmental order, fire, flood, storm, pandemic or other outbreak of disease (each a “Force Majeure Event”). The affected party shall notify the other party as soon as reasonably practicable, providing details and expected duration, and use commercially reasonable efforts to minimise impact. If a Force Majeure Event persists for more than 4 weeks, either party may terminate these Terms by written notice without liability, save in respect of accrued rights as at the date of termination.
20.1 Entire agreement. The Agreement constitutes the entire agreement between the parties and supersedes any previous arrangement, understanding or agreement between them relating to its subject matter. Each party acknowledges that in entering into the Agreement it does not rely on any undertaking, promise, representation or warranty other than as expressly set out in the Agreement.
20.2 Assignment. Neither party may assign, transfer, charge, sub-contract or deal in any other manner with any of its rights or obligations under these Terms without the other party’s prior written consent (such consent not to be unreasonably withheld or delayed), provided that either party may assign these Terms in whole, without consent, to (a) an Affiliate; or (b) a successor in connection with a merger, sale of substantially all of its assets or business, reorganisation, or change of control, in each case on terms no less favourable to the Terms set out herein.
20.3 Severance. If any provision (or part of a provision) of these Terms is found to be invalid, unenforceable or illegal, the other provisions shall remain in force.
20.4 Waiver. No failure or delay by a party to exercise any right or remedy shall constitute a waiver of that or any other right or remedy.
20.5 Third party rights. The Agreement does not confer any rights on any person or party other than the parties to it (and, where applicable, their successors and permitted assigns).
20.6 Relationship. Nothing in these Terms creates a partnership, joint venture, agency, franchise or employment relationship between the parties.
21.1 Any notice required to be given under these Terms shall be in writing and shall be delivered (a) by hand or sent by pre-paid first-class post or registered post to the addressee at the address set out for such party in any Fee Letter or, in the case of Kota, to its registered office; or (b) by email, in the case of notices to Kota, to legal@kota.io (as updated by Kota from time to time), and in the case of notices to the Customer, to the email address provided by the Customer.
21.2 A notice delivered by hand is deemed received when delivered (or if delivered outside business hours, at 9 a.m. on the next business day). A correctly addressed notice sent by post is deemed received at the time it would have been delivered in the normal course of post. A notice sent by email is deemed received at 9 a.m. on the next business day after sending.
22.1 Governing law. These Terms and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with them or their subject matter or formation shall be governed by, and construed in accordance with, the law of Ireland.
22.2 Jurisdiction. Each party irrevocably agrees that the courts of Ireland shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with these Terms or their subject matter or formation (including non-contractual disputes or claims).
If you wish to contact Kota in relation to these Terms or for any other reason, please contact support@kota.io. If you have a complaint, please see Kota’s help centre for details of how to complain.
REGULATORY ANNEX
This Regulatory Annex contains additional terms specific to Kota’s regulated activities and to particular jurisdictions or product lines. The provisions in this Annex form part of these Terms. In the event of any conflict between the main body of these Terms and this Annex in respect of the matters addressed in the Annex, the Annex shall prevail.
Kota may provide access to a card, known as “Kota Spend”, issued and operated by Stripe.
For UK users:
Cards are issued by Stripe Payments UK Limited, which is an electronic money institution authorised by the Financial Conduct Authority (firm reference number: 900461) for the issuing of electronic money. Cards are issued under the Visa card scheme pursuant to a license from Visa Europe Limited.
For European users:
Cards are issued by Stripe Technology Europe Limited, an electronic money institution authorised by the Central Bank of Ireland (firm reference number: C187865). Cards are issued under the Visa card scheme pursuant to a license from Visa Europe Limited.
Kota Spend is designed to facilitate eligible employee benefit spending, such as wellness or flexible benefits, as permitted under the employer’s benefit policy.
By using the Kota Spend card, the User agrees to the Stripe Issuer Terms and any other related policies that govern the card’s use.
Kota facilitates access to Kota Spend but does not at any point: hold, control, or manage funds; execute payments or authorise transactions; or provide payment or e-money services.
