Skip to main content

Procurement FAQ

Common enterprise purchasing questions, answered clearly.
Last updated: 5 April 2026

What You're Buying

What exactly are we buying?

A dedicated, single-tenant instance of RIVER's managed AI platform, operated by RIVER. You receive:

  • A dedicated version of the RIVER platform for your organisation
  • The agreed implementation services described in the Proposal/SOW
  • Ongoing platform operations, support, and governance

This isn't a shared SaaS product. Your instance is yours alone, built around your data, your workflows, and your team. See Terms - Clause 1, Clause 3.

What does the licence fee cover?

The licence fee covers access to RIVER's platform IP and ensures the platform remains accessible for its intended purpose, as approved during UAT. RIVER will remediate Material Defects (reproducible failures preventing core functions) in RIVER-delivered components as part of the licence fee.

The licence fee does not cover:

  • New features or scope changes
  • AI output refinement (prompt tuning, model selection)
  • Issues caused by Client Systems or data
  • Platform Maintenance (dependency updates, security patches, framework upgrades)

These are addressed via change request or a separate maintenance/retainer agreement. See Terms - Clause 5.

What's included in the ongoing monthly cost?

Defined in the Proposal/SOW. Typically includes:

  • Platform operations (monitoring, backups, updates)
  • Security and access control management
  • Support and refinement cycles for the agreed scope
  • Governance and adoption support
  • Regular value check-ins and roadmap guidance

Pricing uses value-based bands (not per-seat pricing). The model supports broad adoption without individual subscriptions. More people using it is a good thing. See Terms - Clause 11.

What is Platform Maintenance, and is it included?

Platform Maintenance is the ongoing technical upkeep required to keep the platform and its dependencies current: software dependency updates, package and framework upgrades, API compatibility changes, security patches, and environment configuration updates.

Platform Maintenance is not included in the licence fee unless explicitly stated in the Proposal/SOW. It's typically delivered as part of a retainer or managed services engagement.

Why this matters: Software platforms depend on third-party packages, APIs, and frameworks that evolve over time. Without ongoing maintenance, dependencies can become outdated or incompatible. This isn't a defect in RIVER's code - it's the natural consequence of software ageing without active upkeep.

If maintenance is required and the Client hasn't engaged RIVER for ongoing Platform Maintenance, RIVER will notify the Client, provide a scope and estimate, and agree to the work in writing before proceeding. We recommend all Production Engagements include a Platform Maintenance component. See Terms - Clause 5, Clause 20.

Data & Privacy

Who owns data, code, and IP?

You own:

  • All client-provided data and content (documents, policies, SOPs)
  • Customer Data, embeddings, logs, and AI outputs generated from your inputs
  • Your business logic and operational workflows

RIVER owns:

  • The RIVER platform IP and core delivery framework (Catalyst)
  • Delivery methods and reusable components
  • Generic improvements to the platform

You receive usage rights to all agreed deliverables for internal business use, as described in the Proposal/SOW. See Terms - Clause 10.1, Clause 10.2.

Where is data hosted and processed?

Four deployment options, selected in the Proposal/SOW:

  1. RIVER Cloud (Managed): Hosted and operated by RIVER in New Zealand or Australia (as agreed). Standard security controls, monitoring, backups, and upgrades. Default option, included in licence fee.
  2. RIVER Sovereign: NZ data residency hosting via SiteHost (ISO 27001, SOC 2 certified). User data stays in New Zealand. Application infrastructure on AWS. RIVER manages everything.
  3. Customer Cloud (Private Deployment, RIVER Managed): Deployed into your cloud environment (e.g., Azure/AWS) with private networking controls (private endpoints, Key Vault, IAM/SSO). Operated by RIVER within your security boundary.
  4. Customer-Managed (Licence + Support): Hosted and operated by your team. RIVER provides licensing, implementation guidance, and agreed support. Used where full operational control is mandatory.

For private deployments, infrastructure consumption is billed through your cloud subscription. RIVER's platform fee remains separate. See Terms - Clause 7.

