1. InterpretationThe definitions and rules of interpretation in this clause apply in this Contract.
1.1 Authorised Users: those employees, agents, clients, independent contractors of the Customer and any other third parties who are authorised by the Customer to use the Products.
Confidential Information: information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 1.
Conditions: the terms and conditions set out in clause 1 (Interpretation) to clause 25 (Jurisdiction) (inclusive) and the Appendix.
Contract: the contract between the Customer and the Supplier for the supply of the Products in accordance with these Conditions.
Customer: the Supplier’s registration form.
Customer Data: the data inputted by the Customer, Authorised Users, or the Supplier on the Customer’s behalf for the purpose of using the Products or facilitating the Customer’s use of the Products.
Documentation: any document made available to the Customer by the Supplier from time to time which sets out the user instructions for the Products.
Fees: the fees payable by the Customer to the Supplier for the Products in all cases as detailed in the Supplier’s price list published on www.collaborativeconveyancing.co.uk from time to time.
Heightened Cybersecurity Requirements: any laws, regulations, codes, guidance (from regulatory and advisory bodies (whether mandatory or not), international and national standards, industry schemes and sanctions, which are applicable to either the Customer or an Authorised User (but not the Supplier) relating to security of network and information systems and security breach and incident reporting requirements, which may include the cybersecurity Directive ((EU) 2016/1148), Commission Implementing Regulation ((EU) 2018/151), the Network and Information systems Regulations 2018 (SI 506/2018), all as amended or updated from time to time.
Products: each of the software applications which from time to time are made available by the Supplier generally and which are described in more detail at www.collaborativeconveyancing.co.uk and which the Supplier may agree in writing from time to time to licence to the Customer and to which the Customer has purchased a licence pursuant to this Contract.
Start Date: the date that the Customer first uses the Products.
Supplier: Collaborative Conveyancing Limited, a company incorporated and registered in England and Wales with company number 13721870, whose registered office is at 31 Wellington Road, Nantwich, Cheshire, CW5 7ED, United Kingdom
Term: has the meaning given in clause 1.
Virus: any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.
Vulnerability: a weakness in the computational logic (for example, code) found in software and hardware components that when exploited, results in a negative impact on confidentiality, integrity, or availability, and the term Vulnerabilities shall be interpreted accordingly.
Year: a 12 month period commencing on the Start Date or any anniversary of it.
1.2 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of this Contract and shall include all subordinate legislation made as at the date of this Contract under that statute or statutory provision.
1.3 A reference to writing or written excludes fax but not email.
2. Products
2.1 Subject to the Customer paying the Fees in accordance with clause 1, the restrictions set out in this clause 2 and the other terms and conditions of this Contract, the Supplier hereby grants to the Customer during the Term and solely for the Customer’s internal business operations, a non-exclusive, non-transferable right and licence, without the right to grant sublicences, to permit certain Authorised Users to use those Products which the Customer purchases.
2.2 The Supplier may make Products available only to a certain class of Authorised User. The Supplier shall from time to time describe on its website the details of such Products and classes.
2.3 The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Products that:
(a)is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
(b)facilitates illegal activity;
(c)depicts sexually explicit images;
(d)promotes unlawful violence;
(e)is discriminatory based on age, disability, sex, race, gender, colour, religious belief, sexual orientation, disability; or
(f) is otherwise illegal or causes damage or injury to any person or property;
and the Supplier reserves the right, without liability or prejudice to its other rights to the Customer, to disable the Customer’s access to any material that breaches the provisions of this clause.
2.4 The Customer shall not:
(a)except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties and except to the extent expressly permitted under this Contract:
(i)attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Products and/or Documentation (as applicable) in any form or media or by any means; or
(ii) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Products; or
(b) access all or any part of the Products and/or Documentation in order to build a product or service which competes with the Products and/or the Documentation; or
(c) use the Products and/or Documentation to provide services to third parties; or
(d) subject to clause 1, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Products and/or Documentation available to any third party, other than as provided under this clause 2, or
(e) attempt to obtain, or assist third parties in obtaining, access to the Products and/or Documentation, other than as provided under this clause 2; or
(f) introduce or permit the introduction of, any Virus or Vulnerability into the Products or the Supplier’s network and information systems.
