Version: 1.0, April 6th, 2020
SUBSCRIPTION TERMS AND CONDITIONS
1. Definitions
1.1 In these Terms and Conditions the following words and expressions shall have the following meanings:
“Agreement” shall mean these Terms and Conditions alongside the Order Document and any Service Level Agreements appended thereto, which once executed, shall form a binding contract for the provision of the Product and/or Service(s).
"Agreement Date" means the date on which the Order Document is countersigned by the Company.
“Agreement Year” means a period of twelve months commencing on the Agreement Date or on any anniversary of the Agreement Date and included any shorter period ending on the date of termination of the Agreement.
“Charges” means charges payable by the Customer on a PEPM basis as indicated in the Order Document .
“Cloud Services” means the provision of on-demand online access to the Product in accordance with the terms of service referenced herein.
"Company" shall mean MHR International UK Ltd (MHR).
"Customer" shall mean the customer as defined on the Order Document.
“Confidential Information” shall mean any information provided by one party to the other, including but not limited to trade secrets, operations, processes, plans, intentions, prices, know-how, transactions, affairs and/or business.
“Data Subject” shall mean an individual who is the subject of the Personal Data.
“Data Controller” and “Data Processor” shall have the meanings set out in S.1 (1) Data Protection Act 2018 and GDPR 2016.
"controller", "processor", “data subject”, "personal data", and "processing" in clauses 15.11 through to 15.22 shall have the meanings given by the Data Protection Legislation in the context of which the term is being applied;
“Data Protection Legislation” shall mean, (i) unless and until it is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the General Data Protection Regulation or the Data Protection Act2018.
“Employee” means any individual for whom records are stored in the Product, including, but not limited to and all employees, consultants, independent contractors, volunteers, seasonal workers, pensioners, leavers or other personnel or invitees of the Customer.
“GDPR” means the General Data Protection Regulation ((EU) 2016/679).
“Good Industry Practice” means the exercise of the degree of skill and care, diligence, prudence and foresight which would reasonably and ordinarily be expected from a skilled and experienced contractor engaged (in the United Kingdom) in activities of a similar scope and complexity to those that are subject to the relevant Agreement and under the same or similar circumstances, where such contractor is seeking to comply with its contractual obligations and all applicable law and regulatory requirements;
“Initial Period” shall mean the minimum period of the Agreement, as stated on the Order Document.
“Intellectual Property Rights” means copyrights, rights in databases, patents, trademarks, business or trade names, domain names, registered designs, utility models, design rights, inventions, trade secrets, confidential information, know-how, get-up, and all other intellectual property and neighbouring rights and rights of a similar or corresponding character anywhere in the world (whether or not the same are registered or capable of registration) and all applications and rights to apply for or for the protection of any of the foregoing.
“iTrent” means the proprietary software of the Company, that (when indicated on the Order Document) the Company shall use for processing the Customer’s payroll.
“Malfunction” means when the Product does not operate as designed (in the reasonable opinion of the Company)
“Normal Working Hours” means between the hours of 9.00 am and 5.30 p.m. (Greenwich Mean Time or British Summer Time whichever applies in England for the time being) Monday to Friday inclusive but excluding English Bank Holidays and Statutory Holidays.
“PEPM” means Per Employee Per Month
“Product” means the PEOPLE FIRST software product which is proprietary to MHR International UK Limited.
“Representative” means an officer, employee, sub-contractor or agent of the Company or the Customer, and in the case of the Company, any other person wording under the direction of the Company.
“Services” means any services provided by the Company to the Customer under the Agreement.
“Service Desk" means the facility made available by the Company for the submission to it of Service Requests;
“Service Request" means any request by a Customer for assistance in operating the Product, including the notification of a Malfunction;
“Order Document” the document provided to the Customer for signature outlining, inter alia, the Service(s) to be provided, Agreement Date and Initial Period.
“Support Hours" means the hours between 09.00 and 17.00 (GMT) hours on a Working Day;
“Working Day” means any day other than Saturdays, Sundays and English bank and other public holidays.
“Term” shall be as defined in clause 7.1.