Employers and Users must comply with all applicable Stripe terms, including anti-fraud and anti-money laundering requirements. Kota may share relevant account and usage data with Stripe for fraud monitoring and compliance purposes.
Kota provides the software services enabling the User to view, manage and use their allocated benefits balance in connection with the Kota Spend.
Where the Platform provides access to a Kota Spend issued by Stripe, the Customer (and, where applicable, the User) is responsible for ensuring that access to card functionality and funds is strictly limited to authorised users.
Employers and administrators must ensure that only eligible employees may access or use the card. Each User must take reasonable steps to prevent misuse, loss or theft of any card details, credentials or login information.
Kota and Stripe rely on the accuracy of the information and user permissions configured by the Customer. Kota accepts no responsibility for losses, unauthorised spending, or fraud resulting from: misuse of the card or Platform by employers, employees or third parties; failure by the Customer to properly manage or restrict access; or any fraudulent or unauthorised activity carried out under the User’s account or by their representatives.
If the Customer or User suspects unauthorised use or fraud, they must immediately notify both Stripe and Kota via the contact details provided in their account.
Effective: March 2026
This Pension Services Addendum supplements and forms part of the Kota Terms of Service. It applies to all Customers using the Platform in connection with occupational pension scheme (OPS) administration and, specifically, with maintaining OPS exemption from enrolment in MyFutureFund (MFF) under the Automatic Enrolment Retirement Savings System Act 2024 (the Act) and associated regulations, including the Section 52 Regulations signed December 2025 (“Section 52 Regulations”).
In the event of any conflict between this Addendum and the Terms in relation to pension services, this Addendum shall prevail. Capitalised terms not defined in this Addendum have the meanings given to them in the Terms.
Payroll submission responsibility
Basic salary and gross pay data
New joiners
Onboarding and configuration
To the fullest extent permitted by applicable law, Kota shall not be liable for:
Nothing in this Addendum limits Kota’s liability for death or personal injury caused by its negligence, fraud or fraudulent misrepresentation, or any other liability which cannot be excluded by law.
By continuing to use the Kota Platform for pension administration services, the Customer confirms that it has read and understood this Addendum and, in particular, acknowledges:
DATA SHARING ADDENDUM
This Data Sharing Addendum (the “Addendum”) is appended to, and forms part of, the Kota Terms of Service. It sets out the framework under which Kota and the Customer share Personal Data with each other as independent controllers in connection with the Services.
In the event of any conflict between this Addendum and the main body of the Kota Terms of Service in respect of controller-to-controller data sharing arrangements, this Addendum shall prevail.
Capitalised terms not defined in this Addendum have the meaning given to them in the Kota Terms of Service.
In this Addendum, the following definitions apply:
“Agreed Purposes”
the provision of the Services, and the performance by each party of its respective obligations, under the Kota Terms of Service.
“Controller”, “processor”, “data subject”, “personal data”, “personal data breach”, “processing”, and “appropriate technical and organisational measures”
have the meanings given to them in the Data Protection Laws.
“Data Discloser”
the party disclosing Shared Personal Data to the other party under this Addendum. Each of Kota and the Customer may, in respect of different categories of Shared Personal Data, act as Data Discloser.
“Data Protection Laws”
has the meaning given to it in the Kota Terms of Service, including (as applicable) the EU GDPR, the UK GDPR, the UK Data Protection Act 2018 and the Irish Data Protection Acts 1988 to 2018.
“EU GDPR”
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation).
“UK GDPR”
has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the UK Data Protection Act 2018.
“Permitted Recipients”
the parties to the Kota Terms of Service, the employees of each party who reasonably require access for the performance of the Kota Terms of Service, and any third parties engaged by either party to perform obligations in connection with the Kota Terms of Service (subject to clause 4(e) below).
“Shared Personal Data”
the Personal Data shared between the parties under this Addendum, confined to the categories of data identified in the relevant privacy notice or as otherwise notified by the Data Discloser to the other party from time to time.
2.1 This Addendum sets out the framework for the sharing of Personal Data between the parties as independent controllers. Each party acknowledges that the other party (in its capacity as Data Discloser in respect of the relevant data) will from time to time disclose Shared Personal Data collected by it for the Agreed Purposes.
