GBG has appointed the Intermediary to provide its Investigate Service to its End Users. These End User Terms establish the contractual relationship between GBG and the End User for the use of the Service. These End User Terms create a direct contract between GBG and the End User for the purposes of establishing a direct licensing and data protection relationship. Additional Terms may also apply depending on the specific Datasets in use with the Service. These Additional Terms shall form part of these End User Terms where the relevant Datasets are in use.
1. DEFINITIONS AND INTERPRETATION
1.1 In these End User Terms the following definitions shall apply: “Additional Terms” means the special terms and conditions relating to particular Dataset as provided by the Intermediary updated from time to time and available at https://gbgplc.com/en/legal-and-regulatory/legal-additional-terms/investigate;
“Applicable Data Protection Law” means worldwide data protection and privacy laws and regulations applicable to the personal data in question, including, if relevant, those contained within the Local Laws, in each case as may be amended or superseded from time to time. For the purposes of these End User Terms “controller”, “processor”, “data protection impact assessment” “data subject”, “personal data”, “processing” (and “process”) and “special categories of personal data” shall have the meanings given in the Applicable Data Protection Law or their equivalent as set out in the Local Laws;
“Authorised Signatory” means an individual duly authorised to sign documentation on behalf of a Party;
“Authorised User” means an individual that is entitled to use and/or receive the benefit of the Service in accordance with the Licence and Intermediary Terms;
“Business Day” means a day other than a Saturday, Sunday or bank or public holiday in England and Wales; “Commencement Date” means the start date for these End User Terms, specified in the End User Registration Form or the date on which the Intermediary provides the Services to the End User, whichever is earlier;
“Confidential Information” means any information relating to the business of the disclosing Party which is not publicly available including, but not limited to, (i) data or information regarding the business, affairs, customers, suppliers, plans, forecasts, pricing, strategies, operations, processes, product information, know-how, technical information, designs, trade secrets or software of the disclosing Party; (ii) any information, findings, data or analysis derived from Confidential Information (including the Results where specified in the Additional Terms); (iii) the existence and terms of these End User Terms; and (iv) any other information which should otherwise be reasonably regarded as possessing a quality of confidence or as having commercial value in relation to the business of the disclosing Party;
“Customer Use Case” means the purpose for which the End User may use the Service and/or Results as set out on the
End User Registration Form, subject to any restrictions on the use of a particular Dataset set out in the Additional Terms; “Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, End User Data or Supplier Data (as may be applicable in the context) transmitted, stored or otherwise processed;
“Datasets” means an individual data service included or delivered as part of the Service and selected by the End User or Intermediary and referenced in the Intermediary Terms Where applicable, this may incorporate Supplier Data or Supplier Technology or utilise information derived from Supplier Data or Supplier Technology;
“End User” means the organisation, firm, company or public authority named on the End User Registration Form;
“End User Data” means any and all data provided to GBG by the End User for processing in accordance with these End User Terms including where relevant any personal data; “End User Registration Form” means the document signed by Authorised Signatories of the Parties that sets out the End User’s details and incorporates by reference these End User Terms;
“End User Terms” means this agreement incorporating the Special Conditions (if applicable), Additional Terms, Local Laws, any applicable schedules and these End User Terms which in the case of conflict rank in the order of precedence set out within this definition;
“Event of Force Majeure” means any one or more acts, events, omissions or accidents beyond the reasonable control of a Party, including but not limited to: strikes, lock-outs or other industrial disputes (other than those caused by acts and/or omissions of the affected Party); failure of a utility service, or transport network or information technology or telecommunications service; act of God (including without limitation fire, flood, earthquake, storm or other natural disaster); war, threat of war, riot, civil commotion or terrorist attack; malicious damage (including without limitation the acts of hackers that could not have been prevented by a Party acting reasonably); epidemic; pandemic; compliance with any change of law or governmental order, rule, regulation or direction; and/or default caused by an event of force majeure or the insolvency of suppliers or sub-contractors;
“Facilitation of Tax Evasion” means (a) being knowingly concerned in, or taking steps with a view to, Tax Evasion by another person; (b) aiding, abetting, counselling or procuring Tax Evasion by another person; and/or (c) any other actions which would be regarded as facilitation of Tax Evasion under applicable national, federal and/or state laws;
“GBG” means GB Group plc of The Foundation, Herons Way, Chester Business Park, Chester, CH4 9GB registered in England No 2415211;
“GBG Audit Trail” means a copy of the Results of the Service which is retained by GBG for 12 months for the sole purpose of responding to data subject rights;
“Graph” means a visualisation of the results of an Investigation displayed graphically.