2.5 The Customer shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Products and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify the Supplier.
2.6 The rights provided under this clause 2 are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company of the Customer.
The parties shall comply with the Appendix.
The Customer acknowledges that the Products may enable or assist it to access the website content of, correspond with, and purchase products and services from, third parties via third-party websites. The Supplier will use its commercially reasonable endeavours to ensure that such third parties provide their products and services with reasonable skill and care and such provision complies with the Customer’s regulatory obligations.
5.1 The Supplier shall provide the Products with reasonable skill and care and shall take commercially reasonable steps not to introduce any Viruses or Vulnerabilities into the Customer’s network and information systems via the Products or otherwise.
5.2 The Supplier:
(a) does not warrant that:
(i)the Customer’s use of the Products will be uninterrupted or error-free; or
(ii) that the Products, Documentation and/or the information obtained by the Customer through the Products will meet the Customer’s requirements; or
(iii) the Products will be free from Vulnerabilities or Viruses; or
(iv) the Products or Documentation will comply with any Heightened Cybersecurity Requirements.
(b) is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Products and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities.
5.3 This Contract shall not prevent the Supplier from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to those provided under this Contract.
5.4 The Supplier warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this Contract.
6.1 The Customer shall:
(a) provide the Supplier with:
(i) all necessary co-operation in relation to this Contract; and
(ii) all necessary access to such information as may be required by the Supplier,
in order to provide the Products, including but not limited to Customer Data, security access information and configuration services;
(b) without affecting its other obligations under this Contract, comply with all applicable laws and regulations with respect to its activities under this Contract;
(c) carry out all other Customer responsibilities set out in this Contract in a timely and efficient manner. In the event of any delays in the Customer’s provision of such assistance as agreed by the parties, the Supplier may adjust any agreed timetable or delivery schedule as reasonably necessary;
(d) ensure that the Authorised Users use the Products and the Documentation in accordance with this Contract and shall be responsible for any Authorised User’s breach of this Contract;
(e) obtain and shall maintain all necessary licences, consents, and permissions necessary for the Supplier, its contractors and agents to perform their obligations under this Contract, including without limitation the Products;
(f) ensure that its network and systems comply with the relevant specifications provided by the Supplier from time to time; and
(g) be, to the extent permitted by law and except as otherwise expressly provided in this Contract, solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to the Supplier’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.
6.2 The Customer shall own all right, title and interest in and to all of the Customer Data that is not personal data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of all such Customer Data.
7.1 The Customer shall pay the Fees to the Supplier in accordance with this clause 7.
7.2 The Fee shall be payable in respect of each Product as detailed in the Supplier’s price list published on www.collaborativeconveyancing.co.uk from time to time. The aggregate Fees shall be calculated on or about the end of each month and shall be payable monthly in arrears.
7.3 The Customer warrants that at registration it provided to the Supplier valid, up-to-date and complete contact and billing details together with a completed direct debit mandate to the Supplier.
7.4 Payment for the Fees is by direct debit. The Customer hereby authorises the Supplier to charge the Customer’s designated bank account on or about the start of each month for the Fees incurred in the previous month.
7.5 The Supplier shall send to the Customer an electronic invoice within seven days of the beginning of the month following payment.
7.6 If the Supplier has not received payment on the due date, and without prejudice to any other rights and remedies of the Supplier:
(a) the Supplier may, on no less than 5 days’ notice to the Customer and without liability to the Customer, disable the Customer’s password, account and access to all or part of the Products and the Supplier shall be under no obligation to provide any or all of the Products while the invoice(s) concerned remain unpaid; and
(b) interest shall accrue on a daily basis on such due amounts at an annual rate equal to 4% over the then current base lending rate of the Supplier’s bankers in the UK from time to time, commencing on the due date and continuing until fully paid, whether before or after judgment.