1.2 A reference to a statutory provision shall be construed as including a reference to that provision as amended, consolidated or re-enacted (whether before or after the date of the Agreement).
1.3 Any headings are used for ease of reference only and shall not affect the construction of any provisions of the Agreement.
1.4 These Terms and Conditions shall override all other terms and conditions inconsistent with it whether express, implied or otherwise, including but not limited to terms, conditions or stipulations contained in any order of the Customer or otherwise stipulated by the Customer and which are at variance with or additional to these Terms and Conditions.
2. Company Obligations
2.1 In consideration of the payment of the Charges, and provided that the Customer complies with the Customer’s obligations, the Company grants to the Customer a non-exclusive, non-transferable licence to use the Product in accordance with Section 10 of this Agreement;
2.2 The Company will not be liable for any failure in the performance of the Product or Services in whole or in part which is as a result of the Customer’s failure to comply with the Customer’s Obligations, and in particular the obligations set out in Clause 3.3 of this agreement.
2.3 The Company shall use commercially reasonable endeavours to keep the product available not less than 99.8% excluding scheduled maintenance time.
2.4 The Company will provide the number of environments as detailed on the Order Document.
2.5 The Company will provide the Services as described in any attached Statement of Work or Service Level Agreement.
3. Customer Obligations
3.1 In consideration of the Company providing the Customer access to the Product, the Customer will pay the Charges.
3.2 As a condition of this Agreement the Customer will also fulfil the Customer’s obligations as found throughout the Agreement.
3.3 The Customer shall be solely responsible for, and shall pay all costs and expenses for: (a) all communications, hardware and software needed to use the Product; (b) appropriate internet connections to ensure effective access to and use of the Product; (c) ensuring the compatibility of the Customer’s network, systems, products and applications for use in connection with the Product; and (d) determining the suitability of those items for that purpose. The Customer shall be responsible for ensuring the security and confidentiality of all passwords. The Customer acknowledges it shall be solely responsible for all liabilities incurred through use (permitted or unpermitted) of any passwords.
3.4 The Customer agrees to indemnify and hold harmless the Company against any and all claims, losses, damages, costs, expenses and other liabilities of any kind that the Company incurs or suffers to the extent arising from the acts and/or omissions of the Customer or the Customer’s personnel in respect of the Product or Cloud Services, including the use thereof, and/or breach of any of the Customer obligations under this Agreement by the Customer or the Customer’s personnel.
3.5 Acceptable Use Policy.
Customer shall not (a) use the Product to store or transmit infringing, libellous, or otherwise unlawful or tortious material or to store or transmit material in violation of third party privacy or Intellectual Property rights; (b) use the Product to execute, store or transmit malicious code; (c) interfere with or disrupt the integrity or performance of the Product; (d) attempt to gain unauthorised access to the Product; (e) reverse engineer, decompile, disassemble, or otherwise attempt to learn any source material; (f) modify, translate, or create derivative works of the Product; (g) remove any copyright, trademark, patent, or other proprietary notice that appears on the Product or any documentation; and/or (h) distribute or otherwise make available any documentation to any third parties other than Employees.
3.6 The Customer agrees to promptly furnish the Company with such information and documents as may reasonably be requested subject to such confidentiality obligations as the Customer may reasonably impose.
4. Warranties and General Obligations
4,1 Both parties shall comply with all applicable law, including but not limited to the Data Protection Legislation.
4.2 The Company warrants that:
(a) its title to and property in the Product is free and unencumbered and that it has the right, power and authority to license the same on the terms outlined in the Agreement; and
(b) when properly used (as indicated in the Product Documentation or other Contract Document), the Product will operate in accordance with the Product Documentation.
(c) The Company warrants that all Services will be provided in accordance with Good Industry Practice and any Applicable Law.
4.3 If the Company breaches the warranties given in clause 4.2, it shall at its option, and as applicable:
(a) repeat performance of the part of the relevant Services, as appropriate, which are found not to conform to the warranty;
(b) refund an appropriate proportion of those Charges paid by the Customer which are attributable to the part of the Product and/or Services found not to conform to the warranty;
(c) provide Product Support to remedy the breach; or
(d) replace the Product or any part thereof found not to conform to the warranty.
