Investigate Cloud Services Terms of Use

Cloud Services Terms of Use and Delivery Policy

These Cloud Services Terms of Use and Delivery Policy (“Terms of Use”) include the Invoicing Policy, and describe the terms and conditions by which NICE provides Investigate Cloud Services.

1. Definitions

Activation Date” means the date corresponding to the earlier of: (a) the date of NICE’s notice to Customer that the Cloud Services are accessible to the Customer; (b) the date of Customer’s use of the Cloud Services in Production; or (c) three (3) months following the Order Effective Date.

Availability” means the monthly availability of a Cloud Service in Production multiplied by the applicable service levels less any Excusable Downtime.

Excusable Downtime” means and includes: (a) maintenance Services performed during the Maintenance Windows, as defined in these Terms of Use; (b) maintenance  Services performed on an emergency basis to avoid harm to NICE, Customer, or the Cloud Services; (c) any time spent by NICE in its performance of any additional Services requested or agreed to by Customer; (d) Customer-caused outages or disruptions; or (e) outages or disruptions caused by: (i) software, infrastructure, databases, operator error or hardware not provided or controlled by NICE, (ii) disruptions attributable to Force Majeure Events, or (iii) configuration changes not made by NICE.

Production” means an operational environment deployed for commercial use (excluding, but not limited to, any test, development, staging, or lab environment).

2. Subscription Term

2.1 The Initial Subscription Term shall be for the period of time set forth in the Order. The Initial Subscription Term shall renew for additional periods of time equal in length to the then-currently expiring term (each a “Renewal Term(s)” and, together with the Initial Subscription Term, the “Subscription Term”), and the fees for each such Renewal Term shall be subject to an increase of five percent (5%). Notwithstanding the foregoing, Customer may, at least sixty (60) days prior to the conclusion of the then-current Subscription Term, advise NICE in writing that either: (a) Customer does not wish to renew the Subscription Term (a “Non-Renewal Notice”); or (b) Customer desires to renew the Subscription Term for a different length of time than the expiring Subscription Term. A Non-Renewal Notice must be sent to CloudServicesUnsubscribe@nice.com; notice sent by any other method shall not constitute a Non-Renewal Notice.  Customer understands that, if Customer fails to provide a Non-Renewal Notice, Customer shall be responsible for payment in full for the fees associated with the next Renewal Term regardless of whether Customer has issued a purchase order.

2.2 The Cloud Services are non-cancelable by Customer. If Customer elects to cease using the Cloud Services during the Subscription Term, Customer shall: (a) continue to be liable for all amounts payable under the Order for the remainder of  the Subscription Term, including all amounts that are subject to a Minimum Commitment; and (b) not be entitled to any refunds.

3. Releases

New releases of the Cloud Services will be provided to Customer if and when they are generally commercially available. Professional Services for any customer-specific configurations will be at an additional cost.

4. NICE shall maintain one (1) Production environment of the Cloud Services to meet the service levels. NICE shall provide the necessary technical infrastructure and maintenance Services to deliver the Cloud Services.

5. Customer Duties

Customer will appoint two (2) resources who have completed the NICE training in the operation and use of the Cloud Services (“Designated Contact(s)”), and shall act as NICE’s primary point of contact regarding requests for technical assistance. The Designated Contact shall initiate a request for technical assistance via the designated support channels provided in Table No. 1 below (each an, “Incident”, which may also be referred to as a, “Case”). Prior to initiating such a request, the Designated Contact shall use reasonable efforts to attempt to diagnose and resolve the particular issue, including using available self-help tools. The Designated Contacts are required to establish and maintain Customer’s processes to provide first tier support for the Cloud Services, which includes: (a) a direct response to user inquiries concerning the performance, functionality, or operation of the Cloud Services; and (b) an attempt to diagnose and resolve problems or issues with the Cloud Services. 

Table No. 1
Support Contacts

For NICE Enterprise Solution Family

http://wiser.nice.com

Recommended First Step

United States

+1 800-642-3611

United Kingdom

+44 0 148 977 1633

All other locations

+972 9 775 3800

6. Incident Support

6.1 Incidents are classified based upon the definitions outlined in the table below: 

Severity Level

Definition

Examples

1. Critical
(System Unavailable)*

I. Critical issue that severely impacts use of the SaaS Solution.

II. No workaround.

A. The SaaS Solution is completely unavailable.
B. The majority of users cannot login.
C. Data integrity issues.

2. High
(System Impaired)*

I. Major functionality is significantly impacted.
II. No workaround.

A. Service interruptions to some but not all functionality.
B. Alerts not being generated

3. Medium
(Minor Impact)

I. Multiple users impacted by a moderate loss of the SaaS Solution.

II. Critical or High impact on a non-Production SaaS Solution.

III. A workaround exists.

A. Functional limitations which are not critical to Customer’s daily operations (e.g. reports not being generated).
B. Moderate degradation in function, or feature performance.