7.7 All amounts and fees stated or referred to in this Contract:
(a) shall be payable in pounds sterling;
(b)are, subject to clause 3(b), non-cancellable and non-refundable;
(c) are exclusive of value added tax, which shall be added to the Supplier’s invoice(s) at the appropriate rate.
8.1 The Customer acknowledges and agrees that the Supplier and/or its licensors own all intellectual property rights in the Products. Except as expressly stated herein, this Contract does not grant the Customer any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the Products or the Documentation.
8.2 The Supplier confirms that it has all the rights in relation to the Products and the Documentation that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this Contract.
9.1 Confidential Information means all confidential information (however recorded or preserved) disclosed by a party or its Representatives (as defined below) to the other party and that party’s Representatives whether before or after the Start Date in connection this Contract, including but not limited to:
(a) any information that would be regarded as confidential by a reasonable business person relating to:
(i)the business, assets, affairs, customers, clients, suppliers, plans, intentions, or market opportunities of the disclosing party; and
(ii) the operations, processes, product information, know-how, designs, trade secrets or software of the disclosing party;
(b) any information developed by the parties in the course of carrying out this Contract and the parties agree that:
(i) details of the Products, and the results of any performance tests of the Products, shall constitute Supplier Confidential Information; and
((ii) Customer Data shall constitute Customer Confidential Information.
Representatives means, in relation to a party, its employees, officers, contractors, subcontractors, representatives and advisers.
9.2 The provisions of this clause shall not apply to any Confidential Information that:
(a) is or becomes generally available to the public (other than as a result of its disclosure by the receiving party or its Representatives in breach of this clause);
(b) was available to the receiving party on a non-confidential basis before disclosure by the disclosing party;
(c) was, is or becomes available to the receiving party on a non-confidential basis from a person who, to the receiving party’s knowledge, is not bound by a confidentiality agreement with the disclosing party or otherwise prohibited from disclosing the information to the receiving party; or
(d) the parties agree in writing is not confidential or may be disclosed; or
(e) is developed by or for the receiving party independently of the information disclosed by the disclosing party.
9.3 Each party shall keep the other party’s Confidential Information secret and confidential and shall not:
(a) use such Confidential Information except for the purpose of exercising or performing its rights and obligations under or in connection with this Contract (Permitted Purpose); or
(b) disclose such Confidential Information in whole or in part to any third party, except as expressly permitted by this clause 9.
9.4 A party may disclose the other party’s Confidential Information to those of its Representatives who need to know such Confidential Information for the Permitted Purpose, provided that:
(a) it informs such Representatives of the confidential nature of the Confidential Information before disclosure; and
(b) at all times, it is responsible for such Representatives’ compliance with the confidentiality obligations set out in this clause.
9.5 A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of such disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause 9.5, it takes into account the reasonable requests of the other party in relation to the content of such disclosure.
9.6 Each party reserves all rights in its Confidential Information. No rights or obligations in respect of a party’s Confidential Information other than those expressly stated in this Contract are granted to the other party, or to be implied from this Contract.
9.7 On termination or expiry of this Contract, each party shall:
(a) destroy or return to the other party all documents and materials (and any copies) containing, reflecting, incorporating or based on the other party’s Confidential Information;
(b) erase all the other party’s Confidential Information from computer and communications systems and devices used by it, including such systems and data storage services provided by third parties (to the extent technically and legally practicable); and
(c) certify in writing to the other party that it has complied with the requirements of this clause, provided that a recipient party may retain documents and materials containing, reflecting, incorporating or based on the other party’s Confidential Information to the extent required by law or any applicable governmental or regulatory authority. The provisions of this clause shall continue to apply to any such documents and materials retained by a recipient party.
9.8 No party shall make, or permit any person to make, any public announcement concerning this Contract without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including, without limitation, any relevant securities exchange), any court or other authority of competent jurisdiction.
9.9 Except as expressly stated in this Contract, no party makes any express or implied warranty or representation concerning its Confidential Information.