Does RIVER use our data to train AI?

No. Customer Data is not used to train public AI models.

Where third-party AI services are used (e.g., LLM providers), we use configurations designed to prevent provider training on Customer Data. If you require additional restrictions (client-held keys, private model routing, or provider limitations), these are handled as part of the agreed deployment approach. See Terms - Clause 8.3.

Privacy Act responsibilities (NZ/AU)

RIVER designs deployments to align with the New Zealand Privacy Act 2020 and, where relevant, the Australian Privacy Principles (APPs).

  • You remain the data owner and are responsible for decisions about collection, retention, and lawful use of personal information
  • RIVER acts as a service provider, handling data only to deliver the agreed services
  • You confirm you've obtained all necessary consents and have lawful basis for any personal data processed through the platform
  • Access is controlled, logged, and restricted to authorised personnel and agreed purposes

For sensitive or health-related data, additional controls are commonly applied: encryption in transit and at rest, strict access logging, retention controls, and secure deletion/export processes. See Terms - Clause 8.1, Clause 8.2.

Security

What security certifications does RIVER hold?

Our security and AI governance controls are aligned to three frameworks, with independent certification in progress:

  • ISO 27001 (Information Security) - aligned, certification in progress. Our information security management system follows ISO 27001:2022 controls: risk-based security, access management, encryption, incident response, and continuous improvement.
  • ISO 42001 (AI Governance) - aligned, certification in progress. Our AI management system follows ISO 42001:2023: AI risk assessment, data quality governance, human oversight, model lifecycle management, and responsible AI principles.
  • SOC 2 Type II (Trust Services) - aligned, audit in progress. Our controls align to SOC 2 trust service criteria: security, availability, confidentiality, and privacy.

We also hold Technology Liability insurance underwritten by Lloyd's of London ($1M limits) covering Professional Indemnity, Cyber, Public Liability, and Statutory Liability. See Terms - Clause 19.

How do we ensure security and permission control?

Security controls depend on the deployment model, but commonly include:

  • Role-based access control (RBAC)
  • SSO/2FA via your identity provider where available
  • Audit logging of access and key actions (exportable where required)
  • Least-privilege access and separation of environments (e.g., UAT/PROD)
  • No access expansion without explicit approval

For Customer Cloud deployments, private networking and client security services (Key Vault, private endpoints, policy controls) can be utilised as part of the agreed architecture. See Terms - Clause 8.4.

How are security incidents handled?

If RIVER becomes aware of a confirmed Security Incident affecting Customer Data within RIVER's control, we will:

  • Notify you without undue delay (and in any event within 24 hours of confirmation)
  • Provide updates and reasonable remediation steps
  • Document the incident and response

Specific audit log retention and reporting requirements are agreed in the Proposal/SOW where needed. See Terms - Clause 8.4.

How is audit logging handled?

Audit logging specification is co-designed during the engagement kickoff and documented as a governance schedule. The platform can log data that passes through the platform or LLM, at the parties' collective discretion within the scope and budget of the engagement.

Typical audit trail includes:

  • User/role and timestamp
  • Case reference and knowledge sources used
  • Model deployment identifier
  • Output reference
  • User action (accepted/edited/rejected where implemented)

The specification captures key operational data while excluding sensitive data from logs, as agreed during co-design. See Terms - Clause 9.

Commercial

How is pricing structured?

RIVER's pricing has four independent components:

  1. Setup: One-off implementation fee ($20K-$300K+ depending on scope, or $15-30K for AI Discovery)
  2. Licence: Monthly platform fee based on capability bands, not headcount ($3K-$20K+/mo)
  3. Build Lane: Optional ongoing development capacity. Cruise (included), Accelerate ($5-10K/mo), or Transform ($20-40K/mo)
  4. Commitment: Partnership length (12/24/36 months). Longer commitments receive 5-10% discount on all fees

Transparent pricing on every service. Ranges are published on our website.

Price ranges reflect the diversity of engagements we deliver, from focused AI pilots to organisation-wide platforms. Your Proposal/SOW will specify exact pricing based on your scope, modules, and deployment model. See Terms - Clause 11.