4.4 Other than any express warranties set out in the Agreement, and save to the extent prohibited by law, any representation, statement, condition, term or warranty, express or implied, statutory or otherwise, as to any Software, Services or Documentation is hereby excluded.
5. Confidentiality
5.1 The documentation and all other information, ideas, concepts, methods and processes, data, drawings, specifications, software listings, source or object codes and any associated computer produced output which the Company may supply to the Customer relating to or in connection with the Product and/or Services are proprietary and confidential to the Company. The Customer hereby agrees that it shall use the same solely in accordance with the purposes of the Agreement and the provisions of these Terms and Conditions and that it shall not at any time during or after completion or expiry of the Agreement disclose them, whether directly or indirectly, to any third party.
5.2 Each party shall, in respect of Confidential Information it has received from the other:
5.2.1 Keep the Confidential Information strictly confidential and not disclose any part of it to any person except as permitted by or as required for the performance of the recipient’s obligations under this Agreement;
5.2.2 Take all reasonable steps to prevent unauthorised access to the Confidential Information;
5.2.3 Not use the Confidential Information other than for the purposes set out in this Agreement.
5.3 Each party may disclose the Confidential Information to, and allow its use in accordance with this Agreement by the following (as long as the conditions in clause 5.4 are met):
5.3.1 Employees and officers of the recipient who require it for the recipient to perform its obligations under this Agreement.
5.3.2 The recipient’s auditors and professional advisors solely for the purposes of providing professional advice.
5.4 As a condition of the rights set out in clause 5.3 the party wishing to exercise the rights must:
5.4.1 Ensure that any party to whom it discloses Confidential Information is under an obligation of confidentiality about such Confidential Information; and
5.4.2 Procure that such persons observe the restrictions in this clause 5.
5.5 The restrictions in clause 5.2 do not apply to any information to the extent that it:
5.5.1 Is or comes within the public domain other than through a breach of clause 5.1; or
5.5.2 Is in the recipient’s possession (with full right to disclose) before receiving it from the other party; or
5.5.3 Is lawfully received from a third party (with full right to disclose).
6. Charges
6.1 The Company shall invoice the Customer for the Charges at the frequency stated in the Order Document, or if no frequency is stated, annually. The Customer shall pay the Charges in advance and without deduction or set-off.
6.2 The Charges are exclusive of VAT and shall be paid by the Customer in full within thirty (30) days from the date of receipt of the Company’s invoice.
6.3 After the Initial Period and at the end of each subsequent twelve (12) month period, the Company may, at its option make an increase to the charges relating to the Product. Any such charges shall not be at a rate greater than ten per cent of the prevailing rate of the Product at the time.
6.4 If Customer payments are not made on its due date the Company reserves the right to charge interest on the balance outstanding at the set out in the Late Payment of Commercial Debts (Interest) Act 1998, in which case the Customer shall pay such interest on demand.
6.5 The Company reserves the right to suspend access to the Product with seven days’ notice in the event that any payment is not made on its due date or the Customer fails to pay any Charges by their due date.
7. Duration, Suspension & Termination
7.1 This Agreement shall take effect on the Agreement Date and, subject to the provisions relating to early termination, will continue for the Initial Period at which point it shall terminate without the requirement of notice from either party.
7.2 The Agreement may be terminated:
7.2.1 by either party if the other party going into liquidation, being dissolved or declared bankrupt or having a receiver, administrator or administrative receiver appointed over all or part of its assets, or entering into an arrangement with its creditors, or any similar situation;
7.2.2 by either party in the event of a material breach of this Agreement by the other party (which, if it is capable of being remedied, remains un-remedied thirty (30) clear days after the day on which a written notice specifying the nature of the breach has been served on that other party). For the avoidance of doubt, non-payment of any undisputed Charges payable by the Customer shall be deemed a material breach for the purposes of this Agreement.