9.10 The above provisions of this clause 9 shall continue to apply after termination or expiry of this Contract
10.1 The Customer shall defend, indemnify and hold harmless the Supplier against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with the Customer’s use of the Products and/or Documentation, provided that:
(a) the Customer is given prompt notice of any such claim;
(b) the Supplier provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer’s expense; and
(c) the Customer is given sole authority to defend or settle the claim.
10.2 The Supplier shall defend the Customer, its officers, directors and employees against any claim that the Customer’s use of the Products or Documentation in accordance with this Contract infringes any United Kingdom patent effective as of the Start Date, copyright or trade mark, and shall indemnify the Customer for any amounts awarded against the Customer in judgment or settlement of such claims, provided that:
(a) the Supplier is given prompt notice of any such claim;
(b) the Customer does not make any admission, or otherwise attempt to compromise or settle the claim and provides reasonable co-operation to the Supplier in the defence and settlement of such claim, at the Supplier’s expense; and
(c) the Supplier is given sole authority to defend or settle the claim.
10.3 In the defence or settlement of any claim, the Supplier may procure the right for the Customer to continue using the Products, replace or modify the Products so that they become non-infringing or, if such remedies are not reasonably available, terminate this Contract on 2 days’ notice to the Customer without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer.
10.4 In no event shall the Supplier, its employees, agents and sub-contractors be liable to the Customer to the extent that the alleged infringement is based on:
(a) a modification of the Products or Documentation by anyone other than the Supplier; or
(b) the Customer’s use of the Products or Documentation in a manner contrary to the instructions given to the Customer by the Supplier; or
(c) the Customer’s use of the Products or Documentation after notice of the alleged or actual infringement from the Supplier or any appropriate authority; or
(d) the Customer’s breach of this Contract.
10.5 Clause 10.2 and clause 3(b) state the Customer’s sole and exclusive rights and remedies, and the Supplier’s (including the Supplier’s employees’, agents’ and sub-contractors’) entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.
11.1 Except as expressly and specifically provided in this Contract:
(a) the Customer assumes sole responsibility for results obtained from the use of the Products and the Documentation by the Customer, and for conclusions drawn from such use. The Supplier shall have no liability for any damage caused by errors or omissions in any Customer Data, information, instructions or scripts provided to the Supplier by the Customer in connection with the Products, or any actions taken by the Supplier at the Customer’s direction;
(b) all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this Contract; and
(c) the Products and the Documentation are provided to the Customer on an “as is” basis.
11.2 Nothing in this Contract excludes the liability of the Supplier:
(a) for death or personal injury caused by the Supplier’s negligence; or
(b) for fraud or fraudulent misrepresentation.
11.3 Subject to clause 1 and clause 11.2:
(a) the Supplier shall have no liability for any loss of profits, loss of business, wasted expenditure, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses; and
(b) the Supplier’s total aggregate liability to the Customer (including in respect of the indemnity at clause 2), in respect of all breaches of duty under all agreements between the parties, occurring within any twelve-month period shall not exceed £100,000 (one hundred thousand pounds). If breaches committed in more than one Year give rise to a single claim or a series of connected claims, the Supplier’s total liability for those claims shall not exceed the £100,000 (one hundred thousand pounds).
11.4 References to liability in this clause 11 include every kind of liability arising under or in connection with this Contract including but not limited to liability in contract, tort (including negligence), misrepresentation, restitution or otherwise.
12.1 This Contract shall, unless otherwise terminated as provided in this clause 12, commence on the Start Date and shall continue unless:
(a) either party provides to the other no less than 60 days’ notice of termination, in writing; or
(b) otherwise terminated in accordance with the provisions of this Contract
(Term).