Pilot vs Production contracting

Two standard modes, confirmed in the Proposal/SOW:

  • Pilot: Fixed setup + minimum one (1) month. Designed for proof of value with a clean exit option. No early termination fees. Maximum duration: 6 months.
  • Production: Minimum term typically twelve (12) months. Supports stable operations, governance, and ongoing optimisation. Continues month-to-month after the minimum term.

This keeps pilots lightweight while ensuring production deployments remain reliable and supportable. See Terms - Clause 3.

What are the payment terms?

  • Invoices are payable within 14 days of invoice date
  • Late payment attracts interest at 1.5% per month on overdue amounts
  • The Client is liable for reasonable collection costs on overdue amounts
  • If any invoice remains unpaid 30+ days past due, RIVER may suspend platform access on 5 business days' written notice

See Terms - Clause 11, Clause 11A, Clause 11C.

What are RIVER's liability limits?

RIVER's liability is structured in three tiers:

  1. General liability (negligence, service failure): the lesser of fees paid in the 12 months preceding the event, or NZD $500,000
  2. IP and confidentiality breach: NZD $1,000,000
  3. Fraud, wilful misconduct, death or personal injury: unlimited

Indirect, consequential, special, and incidental losses (including loss of profits, revenue, or goodwill) are excluded by both parties. See Terms - Clause 16.

Do you hold insurance?

Yes. RIVER holds Technology Liability insurance covering:

  • Professional Indemnity / Errors & Omissions
  • Public Liability
  • Cyber Liability
  • Statutory Liability

Limits of liability: $1,000,000 per the policy schedule. Cover extends to work performed by contractors and subcontractors engaged by RIVER Group. RIVER will notify you if coverage materially changes during an active engagement. Increased limits and certificates of currency available on request. See Terms - Clause 19.

Delivery & Operations

What does working with RIVER look like?

We use an iterative delivery approach: brief, build, review. A member of our senior team champions every project. No juniors, no layers.

  • Align: We work with your leadership team to identify the highest-value opportunities and agree on the best path forward
  • Ship: Working software delivered in regular milestones. Real users, real data, real feedback from the start
  • Scale: Expand what works across the organisation. Ongoing quarterly milestones

Your team is embedded in the process from day one. We deliver working software, not status reports. See Terms - Clause 4.

What are our client responsibilities?

Client responsibilities are kept simple so delivery stays fast:

  • Nominate a pilot cohort and decision-makers
  • Provide access to relevant knowledge sources and approved materials
  • Support SSO/access setup (where required)
  • Provide timely feedback and approvals on a regular cadence
  • Confirm operational boundaries (what the AI can and cannot do)

We recommend a regular decision cadence to maintain momentum. Where client delays exceed 20 business days, re-mobilisation costs may apply. See Terms - Clause 6, Clause 11B.

How do we measure value?

Value tracking is built into delivery:

  • Success metrics agreed during scoping (e.g., cycle time, consistency, reduction in rework)
  • Baseline captured early
  • Usage and workflow outcomes monitored
  • Measurable improvements targeted within the initial deployment/pilot period

We measure what matters to your domain, not generic “hours saved.” See Terms - Clause 4.

What about adoption risk?

AI only delivers value if people actually use it. We reduce adoption risk through:

  • Clear use-case boundaries and “what good looks like”
  • Guided onboarding and training for the pilot cohort
  • Practical templates and workflow design aligned to your operating model
  • Iterative refinement cycles (the solution improves with real usage)
  • Champion networks and feedback loops built into delivery

Change management isn't an add-on. It's built into how we deliver. See Terms - Clause 6.

What SLA and support levels apply?

We typically target 99.5% availability for the managed environment, excluding outages of third-party providers, client-driven impacts, and scheduled maintenance windows.

Support levels and response targets are defined in the Proposal/SOW:

  • Pilots: Business-hours support with reasonable response targets
  • Production: Can include defined uptime targets, on-call escalation, and (where agreed) service credits

Planned maintenance is notified a minimum of 3 business days in advance, scheduled outside business hours where practical. Emergency or security-related maintenance may use shorter notice.