4. Low
(Informational)

I. Minor loss of the SaaS Solution features.
II. Inquiries
III. Medium or Low impact on non-Production SaaS Solution.

A. There is no significant Customer impact.

B. Non-Critical or minor loss of functionality or features.

*Reserved for Production Cloud Service only.

6.2 NICE’s initial response to an Incident will be as follows:

Table No. 4

Severity

Target Response Times

1

60 minutes

2

4 hours during Customer’s business day

3

Next business day

4

Next business day

7. Maintenance Windows

NICE shall use commercially reasonable efforts to perform maintenance Services on the SaaS Solution during the time frames provided in the table below (“Maintenance Window(s)”).

Maintenance Windows Criticality

Advanced
Notice

NICE Maintenance Windows
(relevant data center time)

Standard

7 Days

Tuesday and Thursday
11:00 PM to 3:00 AM

Extended

30 Days

Sunday
2:00 AM to
10:00 AM

Emergency

Immediately following NICE’s awareness of an issue.

Nightly
10:00 PM to midnight

8. Availability

NICE will maintain Availability of the Cloud Services as follows:

SaaS Solution

Service Levels for Availability

Hours of Applicability

NICE Investigate

99.9%

Extended Hours

Note: For Customers that previously purchased Cloud Services where a separate Cloud Services Terms of Use and Cloud Services Support and Delivery Policy existed, these Terms of Use supersede and replaces those documents.



Additional Terms Applicable to NICE Systems UK Limited Public Safety Customers

Orders entered into by and between NICE Systems UK Limited and Customers are subject to the following additional terms:

ANNEX A: Data Processing Agreement

ANNEX B: Data Privacy Terms

ANNEX C: High Level Description of Cloud Services

ANNEX A: Data Processing Agreement

https://www.nice.com/data-processing-agreement/

ANNEX B: Data Privacy Terms

1. Security, privacy, and data protection:

1.1 NICE will make commercially reasonable endeavours to maintain ISO27001 certification for the Subscription Term of the Cloud Services.

1.2 Privacy and data location. The Cloud Services are hosted in the Microsoft Azure cloud UK datacentres. All Content will be stored in the UK data centres.

1.3 Encryption of Content. All Content stored within the Cloud Services are held within the UK. All data is encrypted at rest.. All data in transit outside the Service is carried in HTTPS using TLS 1.2. All encryption will use a 256 bit or better algorithm listed in the current NIST document FIPS 140-2.

1.4 Staff. NICE will only access the Cloud Services with NPPV3 vetted staff. The staff will only access the Cloud Services from a secure room in a location as vetted by the Customer.

1.5 Data Retention. NICE will provide means such that Customer can comply with current data retention rules as stated in MOPI http://library.college.police.uk/docs/APPref/Management-of-Police-Information.pdf,  through either manual deletion or, where supported by RMS (Record Management System) integration, automated deletion based on RMS Case data.  NICE will make commercially reasonable endeavours to maintain compliance with future rules and regulations on data retention provided Customer provides NICE at least one (1) year prior written notice of any such new or amended rules/ regulations and expressly requires NICE to comply with those regulations/rules from a future date of at least one (1) year of such written notice.

2. Data return and deletion.

2.1 The Customer may extract and/or delete Content at any time. When a Subscription Term expires or terminates, NICE will retain any Content the Customer has not deleted for ninety (90) days from the termination/expiry date so that the Customer may extract it from the Cloud Services. Following the expiration of this ninety (90) day retention period, NICE will delete all Content, including any cached or back-up copies, within 30 days of the end of the retention period. The Customer agrees that NICE has no additional obligations to continue to hold, export or return Content and that NICE has no liability whatsoever for deletion of Content pursuant to the terms in this Section.