7.2.3 forthwith by the Company if any charge is not paid by the Customer by the due date;
7.2.4 forthwith by the Company if the Customer being a body corporate shall present a petition or have a petition presented by a creditor for its winding up or shall convene a meeting to pass a Resolution for the voluntary winding up or shall enter into any liquidation (other than for the purposes of a bona fide reconstruction or amalgamation) shall call a meeting of its creditors or shall have a Receiver of all or any of its undertakings or assets appointed or shall be deemed by virtue of Section 123 of the Insolvency Act 1986 to be unable to pay its debts.
7.3 On termination of this Agreement the Company will, at the expense of the Customer and provided that the Customer has paid all due Charges, return to the Customer all information sent to the Company by the Customer which is still in the Company’s possession.
7.4 The completion, expiry or termination of the Agreement shall be without prejudice to the rights of the parties accrued up to the date of such completion, expiry or termination.
8. Liability
8.1 Nothing in this Agreement excludes or limits the liability of either party for death or personal injury caused by that party’s negligence or for fraudulent misrepresentation.
8.2 Subject to clause 8.1 the Company shall have no liability for any loss or damage which may be suffered by the Customer (or any other person having the benefit of this Agreement) whether arising in respect of any breach of this Agreement or any representation or tortious act or omission (including negligence and breach of statutory duty) or otherwise howsoever arising under or in connection with this Agreement, and which falls within any of the following categories.
8.2.1 indirect or consequential loss or damage (even if the Company was aware of the circumstances in which such special damage could arise);
8.2.2 loss of profits;
8.2.3 loss of revenue;
8.2.4 loss of anticipated savings;
8.2.5 loss of business opportunity;
8.2.6 loss of goodwill; or
8.2.7 loss or corruption of data;
8.3 But that clause 8.2 shall not operate to prevent claims for direct financial loss arising out of a breach of the Data Protection Legislation or any other claims for direct financial loss that is not excluded by clauses
8.2.1 to 8.2.7.
8.4 The aggregate liability of the Company in respect of any losses, damages, costs or claims which may be suffered by the Customer and which arise out of or in connection with;
8.4.1 any and all breaches of the Agreement during any Agreement Year; and
8.4.2 any other act or omission of the Company (or its officers or employees) in connection with the Agreement during any Agreement Year;
Shall not exceed the total amount payable by the Customer by way of Charges during the Agreement Year in which the breach, act or omission in question occurred; but this clause shall not exclude or limit the liability of the Company for breach of Data Protection Legislation.
8.5 The aggregate liability of the Company in relation to the Data Protection Legislation in respect of all losses suffered or claimed by the Customer (or any person having benefit of an Agreement) during the Term or thereafter shall not exceed £1million GBP.
8.6 Each party shall insure with a reputable insurance company against its liabilities under this clause.
8.7 Subject always to clause 8.2, the total liability of the Company in connection with any Agreement in relation to any Cloud Services provided or made available under such Agreement (whether arising in contract, tort including negligence or breaches of statutory duty by the Company or its Representatives, under any indemnity or otherwise) shall not exceed a sum equal to:
(a) the total amount (if any) actually recovered by the Company from the relevant Cloud Services provider in respect of the matters giving rise to such liability;
divided by:
(b) the total number of customers of the Company affected who use the relevant Cloud Services.
9. Intellectual Property and Use of Data
9.1 The Customer acknowledges that the Product and Services along with all related intellectual property rights (“IPRs”) are, and shall remain, the sole property of the Company or its respective licensors. Nothing contained in this Agreement will be construed to assign or grant to the Customer any right, title or interest in or to the Product or any IPRs relating thereto.
9.2 The Customer understands and agrees that:
(a) the Company will have access to the Customer’s account;
(b) the Company may access your account to confirm that your use of the Product is in accordance with the terms of this Agreement;
(c) the Company and Cloud Provider reserve the right to remove or demand removal of any and all Data that is provided, transmitted, maintained or stored through the Product and/or Cloud Services as to ensure on-going compliance with any applicable Acceptable Use Policies, to confirm access rights to and/or address inappropriate, unlawful, offensive or obscene material;
(d) the Company and Cloud Provider can use all Data, in whole or in part, on a de-identified basis, to further develop, modify, enhance and improve on the Product, to provide aggregate level statistic information and analytics to Customer and the marketplace (such as average time to hire, average salary costs, diversity statics and compensation statistics), and the like; and
(e) the Company and Cloud Provider have the right to disclose Data as may be required by law, court order or similar process.