2.2 Each party shall act as a separate and independent controller in respect of the Shared Personal Data it processes under this Addendum and shall be individually responsible for compliance with the Data Protection Laws applicable to it.
Each party shall comply with all the obligations imposed on a controller under the Data Protection Laws. Any material breach of the Data Protection Laws by one party shall, if not remedied within 30 days of written notice from the other party, give grounds to the other party to terminate the Kota Terms of Service with immediate effect (and where the material breach is irremediable, the other party may terminate immediately).
Each party shall:
(a) ensure that it has all necessary notices, consents and lawful bases in place to enable lawful transfer of the Shared Personal Data to the Permitted Recipients for the Agreed Purposes;
(b) give full information to any data subject whose Personal Data may be processed under this Addendum of the nature of such processing, including notice that, on the termination of the Kota Terms of Service, Personal Data relating to them may be retained by, or transferred to, one or more of the Permitted Recipients, their successors and assignees;
(c) process the Shared Personal Data only for the Agreed Purposes;
(d) not disclose or allow access to the Shared Personal Data to anyone other than the Permitted Recipients;
(e) where applicable, ensure that all Permitted Recipients are subject to written contractual obligations concerning the Shared Personal Data (including obligations of confidentiality) which are no less onerous than those imposed by this Addendum;
(f) ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the other party, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data; and
(g) not transfer any Personal Data received from the Data Discloser outside the United Kingdom or the European Economic Area unless the transferor ensures that: (i) the transfer is to a country approved under the applicable Data Protection Laws as providing adequate protection; (ii) there are appropriate safeguards or binding corporate rules in place pursuant to the applicable Data Protection Laws; (iii) the transferor otherwise complies with its obligations under the applicable Data Protection Laws by providing an adequate level of protection to any Personal Data that is transferred; or (iv) one of the derogations for specific situations in the applicable Data Protection Laws applies to the transfer.
Each party shall assist the other in complying with all applicable requirements of the Data Protection Laws. In particular, each party shall:
(a) consult with the other party about any notices given to data subjects in relation to the Shared Personal Data;
(b) promptly inform the other party of the receipt of any data subject rights request relating to the Shared Personal Data;
(c) provide the other party with reasonable assistance in complying with any data subject rights request;
(d) not disclose, release, amend, delete or block any Shared Personal Data in response to a data subject rights request without first consulting the other party wherever possible;
(e) assist the other party, at the cost of that other party, in responding to any request from a data subject and in ensuring compliance with its obligations under the Data Protection Laws with respect to security, personal data breach notifications, data protection impact assessments and consultations with the Information Commissioner, the Data Protection Commission, or any other competent supervisory authority;
(f) notify the other party without undue delay upon becoming aware of a Personal Data Breach affecting the Shared Personal Data;
(g) at the written direction of the Data Discloser, delete or return Shared Personal Data and copies thereof to the Data Discloser on termination of the Kota Terms of Service, unless required by law to retain the Shared Personal Data;
(h) use compatible technology for the processing of Shared Personal Data so as to ensure that there is no lack of accuracy resulting from Personal Data transfers;
(i) maintain complete and accurate records and information to demonstrate its compliance with this Addendum and allow for audits by the other party or the other party's designated auditor; and
(j) provide the other party with the contact details of at least one employee as point of contact and responsible manager for all issues arising out of the Data Protection Laws, including the joint training of relevant staff, the procedures to be followed in the event of a data security breach, and the regular review of the parties' compliance with the Data Protection Laws.
6.1 This Addendum forms part of, and is subject to, the Kota Terms of Service. Any limitation or exclusion of liability in the Kota Terms of Service applies to each party's liability under this Addendum, save to the extent any such limitation or exclusion is prohibited by the Data Protection Laws.
6.2 This Addendum shall remain in force for as long as either party processes Shared Personal Data received from the other party under or in connection with the Kota Terms of Service.
6.3 This Addendum is governed by, and shall be construed in accordance with, the law identified in the governing law clause of the Kota Terms of Service, and the parties submit to the exclusive jurisdiction of the courts identified in that clause.