3. Data sources

3.1 Data sources are accessed through a device called ‘Data Source Gateway’ (DSG). The DSG is installed on the Customer network and provides the secure connection point between any local electronic data sources, (e.g. CAD, Records, 999 recordings), and the Cloud Services. It uses a selection of custom integrations, called “providers”, for searching and retrieval of the metadata and media from each individual data source. The DSG is software supplied by NICE and the license terms and conditions for use of this software are set out in https://www.nice.com/Documents/NICE_EULA_(Global)290118.pdf  (“EULA”). By using the DSG Software, Customer expressly agrees to the terms and conditions of the EULA and the EULA terms are incorporated by reference to this CSA.  The Customer is responsible for provision and maintenance of suitable hardware of virtual processing equipment that the DSG software runs on.

3.2 Where Customer adopts new evidence collection tools, additional data sources may be required. The provision of new data sources is provided as additional scope, as a Professional Services (and subject to Customer and NICE agreeing to the Statement of Work for such Professional Services) and according to the then-current Fees. The fee is a fixed fee per data source.

3.3 Modified existing data sources may be required as third party vendors update database schema and API. All minor modifications are included within the Cloud Services at no additional cost to the Customer. Minor changes are all changes to databases and API for an existing data source, but does not include a change in data source vendor or access changes between database and API.

3.4 During development and configuration of access to data sources, the Customer is responsible for the availability and operation of suppliers systems, and making the Customer owned data accessible by either API, file or Database access. Customer is responsible for working with its suppliers. NICE will use reasonable endeavours to co-ordinate with such other Customer’s suppliers (as mutually agreed) and for building the mutually agreed links and integrations. NICE will make commercially reasonable endeavours to maintain compliance during the Subscription Term with future rules and regulations on data transfer within government agencies (such as Digital Evidence Transfer Service (DETS)) provided Customer provides NICE at least one (1) year prior written notice of any new or changed regulations/rules and requests NICE to comply with those regulations/rules from a future date of at least one (1) year of such written notice.

ANNEX C: High Level Description of Cloud Services

1. Solution Overview

1.1 NICE Investigate automates the digital investigation process of collecting, analysing, and sharing digital evidence content. It replaces certain manual processes with automated tools to collect and manage all digital evidence and review.   Visualizations of evidence items coupled with analytics and correlation capabilities may assist investigators uncover new insights from available data sources.  

1.2 The NICE Investigate Cloud Services is comprised of 4 main portals; the Investigate Portal, the Prosecutor Portal, The Community Portal and the Administrator Portal.

2. Investigate Portal –

2.1 The Investigate Portal is designed to automate and streamline certain manual and physical steps for authorised users as they collect, analyse, and share digital evidence. 

2.2 The NICE Investigate Cloud Services supports certain types of digital evidence: surveillance video, pictures, documents, body worn video, in-car video, crime scene photographs, audio (e.g. PSAP 999 and radio system audio), interview room recordings, images and videos from the public. Once uploaded, the digital evidence is transcoded into a common format.

2.3 Digital evidence can be automatically collected from connected data sources and placed in NICE Investigate case folder based on exact match on the crime reference (RMS ID) and/or the Command & Control Log number from CAD. Once in the case folder, gathered evidence can be visualized in from multiple angles:

a. in a list or grid format

b. in a timeline view with the ability to select media files (video and audio) within a time period and play them back synchronously

c. in a map view for digital evidence that contains geo-location

d. robust sorting, filtering, and search tools

2.4 The Investigate application will detect from the Access Control List (“ACL”) held in RMS if the User is authorised to access the Case and will not display any information about any Cases which the User is not authorised to see.

2.5 Authorised users may retrieve certain types of evidence items (video, images, and a voice recording shown above) based on common criteria such as the choice of metadata (RMS ID, C&C Log Number, timeframe, data source, evidence types, keywords and more), following a simple point-and-click search and filtering process. New fields can also be created for evidence to tag them and then be used for search and filter.

2.6 Evidence types, such as audio and video, can be played from the thumbnail, from the timeline as well as from within the evidence.

3. Data sources

3.1 The NICE Data Source Gateway (“DSG”) is installed on the Customer Network and provides the secure connection point between any local electronic data sources, (e.g. CAD, Records, 999 recordings), and the Cloud Services. The DSG uses a selection of custom integrations, called “providers”, for searching and retrieval of the Metadata and media from each individual data source.