9.3 The Customer acknowledges and understands that where the Company suspends the access to the Product in accordance with clause
6.5 and where the Customer does not fully address the reasons for the suspension within sixty (30) days after suspension, the Company may terminate this Agreement and delete the Customer Data without any retention period.
9.4 The Company will indemnify the Customer against all losses sustained or incurred by the Customer in connection with any infringement or alleged infringement of the rights of third parties arising from the provision of the Services provided that:
9.4.1 the Customer shall not have done permitted or suffered to be done anything which may have been or become an infringement of the rights of any third party;
9.4.2 the Customer is not in material breach of this Agreement;
9.4.3 the Customer has notified the Company of any alleged infringement within 3 Working Days of first knowing or being aware of such allegation;
9.4.4 the Customer has made no admission of liability without the prior written consent of the Company; and
9.4.5 the Customer has permitted the Company (at the Company’s expense) to conduct any litigation and negotiations for settlement of the claim.
9.5 If the Customer fails to comply with the conditions in clause 9.4 the Customer shall indemnify the Company from and against all losses sustained or incurred by the Company which might have been avoided but for such failure.
9.6 The Company may defend or make settlement of any claims as referred to in clause 9.4 at its own discretion and the Customer shall give such assistance as the Company may reasonably require to defend or settle any such claims.
9.7 In the event that any such infringement occurs or may occur the Company may at its sole option and expense take such steps as it sees fit to prevent or bring to an end such infringement.
10. Software License Terms
10.1 The use of the Product by the Customer shall be subject to the conditions of this clause 10.
10.2 The licence to use the Product commences on the Agreement Date and shall continue until the Agreement is terminated or expires in accordance with its terms.
10.3 Except as expressly permitted by the Agreement the Customer may use the Product solely for its own internal business purposes and for no other purposes whatsoever.
10.4 The Customer will not make, or attempt to make, copies of the Product nor shall it attempt to deal with the Product or have any supporting or other software or program written or developed for it based on any Confidential Information supplied to it by the Company or its Representative.
10.5 All Intellectual Property Rights in any Software and/or Services belong and shall belong to the Company or its licensors, and the Customer shall have no rights in or to them other than the right to use them in accordance with the terms and conditions of the Agreement.
10.6 The Customer shall not, and shall ensure that the Customer’s personnel and Representatives will not:
(a) sell, resell, rent or lease the Product;
(b) use the Product to store or transmit infringing, defamatory, threatening, offensive, abusive, obscene, libellous, or otherwise unlawful or tortuous information or material or to store or transmit information or material in violation of third party privacy rights or IPRs;
(c) use the Product to execute, store or transmit malicious code;
(d) interfere with or disrupt the integrity or performance of the Product;
(e) attempt to gain unauthorised access to the Product;
(f) reverse engineer, decompile, disassemble, or otherwise attempt to learn any source code, structure, designs, algorithms, or other items underlying the Product;
(g) remove any copyright, trademark, patent, or other proprietary notice that appears on the Product or any print-outs or electronic files therefrom, or otherwise infringe upon or misappropriate any intellectual property or other proprietary rights of the Company, Cloud Provider or any of their licensors;
(h) use the Product in the manner that makes excessive use of the Company’s or Cloud Provider’s network;
(i) introduce into any system, network, product or data of the Company, Cloud Provider or Customer, any time bomb, Trojan Horse, worm, drop dead device, virus or other computer software routines designed to permit access to, use of, deletion of or interference with operation of any aspect thereof that is unauthorised;
(j) introduce any self-destruction mechanism, illicit code, automatic restraint, or other mechanism that may interfere with the Company’s or Cloud Provider’s abilities to exercise its rights under this Agreement or other computer operations; and
(k) carry out any unauthorised penetration or security against the Product.