12.2 Without affecting any other right or remedy available to it, either party may terminate this Contract with immediate effect by giving written notice to the other party if:
(a) the other party fails to pay any amount due under this Contract on the due date for payment and remains in default not less than 5 days after being notified in writing to make such payment;
(b)the other party commits a material breach of any other term of this Contract and (if such breach is remediable) fails to remedy that breach within a period of 28 days after being notified in writing to do so;
(c) the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986 (IA 1986) as if the words “it is proved to the satisfaction of the court” did not appear in sections 123(1)(e) or 123(2) of the IA 1986 or (being an individual) is deemed either unable to pay its debts or as having no reasonable prospect of so doing, in either case, within the meaning of section 268 of the IA 1986 or (being a partnership) has any partner to whom any of the foregoing apply;
(d) the other party commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with its creditors other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
(e) the other party applies to court for, or obtains, a moratorium under Part A1 of the Insolvency Act 1986;
(f) a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of that other party other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
(g) an application is made to court, or an order is made, for the appointment of an administrator, or if a notice of intention to appoint an administrator is given or if an administrator is appointed, over the other party (being a company, partnership or limited liability partnership);
(h) the holder of a qualifying floating charge over the assets of that other party (being a company or limited liability partnership) has become entitled to appoint or has appointed an administrative receiver;
(i) a person becomes entitled to appoint a receiver over the assets of the other party or a receiver is appointed over the assets of the other party;
(j) a creditor or encumbrancer of the other party attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of the other party’s assets and such attachment or process is not discharged within 14 days;
(k) any event occurs, or proceeding is taken, with respect to the other party in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in clause 2(c) to clause 12.2(j) (inclusive);
(l) the other party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business;
(m) the other party’s financial position deteriorates so far as to reasonably justify the opinion that its ability to give effect to the terms of this Contract is in jeopardy.
12.3 On termination of this Contract for any reason:
(a) all licences granted under this Contract shall immediately terminate and the Customer shall immediately cease all use of the Products and/or the Documentation;
(b) each party shall return and make no further use of any equipment, property, Documentation and other items (and all copies of them) belonging to the other party;
(c) the Supplier may destroy or otherwise dispose of any of the Customer Data in its possession unless the Supplier receives, no later than ten days after the effective date of the termination of this Contract, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. The Supplier shall use reasonable commercial endeavours to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees and charges outstanding at and resulting from termination (whether or not due at the date of termination). The Customer shall pay all reasonable expenses incurred by the Supplier in returning or disposing of Customer Data; and
(d) any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the Contract which existed at or before the date of termination shall not be affected or prejudiced.
Neither party shall be in breach of this Contract or otherwise liable for any failure or delay in the performance of its obligations if such delay or failure results from events, circumstances or causes beyond its reasonable control. The time for performance of such obligations shall be extended accordingly.
No variation of this Contract shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
15.1 A waiver of any right or remedy is only effective if given in writing and shall not be deemed a waiver of any subsequent right or remedy.
15.2 A delay or failure to exercise, or the single or partial exercise of, any right or remedy shall not waive that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy.
Except as expressly provided in this Contract, the rights and remedies provided under this Contract are in addition to, and not exclusive of, any rights or remedies provided by law.
17.1 If any provision or part-provision of this Contract is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this Contract.
17.2 If any provision or part-provision of this Contract is deemed deleted under clause 1 the parties shall negotiate in good faith to agree a replacement provision that, to the greatest extent possible, achieves the intended commercial result of the original provision.
18.1 This Contract constitutes the entire agreement between the parties and supersedes and extinguishes all previous and contemporaneous agreements, promises, assurances and understandings between them, whether written or oral, relating to its subject matter.
18.2 Each party acknowledges that in entering into this Contract it does not rely on, and shall have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in this Contract.
18.3 Each party agrees that it shall have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in this Contract.
18.4 Nothing in this clause shall limit or exclude any liability for fraud.
19.1 The Customer shall not, without the prior written consent of the Supplier, assign, transfer, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any of its rights and obligations under this Contract.
19.2 The Supplier may at any time assign, mortgage, charge, subcontract, delegate, declare a trust over or deal in any other manner with any or all of its rights and obligations under this.
Nothing in this Contract is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
21.1 This Contract does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Contract. The rights of the parties to rescind or vary this Contract are not subject to the consent of any other person.