3.2 The DSG periodically queries each data source for any new records, or changes to existing records and transfers the data up to the Cloud Services to allow the Authorised users to build a holistic view of any cases and evidence available to them. Any multi-media evidence that can be directly linked to a case (e.g. supplemental reports, Crime scene media), will also be automatically pushed securely up to the Cloud Service to remove the burden of retrieval from the Authorised users.

3.3 Where supported by the Record Management System (“RMS”), an option exists for the DSG to add a link to the Investigate digital evidence record into the RMS database, that will allow a user of RMS to view that item of data from within RMS. Additionally, the Investigate application will record which RMS case file has been linked to the data item so that a user of the Investigate application will be able to jump to the RMS Case file record.

3.4 Supported formats - Video

  1. a) .AVI
  2. b) .WMV
  3. c) .3GP/.3GPP/.3G2
  4. d) .MOV
  5. e) .ASF
  6. f) .FLV
  7. g) .MPG
  8. h) .VOB
  9. i) .MKV
  10. j) .WEBM
  11. k) .MP4

3.5 Supported formats - Audio

  1. a. .AIF
  2. b. .MP3
  3. c. .WAV
  4. d. .WMA
  5. e. .PCM
  6. f. .GSM
  7. g. .AAC
  8. h. .AC3
  9. i. .MP3
  10. j. List of supported codecs available on request

3.6 List of Supported formats - Image

  1. a. .BMP
  2. b. .GIF
  3. c. .JPG (No transcode required)
  4. d. .PNG
  5. e. .TIF
  6. f. .TIFF
  7. g. .JPEG

3.7 List of supported formats - Document

  1. a. .DOC/.DOCX
  2. b. .XLS/.XSLX
  3. c. .PPT/.PPTX/.PPTM
  4. d. .HTML
  5. e. TEXT (.TXT)
  6. f. .RTF
  7. g. .PDF

3.8 Metadata for 3rd party interfaces could include (not limited to) the following:-

3.8.1 999 – NICE Inform

  1. a. Incoming telephone number
  2. b. Operator station
  3. c. Call start time
  4. d. Call end time

3.8.2 Command & Control (CAD)

  1. a. Operator station
  2. b. Operator
  3. c. Incident number
  4. d. Caller name
  5. e. Incoming telephone number
  6. f. Caller’s contact no (telephone no)
  7. g. Caller address
  8. h. Incident type (opening code)
  9. i. Grade (response required)
  10. j. Location of incident
  11. k. Method of call (999 or non-emergency)
  12. l. Sex of caller (Male / female)
  13. m. Ethnicity of caller
  14. n. Notes

3.8.3 Body Worn Video

  1. a. Camera serial number
  2. b. Camera type
  3. c. Camera owner employee number/ / Force number
  4. d. Camera owner user name
  5. e. Camera owner full name
  6. f. Start date/time of recording
  7. g. End date/time of recording
  8. h. Date/time of upload
  9. i. Uploading camera / computer
  10. j. Uploading user
  11. k. Uploading site
  12. l. Deleted or not
  13. m. Evidential or non-evidential
  14. n. User notes
  15. o. Storage location of file

4. Prosecutor Portal

4.1 Investigating authorised users may share any digital file, collection of files or an entire case file and other trusted partners at any point. 

5. Community Portal

5.1 The Community Portal consists of two portals: The Community Business Portal and the Community Public Portal.

5.2 The Community Business Portal enables businesses and citizens to register their surveillance camera systems with the Customer. Registered camera systems are geo-located as a layer on the map view presented within a case folder along with any incident and evidence information already collected by the investigating authorised user.

5.3 If an investigator is interested in obtaining video from the community, a request can be initiated via Cloud Services.  The business owner is able to electronically fulfil the request by uploading requested footage to the Public Portal.  The video footage is then available to view by the investigating authorised user and to be added to the case folder if applicable. Upon upload to the case folder, the CCTV footage would be virus-checked and transcoded to the common format.

5.4 The Community Public Portal allows the authorised user to send a request to member of the Public to upload media files concerning an incident. The authorised user would send a ‘Request to Citizen’ with an upload link. The member of the public would receive an email with the upload link. The link would have an expiry date and time and could only be used once to submit one or multiple files.

6. Administrator Portal

6.1 The Administrator Portal is where the designated Authorized User can set-up and manage the Customer users, groups and access control, unless managed by RMS

6.2 On the system level, this is where security certificates and access control settings are managed for Investigate users, unless managed by RMS.  The administrator can also manage registered users in the Community Business Portal and access admin capabilities for the Community Public Portal.