11. Cloud Hosted Environment
11.1 Customer acknowledges and agree that the Cloud Services are provided by the Cloud Provider and that the Cloud Provider has the right to make modifications and/or enhancements to the Cloud Services at any time at its convenience and discretion. As of the Effective Date hereof, the Cloud Provider is Microsoft Azure but such term includes any and all successors thereto. Customer’s ability to use the Product is dependent upon the Cloud Services and may be affected or limited by the Cloud Services. The Company is not responsible for the security of Data while in transit over the Internet or when processed or stored by the Cloud Services.
11.2 Cloud Provider & Cloud Services. Customer further acknowledges and agrees that the Product and Service are subject in all respects to the following Cloud Provider terms and conditions, as amended from time to time or as replaced by alternate Cloud Providers (and automatically incorporated herein as and when amended), and any and all other Cloud Provider terms and conditions applicable to the Cloud Services at any time:
11.2.1 The Microsoft Azure Online Order Document found at:
11.2.2 The Microsoft Azure Online Services Terms and Service Level Agreement found at:
11.2.3 Any and all other Cloud Provider terms and conditions applicable to the Cloud Services.
11.2.4 Customer hereby acknowledges and agrees that the foregoing Cloud Provider terms and conditions describe, restrict, limit and disclaim certain of the rights, obligations, damages and liabilities granted or otherwise available to the Customer (as the subscriber) and/or to Employees (as third party account users by and through the Company) and the Customer hereby acknowledges and agrees that:
i. that nothing in this Agreement is intended to nor shall be deemed to create any duty, obligation or liability against the Company relating to the Cloud Services that is/are excluded or disclaimed by the Cloud Provider, the foregoing terms of which shall govern any conflicting terms herein; and
ii. that nothing in this Agreement is intended to nor shall be deemed to create any duty, obligation or liability against the Company relating to the Cloud Services that is/are excluded or disclaimed by the Cloud Provider, the foregoing terms of which shall govern any conflicting terms herein; and
iii. Customer hereby agrees to look solely to the Cloud Provider (and to waive and release the Company from) any responsibility, damages and liabilities for any failure or defect in the Cloud Services that is/are solely within the Cloud Provider’s control and/or outside the Company’s control.
12. General
12.1 A person who is not a party to the Agreement for the provision of the Service(s) has no right under the Contracts (Right of Third Parties) Act 1999 to enforce any term of the Agreement.
12.2 Without limiting the generality of clause 12.1, the use of, and access to, the Service(s) and the Product is limited to the Customer acting through its direct employees. Any use of, or access to, the Service(s) or Product by any contractor of the Customer or other third party is not permitted without the consent of the Company which may, as a condition of that consent, require the contractor or third party to enter into a licence and confidentiality agreement governing their use of or access to the Service(s) or Product.
12.4 Nothing in this Agreement is intended to, or shall, operate to create a partnership or joint venture of any kind between the parties, authorise either party to act as agent for the other party, or authorise either party to act in the name or on behalf of, or otherwise to bind, the other party in any way.
12.5 This Agreement sets out all the terms agreed between the parties about the Product. It hereby supersedes, cancels and fully takes the place of all previous agreements, negotiations, understandings and representations between the parties which relate to the Service(s) to be provided per the Order Document.
12.6 No variation to this Agreement shall be binding upon the parties unless made in writing and signed by a duly authorised representative of each of the parties.
12.7 If any dispute arises in connection with this Agreement, the parties shall attempt to settle it by mediation in accordance with the Centre for Effective Dispute Resolution (CEDR) Model Mediation Procedure at first instance. Unless otherwise agreed between the parties, the mediator will be nominated by CEDR. This clause 12.7 shall not prevent either party from seeking injunctive or interlocutory relief or remedy from the English courts in relation to any dispute.
12.8 This Agreement shall be governed by the laws of England and Wales and subject to clause 12.7, the parties agree to submit any disputes under or in connection with this Agreement to the exclusive jurisdiction of the English courts.