22.1 This Contract may be executed in any number of counterparts, each of which shall constitute a duplicate original, but all the counterparts shall together constitute the one agreement.
22.2 Transmission of the executed signature page of a counterpart of this Contract by email (in PDF, JPEG or other agreed format) shall take effect as the transmission of an executed “wet-ink” counterpart of this Contract.
22.3 No counterpart shall be effective until each party has provided to the other at least one executed counterpart.
23.1 Any notice given to a party under or in connection with this Contract shall be in writing and shall be:
(a) delivered by hand or by pre-paid first-class post or other next working day delivery service at its registered office (if a company) or its principal place of business (in any other case); or
(b) sent by email to the addresses set out in the Supplier’s registration form (or an address substituted in writing by the party to be served).
23.2 Any notice shall be deemed to have been received:
(a) if delivered by hand, at the time the notice is left at the proper address;
(b) if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second working day after posting; or
(c) if sent by email, at the time of transmission, or, if this time falls outside Business Hours in the place of receipt, when Business Hours resume.
23.3 This clause does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.
This Contract and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and interpreted in accordance with the law of England and Wales.
Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Contract or its subject matter or formation (including non-contractual disputes or claims).
APPENDIX
1. Background
This Appendix is the basis for the parties to be able to transfer information to each other and other legal entities within their respective groups of companies and to other parties when required to do so. It sets out the legal grounds for sharing information, including adherence with privacy and data protection principles, the reasons it needs to be shared, the types of information that should be shared, the circumstances in which such information should be shared, and the protections and safeguards which should apply to information sharing.
2. Purpose
Data is to be shared between the Customer and the Supplier for the purpose of provision of IT systems to facilitate the process of conveyancing, transferal of real estate between clients of the Customer and third parties and other related services.
The benefits of appropriate data sharing are:
(a) better informed decision-making and partnership working for the stated purposes;
(b) improved data quality to allow for more effective and timely targeting of resources;
(c) more effective and efficient deployment of resources, systems and processes;
(d) improved safeguarding of customers, suppliers, partners, affiliates, and employees;
e) overall proactive reduction and management of risks.
The parties have agreed to enter into this Appendix to share certain information related to Data Subjects for the provision of the Products pursuant to the purposes and during the Term.
3. Definitions
Term | Meaning |
Parties / Groups | The parties, including where legal entities involved may change from time to time, are the Supplier and the Customer, who intend to share information. |
Information Sharing | The disclosure of information by transmission, dissemination or otherwise making it available – e.g. to view, access, re-use, share, transfer or exchange it. |
Personal Information | Any data relating to an identified or (directly or indirectly) identifiable individual. |
Data Subject | An identified or identifiable natural person. |
GDPR | Regulation (EU) 2016/679 and Data Protection Act 2018 |
Breach | Any violation of privacy or data protection principles[1]. |
4. Legal Grounds
This section describes the proportionality and necessity for sharing information and the legal grounds for doing so. There are certain conditions which the parties agree to when sharing information and to ensure that both parties are able to comply with their legal obligations.
‘Legal Grounds’ (as amended from time to time) means
Relevant Legislation | Description |
UK GDPR, UK Data Protection Act 2018 (“DPA”)
Regulation (EU) 2016/679 (the General Data Protection Regulation or “GDPR”)
UK Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2426/2003) (as amended by The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011)
| The legal grounds for the data sharing are CONTRACT as per GDPR Article 6.1.b. The Supplier may share the data with such other parties as a necessary for the operation of the IT system.
The Supplier will not use data provided pursuant to this agreement except for the stated purpose, unless such further processing is compatible with the original purpose.
The Supplier will store the data provided only as long as is necessary for the stated purpose of the sharing or to comply with their legal obligations.
The Privacy and Electronic Communications Regulations and the EU Privacy directive are not relevant as data shared under the Contract will not be used for marketing purposes.