AI services are probabilistic. We design AI systems for optimal results, though AI output varies by nature and we can't guarantee 100% accuracy (protected through human-in-the-loop oversight). See Terms - Clause 5, Clause 13.

Code, IP & Exit

How can we access our code?

Your instance code (the modules, configurations, and UI built for you) is available through a tiered access model:

  • Code Visibility (read-only): Inspect your codebase, run audits, show investors. Available at Partnership 24+.
  • Code Access (read-write): Your in-house team can extend and modify instance code. Available at Partnership 24+.
  • Enablement: Training for your developers on the framework, safe extension patterns, and deployment pipeline. Available with Code Access.

Code access is for your in-house team only during the engagement. Third-party development firms are not permitted during the active engagement. Post-exit, this restriction is lifted.

RIVER's core delivery framework (Catalyst) is always separated from your instance code. You get full access to what we built for you. We retain the framework that powers it.

Fees for code access are specified in the Proposal/SOW as a percentage of the core licence fee. See Terms - Clause 10.4.

What if we want to part ways?

Your data and IP are always yours. That doesn't change on exit.

Notice periods:

  • Pilot: one (1) month written notice after the minimum term
  • Production: three (3) months written notice after the minimum term

After the minimum term, engagements continue month-to-month.

Early termination fees (Production only):

  • Year 1 of committed term: 50% of remaining licence and build lane fees
  • Year 2: 30%
  • Year 3: 15%
  • No early termination fees apply during Pilot engagements

Post-termination:

  • Production: platform remains accessible in read-only mode for 90 days
  • RIVER exports Customer Data in standard formats within 20 business days
  • Customer Data deleted within 30 business days of export confirmation

Independence pathway (optional):

For clients who want to fork and run their instance independently:

  1. Separation Engineering ($20-100K depending on platform complexity): we package your instance code, strip our core framework, document dependencies, and provide technical handover including one month post-separation support. The range reflects the diversity of platform sizes. Your separation scope and fee are confirmed in writing before work begins. Partnership 24 receives 15% off, Partnership 36 receives 25% off.
  2. Perpetual Instance Licence (one-time fee): multiplier improves with partnership length. P12 = 18 months of base licence, P24 = 15 months, P36 = 12 months. Can be paid as lump sum or 12 monthly instalments.

Independence is available as a standard right where you've completed 50% or more of your committed term. Under 50% is negotiated case-by-case. Not available for Pilots. See Terms - Clause 14, Clause 15.

Source-code escrow?

  • Partnership 36: Standard (RIVER absorbs the cost)
  • Partnership 24: Available on request (client pays escrow costs, typically $5-10K/year)

Escrow deposits include: instance source code, deployment configuration, infrastructure documentation, and dependency manifests. Updated quarterly.

Release conditions: RIVER insolvency, material breach unremedied within 20 business days, or cessation of RIVER platform operations. On release, the perpetual licence activates automatically. Separation Engineering remains available if you need active handover support. See Terms - Clause 15.5.

Scaling

Can we extend or scale later?

Yes. Scaling follows proven success, not sunk cost. Expansion options typically include:

  • Additional workflows and operational agents
  • Broader knowledge domains
  • Rollout to additional teams or business units
  • Optional automation enablement where needed and governed
  • Additional environments (DEV/UAT/PROD) depending on operational needs
  • Migration between deployment models (e.g., from RIVER Cloud to Customer Cloud)

Each new module builds on the existing platform. Expansion gets faster, not harder. See Terms - Clause 12.

How are disputes resolved?

Disputes are governed by New Zealand law. The process follows:

  1. Executive escalation: 10 business days
  2. Mediation: Via Resolution Institute Standard Mediation Agreement, within 20 business days of failed escalation
  3. Court proceedings: Neither party may begin until mediation has been attempted. Nothing prevents either party from seeking urgent interlocutory relief where necessary

See Terms - Clause 24.