13. Severability
In the event that any or any part of any term of the Agreement shall be determined invalid, unlawful or unenforceable to any extent then such term, or such part thereof shall be severed from the remaining terms of the Agreement which shall continue to be valid and enforceable to the fullest extent permitted by law.
14. Waiver
Failure or neglect by the Company to enforce at any time any of the provisions hereof shall not be construed as, nor shall it be deemed to be, a waiver of the Company's rights hereunder nor in any way
affect the validity of the whole or any part of these Terms and Conditions nor prejudice the Company's rights to take subsequent action.
15. Data Protection
15.1 The Company acknowledges that the Personal Data belongs to the Customer.
15.2 The parties acknowledge that, for the purposes of the Data Protection Legislation, the Company is the processor and the Customer is the Controller in respect of any Personal Data processed by the Company pursuant to the Agreement. The Service Level Agreement sets out the scope, nature and purpose of processing by the Company, the duration of the processing and the types of Personal Data and categories of Data Subject.
15.3 Each party shall comply with all applicable requirements of the Data Protection Legislation in respect of Personal Data. Clauses 15.11 to
15.22 are in addition to, and does not relieve, remove or replace, a party’s obligations under the Data Protection Legislation.
15.4 Without limiting the generality of the foregoing, the Company shall:
(a) process the Personal Data only on behalf of the Customer, only for the purposes of performing an Agreement and only in accordance with the Customer’s documented instructions from time to time, including with regard to transfer of Personal Data to a third country or international organisation, unless required to do so by the law of the European Union or a member state to which the Company is subject, in which case it will inform the Customer of that legal requirement before processing, subject to the exception in Article 28 (1) of the GDPR;
(b) inform the Customer if, in its opinion, an instruction infringes Article 28 of the GDPR or any other provision of the Data Protection Legislation;
(c) ensure that all persons authorised by the Company to process the Personal Data have committed themselves to confidentiality or are under a statutory obligation of confidentiality;
(d) take such measures in relation to the security of the Personal Data as are required of it by Article 32 of the GDPR and any local Data Protection Legislation;
(e) observe the requirements of Articles 28(2) and Article 28(4) of the GDPR with regard to the engagement of sub-processors;
(f) taking into account the nature of the processing, assist the Customer by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Customer's obligation to respond to requests by Data Subjects to exercise their rights under Chapter III of the GDPR (including the right to transparency and information, the data subject access right, the right to rectification and erasure, the right to the restriction of processing, the right to data portability and the right to object to processing);
(g) taking into account the nature of the processing under an Agreement and the information available to the Company, assist the Customer in carrying out its obligations under Articles 32 to 36 of the GDPR and any other Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(h) at the Customer's written direction, within a reasonable period delete or return all Personal Data to the Customer on the expiry or termination of the relevant Agreement, and delete existing copies unless required by law to store the Personal Data;
(i) make available to the Customer information that demonstrates its compliance with Article 28 (3) of the GDPR and its obligations in this Section 15;
(j) permit the Customer or a third party authorised by it, to carry out audits and inspections of the processing of Personal Data by the Company, on reasonable notice in normal business hours. The Company may require a third party auditor to enter into a confidentiality agreement before permitting it to carry out an audit. The Company reserves the right to make a charge for the time of its personnel engaged in assisting with an audit; and
(k) notify the Customer without undue delay after becoming aware of a Personal Data breach.
15.5 If the Company notifies the Customer that, in its opinion, an instruction infringes Article 28 of the GDPR or any other applicable Data Protection Legislation, or is of the opinion that an instruction to process Personal Data is for purposes other than the performance of the relevant Agreement, it will consult with the Customer as soon as reasonably possible. If the Company, after consultation is of the same opinion, it will not be obliged to follow that instruction.
15.6 Without limiting the generality of the foregoing, the Customer shall:
(a) ensure that it complies with the Data Protection Legislation and all applicable codes of practice in respect of the Personal Data from time to time, including in its role as a Data Controller and in supplying or making available to the Company any Personal Data for processing by the Company in performance of its obligations under an Agreement; and
(b) not instruct the Company to process Personal Data for purposes other than the performance of the relevant Agreement.