The party receiving the data agrees not to transfer the data outside the EU or UK unless the transfer is subject to adequate safeguards compliant with Article 44 of the UKGDPR.
|
UK’s Computer Misuse Act 1990
| Both parties will encrypt all personal data during transfer between parties and will have in place IT security policies and processes constituting technical and organizational measures appropriate to the level of risk. |
(a) Parties may share information, provided they:
(i) have notified their intention to do so, and
(ii) exercise careful judgement when sharing information in accordance with Data Protection Law, which must be justified on the merits of each case in line with privacy and data protection principles.
(b) Each party acknowledges that the sharing of information is necessary and proportionate for the stated purposes and in their legitimate interests to do so in accordance with their Legal Grounds for doing so.
5. Principles of Sharing Information
This section describes privacy and data protection principles the parties must comply with when sharing and further processing information. The most important consideration is whether sharing information is likely to support meeting the stated purposes.
(a) Unless an exemption applies, each party must ensure the sharing and processing of information must be lawful and fair, which means being open with people about how information is used, and requires each party has and adheres to their own privacy notice, which must include that information is shared in accordance with Data Protection Law.
(b) Each party must ensure that information is only used or shared with other recipients for the stated purposes or purposes consistent with the original purpose.
(c) When taking decisions about what information to share, each party must:
(i) consider how much needs to be released and the impact on individuals and any other parties.
(ii) ensure it is accurate, relevant, up-to-date, sufficient and necessary for those who need it, and proportionate to the level of risk in sharing it, with proper reference made to its source to allow others to do their job effectively and make informed decisions, such as explaining if the information is, for example, historical in nature or derived using artificial intelligence techniques.
(d) Processing that occurs before the sharing of information is the responsibility of the originating party, who will deal with any rights requests relating to such a priori processing. Similarly, it is the responsibility of the receiving party to deal with any rights requests in relation to any processing that occurs after the sharing of information, including internal re-use or onward transfers. Joint processing including the sharing of information is the responsibility of all parties involved.
(e) In line with each party’s own retention policy, shared information should not be kept any longer than is necessary.
(f) Each party shall designate a role to be responsible for ensuring adherence to the principles set out in this Appendix.
(g) Each party shall upon reasonable request make available to the requesting party and public authorities such documentation that demonstrates compliance with this Appendix.
(h) Information sharing decisions must be recorded by each party, whether or not the decision is taken to share. If the decision is to share, a log must cite reasons including what information has been shared, when and with whom, in accordance with their organisational procedures. If the decision is not to share, parties should record the reasons for this decision and discuss them with the requester.
6. Breaches
This section describes the requirement for parties to notify other affected parties when there is a Breach. Any processing, sharing or other disclosure of information which breaches obligations under the Legal Grounds, or this Appendix, may be subject to an investigation.
(a) The party responsible for the breach shall be accountable, where necessary, for contacting the regulator(s), affected individuals and other parties in relation to the breach.
(b) It is the responsibility of each party to notify the other party of any known Breach or infringement immediately and remedial action must be agreed and actioned as necessary. Each party will be accountable for any misuse of information and action taken will be in line with disciplinary policies. A Breach may result in this Appendix being temporarily or partly suspended by either party.
7. Individuals’ Freedom to Exercise their Rights
Request received from Data Subjects regarding their rights under Articles 15 – 22 of GDPR will be handled as follows:
(a) Rights requests will initially be dealt with by the party that receives the request, including where appropriate notifying the other party.
(b) Each party must assist the other party where reasonably required to do so.
8. Security Arrangements
This parties will have appropriate security policies in place.
(a)Each party shall have arrangements in place to ensure that information is protected against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, information transmitted, stored or otherwise processed.
(b) Each party must ensure they have appropriate security policies in place and adhere to their respective policy on security for handling information, including establishing common rules for shared data security.
(c) The transfer, use, storage and retention of the information by each party must comply with the obligations set out in the Legal Grounds and should comply with the security requirements stipulated within this Appendix.
(d) As best practice the disclosing party shall require that any information they disclose will continue to be protected and that the recipient has adequate security measures in place.
