Task: Check And Contract Rights To Use
The objective of this task is to check whether Capgemini has the right to use and/or re-use all hardware, software, tools, maintenance and support services contracts to deliver the services to the Client as intended.
Relationships
RolesPrimary: Additional: Assisting:
Outputs
Main Description
Once the inventory is available the Finance And Contracts work stream can start with checking who the owners are or will be of the hardware, software, tools or services contracts. The owners should give Capgemini the rights to use. This can be already arranged for in existing contracts or might need new contracts or contract addenda. It is also possible that the type of services Capgemini is going to deliver oblige Capgemini or the Client to buy new licenses of, or new services contracts with, the original supplier.

For example if the Client has a maintenance and support services contract with a database software supplier, Capgemini might be allowed to use that contract on the Client’s behalf. That would mean entering incidents or change requests on this services supplier’s portal and communicating directly, without involving Client personnel. Installing that database software on new or other Client hardware hosted in the Client data center might also be allowed. This could however depend on the type and characteristics of that hardware in relation to the licensing set-up (think about licenses for a max. amount of processors or cores, users or data). Installing the same database software on Capgemini hardware or in a Capgemini data center might be illegal, even if it is temporary or for educational or testing use only.

Once it is clear what assets like hardware, software and tools are to be (re-)used, either temporarily or permanently, the Finance And Contracts work stream needs to determine the rights to use these for the purpose and at the location planned and conclude the necessary contracts with the respective owners. Please be aware that for instance international export rights might block re-using existing assets in or from other countries and that moving assets, old or new, from one country into another might result in unexpected taxation.

The Right To Use Documentation artifact contains all contracts and other proof of the ‘right to use’. These are stored in the appropriate document repository accessible for all resources involved in service delivery or management at any time in the future. These could be both formal contracts like proof of licenses granted, contracts for maintenance and support, but also documents and emails confirming the right to use that were especially created and signed for this transition and/or service delivery. In order to inform the resources and management easily about what is allowed and what not, an artifact Right To Use Overview will be created with links to the relevant proof.

The Asset Overview artifact is initiated by creating the baseline overview of all assets, including software licenses in use, with their contractual characteristics, limits and obligations. This baseline for license management should be in place and up-to-date on Service Commencement date. The link(s) to this baseline is entered in the artifact Service Engagement Team Member On-Boarding Kit, which is used for any resource that needs to be on-boarded either during the transition program or during continuous service delivery.

Maintenance and support contracts
If there are maintenance and support services related to the assets to (re-)use, not only the rights to use but also the scope and the duration of these services are checked against what Capgemini needs. Preferably the contract matches ‘back-to-back’ with the service contract obligations Capgemini will have to the Client. Think about different service hours (7x24 hours versus office hours) or different obligations to react or solve issues (within several hours or within days). If the contract does not match, additional contracts or upgrades of standard contracts might need to be purchased by either Capgemini or the Client. Depending on the related costs and impact the Client and/or Capgemini can of course also decide to leave it as it is and accept the risk. Agreements about what was decided must be logged by the Finance And Contracts work stream, either in contractual documents or in the Risk Log as a risk for Service Run.

Intellectual Property Rights (IPR)
Please be aware that the Incumbent(s) might claim Intellectual Property Rights (IPR) on software they developed for the Client. In that case the Client should conclude a contract with the incumbent in which the Client receives the right to use, maintain and change the software for their own use. In that contact also the right for outsourcing the maintenance and change of that software on the Client’s behalf should be covered. Otherwise Capgemini, while executing the services for the Client, might violate the IPR of the incumbent.

Combined responsibilities
Special attention should be given to what hardware, software and tools are part of the services Capgemini or third party services suppliers deliver. If Capgemini executes Infrastructure Services on the infrastructure hosted at the Client’s data center or in a third party services supplier’s data center, we need to look into the details to find out who owns what and who can use what for what purpose. In case there is also a party executing the role of service integrator between all services parties involved, it can become very complex to ensure Capgemini’s right to use.

A type of services were all kind of parties and all type of contracts for licenses and support come together is for instance in workplace services for the Client’s end-users. Different parties might be responsible for different layers. Determining who owns what, who has the right to see or do what, and who should coordinate the work of which parties in case of issues, can be challenging contractual puzzle to solve.

The result of this puzzle is logged in the Operational Level Agreements (OLAs) so that our resources do not have to re-invent the wheel with each incident they have to solve, or each service request they have to execute during continuous service delivery.

Building new IT environments
If Capgemini sets up a new IT environment in her own data center, using new hardware and new licenses for all software layers involved, and migrates the Client’s IT environment to that, the Finance And Contracts work stream should investigate the rights to use in all stages of this migration separately. The costs related to the rights to use might strongly influence the actual migration strategy. It might be worthwhile to build up and test the new environment in the old data center first and then move to the new data center, for instance during the weekend before the planned Service Commencement.

Rights to see
Local country regulations for privacy-related and/or security-related data can lead to a special type of contract to be concluded and signed with all parties involved. These parties can be the Client and the companies the Client processes data for, local governments in all countries of which data of their citizens is processed in those Client systems and all Capgemini country responsible managers of all Capgemini entities involved.

These types of contracts are especially needed for European Clients in the case Capgemini rightshores the execution of the work outside the local country or outside Europe. These contracts, in Europe often referred to as ‘EU Model clauses’, need to be signed even before our, for instance Indian, resources can even join knowledge exchange. We have to arrange up-front that our resources are allowed to see whatever they can see during demonstrations, knowledge exchange or during the execution of their work, using their authorizations. It does not matter whether they see things on purpose or by accident, whether they do something with that data or not. From a data privacy perspective being able to see data is considered to be a ‘data leak’.

For example: Being able to see the name and address of a person, for instance an employee or customer of the Client, may not be allowed without having the proper privacy-related contracts signed and the contractual agreed measures to avoid or block this information implemented. If ‘screen shots’ of issues with applications are exchanged between the Client and Capgemini it is possible that our Indian or Morocco resources can see things they are not allowed to. European governments have set very high penalties on violation of these privacy laws which can in the near future even be as large as a % of Capgemini’s Global revenue. It is therefore mandatory for Capgemini to protect itself against data leaks like these and, if a data leak happens to report this within 24 hours to the appropriate government institution.

Please check with the Capgemini Privacy Compliance Officers in all countries involved to know what type of privacy-related contracts are needed to conclude and sign with which parties.

Copyright © 2017 Capgemini. All Rights Reserved.