15.7 The Customer warrants to the Company that:
(a) it has all necessary appropriate consents and notices in place to enable the lawful transfer of Personal Data to the Company for the duration and purposes of an Agreement.
(b) all Personal Data provided to the Company pursuant to an Agreement will be, to the best of its knowledge, accurate and complete in all material respects, and that the Customer is entitled to provide the same to the Company without recourse to any third party; and
(c) the Personal Data does not and shall not, so far as it is aware, infringe the rights of any third party.
15.8 The Customer acknowledges that the Company is reliant on the Customer for direction as to the extent that the Company is entitled to use and process Personal Data.
15.9 The engagement of any sub-processor named in the Order Document for the purposes there stated is authorised by the Customer and shall be a general written authorisation for the purposes of the Data Protection Legislation. Where a sub-processor ceases to trade, becomes insolvent or is in breach of the Data Protection Legislation, the Company may change that sub-processor without reference to the Customer provided that:
(a) it notifies the Customer as soon as practicable; and
(b) the replacement sub-processor is reputable and of such size and standing as to be able to fulfil its obligations to the Company without difficulty.
15.10 If the Customer objects to a change pursuant to clause 15.19 it may terminate the relevant Agreement (or where practicable, that part of it dealing with the relevant services) on the provision of 6 months’ notice
and (unless it can show that the objection was objectively reasonable in the circumstances) subject to the payment, prior to the expiry of that notice, of all outstanding charges for the balance of the Agreement Term.
15.11 Provided that the Company only undertakes the following activities on an aggregated basis using anonymised data which cannot be linked back to the Customer or any individual, nothing in clauses 15.11 to 15.22 shall restrict or prevent the Company from recording, retaining and using for monitoring, statistical analysis or marketing purposes:
(a) any information derived from the Customer or its Representatives access to and use of any Product or Services; or
(b) any information or data stored or processed using the Product or Services.
15.12 If either party breaches its obligations under clauses 15.11 to
15.22 or the Data Protection Legislation it shall indemnify the other from and against any resulting Losses.
15.13 The Customer shall indemnify the Company against all claims demands, proceedings, damages costs and expenses incurred or suffered by the Company in any way as a result of the Customer's breach of any provision of the Data Protection Act 2018 and/or GDPR or any applicable legislation.
16. Assignment
16.1 The Agreement may not be assigned or transferred in any way by the Customer without the Company's prior written consent.
16.2 The Company shall be entitled to assign the benefit (subject to the burden) of this Agreement to a company which succeeds to the business of the Company as a result of any internal reorganisation reconstruction or amalgamation of the Company or any group of companies of which the Company from time to time forms part of.
17 Force Majeure
Neither party shall be liable for any delay in performing any of its obligations under this Agreement if such delay is caused by circumstances beyond its reasonable control and such party shall be entitled to such extension of time (not exceeding three months) as is reasonable in such circumstances. If either party is unable to perform its obligations because of such circumstances for a consecutive period of more than three months the other party may terminate this Agreement by notice in writing and the provisions of clauses 11.3, 11.4 and 11.5 shall apply.
18. Notices
Any notice required or permitted under the terms of the Agreement or otherwise required shall be in writing and shall be delivered in person sent by first class mail or air mail as appropriate properly posted and fully prepaid in an envelope properly addressed to the Company Secretary (or equivalent officer) of the party to whom the notice is being given at the address as stated in the Order Document (unless the address for notice is changed in accordance with this clause) and shall be deemed to have been received by the other party: if delivered by hand, when delivered; if posted, on the second Working Day following the date of posting.
19. Law and Arbitration
19.1 The parties hereby agree that the Agreement and these Terms and Conditions shall be construed in accordance with English Law.
19.2 Any dispute or difference between the parties in connection with the Agreement or the Services shall be referred to and determined by a sole arbitrator to be appointed by agreement between the parties or in default of such agreement by the President for the time being of the British Computer Society.