(e) Each party shall provide personal or other sensitive data only to specific individuals authorised to receive it, in accordance with the purpose for which it was obtained.
(f) After six months of this Appendix coming into force, and thereafter every two years, a review will be undertaken to assess the ongoing effectiveness of the data sharing initiative(s), this Appendix and any governance arrangements including procedures for dealing with the termination of the data sharing initiative such as the deletion of shared data or its return to the party that supplied it originally.
(g) A review must also be conducted in the event of a breach if related to common processing activities such as a failure in security leading to unauthorised or unlawful processing due to the sharing of information.
(h) Each party shall fulfil any rights requests in a secure manner, including but not limited to, security of communications and transmission of information.
(i) Any additional security requirements that a party wishes to specify must be done so in writing, subject to any contracts or specific data sharing elements as laid down in other arrangements between the parties.
9. Further Internal Use and Onward Transfers
The parties will only re-use information for further purposes or transfer to other parties in accordance with the Legal Grounds specified above.
(a) Unless a separate Appendix is in place, or a statutory requirement for disclosure exists, should either party wish to disclose information that has been shared with them to another party or to re-use the information for further purposes, written consent should be sought from the providing party.
(b) Each party must ensure that all principles of Data Protection Law are adhered to, for example, where further disclosure is made to another party or the information is re-used for further purposes, it must not be incompatible with the stated purpose.
(c) Where a competent or supervisory authority legally requests information that has been shared, all such requests shall be notified to the providing party as necessary.
10. Accountability
The parties are to be accountable for conducting their own assurance assessments and audits on a timely basis, in particular with regards to privacy and data protection by design and by default, to ensure appropriate policies, processes, procedures and protocols are internally in place for information sharing that in particular:
(a) contain detailed advice about which datasets they can share, including sensitive data, special categories of data, or data of a more highly personal nature, to prevent irrelevant or excessive information being disclosed;
(b) set out the Legal Grounds for each type of information being processed, and arrangements for international transfers;
(c) make sure that the data they are sharing is accurate, for example by requiring a periodic sampling exercise and data quality analysis;
(d) record data in the same format, abiding by open standards when applicable, including how to record or convert particular data items as per common industry formats;
(e) have common rules for the retention and deletion of shared data items, as appropriate to their nature and content, and procedures for dealing with cases where different parties may have different statutory or professional retention or deletion rules;
(f) have common technical and organisational security arrangements, including the transmission of the data as well as procedures for dealing with any breach in a timely manner;
(g) ensure their staff are properly trained and are aware of their responsibilities for any shared data they have access to;
(h) have procedures for dealing with rights requests, complaints, or queries from affected individuals and other parties; and
(i) nominate points of contact within each party to be responsible for ensuring adherence to this Appendix and specific data sharing obligations in particular to agree and monitor the
(i) information to be accessed.
(ii) specific processes as set out or referred to in contracts and other arrangements.
(iii) roles and responsibilities as laid down in this Appendix.
11. Joint Controllers
The parties to comply with joint controller written arrangements.
(a) Where the parties are joint controllers in relation to the sharing of information, the parties shall be bound by written arrangements regarding their respective duties and tasks in meeting their obligations as set out in the Legal Grounds, including collaboration on DPIAs.
(b) Each party shall ensure other joint controllers are bound by similar written arrangements.
12. Approvals
The parties will provide the authorised approvers’ details as well as the contact details of the Data Protection Officer (“DPO”, or equivalent) and representative, where applicable.
The parties ensure that staff are trained so that requests for information and the process of sharing itself is sufficient to meet the purposes of this Appendix.
The parties shall also ensure that they comply with all Relevant Legislation.
It is the responsibility of the parties to ensure that:
(a) realistic expectations prevail from the outset.
(b)professional and ethical standards are maintained.
(c) the data protection principles are upheld, in particular integrity and access controls.
(d) the information exchanged is kept secure, confidential, and is maintained as appropriate to the level of protective marking as defined by the respective party.
(e) a mechanism exists by which the flow of information can be controlled.