“Group Company” means in relation to a Party, that Party, or another company if that other company:
(a) holds a majority of the voting rights in it; or
(b) is a member of it and has the right to appoint or remove a majority of its board of directors; or
(c) is a member of it and controls alone, pursuant to an agreement with other members, a majority of the voting rights in it; or if it is a subsidiary of a company that is itself a subsidiary of that other company;
“Intermediary” means the organisation, firm, company or public authority and any of the Intermediary’s Group Companies that integrates the Service into their own products and services so that they can provide those services to the End Users;
“Intermediary Terms” means the legally binding agreement between the End User and Intermediary for services (including Services) from the Intermediary;
“Intellectual Property Rights” means (i) patents, rights to inventions, rights in designs, trademarks and trade names, copyright and related rights, rights in goodwill, database rights and know-how, whether registered or not; (ii) all other intellectual property rights or forms of protection and similar or equivalent rights anywhere in the world (whether registered or not) which currently exist or are recognised in the future; and
(iii) all applications, extensions and renewals to any such rights;
“Investigation” means a search performed by a. An Investigation may or may not result in the generation of a Graph;
“Licence” means the scope of the licence granted to the End User for the use of the Service and Results as set out in clauses 5.1 and 78.1 together with any applicable Additional Terms and the Customer Use Case;
“Local Laws” means the special terms and conditions relating to a particular jurisdiction, country, territory or regulated sector that apply to End User Terms where certain conditions are met, as updated from time to time, and available at https://gbgplc.com/en/legal-and-regulatory/local-laws/;
“Party” means a party to these End User Terms and “Parties” shall be construed accordingly;
“Persons Associated” means any employee, agent or representative of the relevant Party or other third-party who supplies services to, or on behalf of, the relevant Party;
“Results” means all information provided to an End User by GBG including the results of any enquiry or search, reports, certificates or management information relating to the End User's use of the Service. This may, where relevant, include Supplier Data;
“Saved Graph” means a Graph that a User of the Service saves at a point in time for future reference, subject to the provisions at clause 5
“Saved Graph Data” means the Results or if relevant to a particular Dataset, End User Data, contained within the Saved Graph.
“Service” means the Investigate service provided to the End User by the Intermediary including any and all Datasets, as licensed to the End User in accordance with these End User Terms and the Intermediary Terms;
“Special Conditions” means any variation or amendment to these End User Terms agreed between the Parties, set out in writing and signed by Authorised Signatories;
“Supplier” means a third-party supplier that provides Supplier Data or Supplier Technology to GBG for use within GBG Services;
“Supplier Data” means any data provided to GBG and/or the End User by the Supplier or used within GBG Services including, where relevant, any personal data;
“Supplier Technology” means any technology or solution provided to GBG and/or the End User by a Supplier and/or used within Services;
“Tax Evasion” means any fraudulent activity intended to divert funds from the public revenue of any government as well as any statutory tax evasion offence of any territory, where tax includes all taxes, levies and contributions imposed by governments in any territory;
“Term” has the meaning set out in clause 2.2.1;
“Transaction” means a single search, click, check or any other means of obtaining Results;
“Unauthorised User” means an individual that uses, accesses or otherwise benefits from the Service that is not entitled to use and/or receive the benefit of the Service in accordance with the Licence; and
“User” in the context of these End User Terms means Authorised Users and Unauthorised Users of the Service.
1.2 Any references within the Additional Terms or Local Laws to “General Terms and Product Terms" means these “End User Terms”.
1.3 The headings in these End User Terms do not affect its interpretation.
1.4 References to clauses and sections are to clauses and sections of these End User Terms.
1.5 A reference to a “Party” includes that Party’s personal representatives, successors and permitted assigns.
1.6 A reference to a “person” includes a natural person, corporate or unincorporated body (in each case having separate legal personality or not) and that person’s personal representatives, successors and permitted assigns.
1.7 Any words that follow “include”, “includes”, “including”, “in particular” or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding or following those words.
1.8 A reference to legislation is a reference to that legislation as amended, extended, re-enacted or consolidated from time to time.
1.9 Words in the singular include the plural and vice versa.
1.10 A reference to “writing” or “written” shall include electronic mail.
2. TERM OF THE AGREEMENT
2.1 These End User Terms will become effective on the Commencement Date and will continue in full force and effect until: (a) terminated by either Party in accordance with clause 0; or (b) the Intermediary Terms terminates or expires for any reason whatsoever; or (c) the agreement between the Intermediary and GBG in relation to the Services terminates or expires for any reason whatsoever (the "Term").
3. SECURITY
3.1 The End User is responsible for the security and proper use of all User identities (“User IDs”) and passwords used by Authorised Users in connection with the Service (including maintaining and enforcing a robust password policy).
3.2 The End User shall take all necessary steps to ensure that User IDs are kept confidential, secure, are used properly by Authorised Users and are not disclosed to any unauthorised parties whether intentionally or otherwise.
3.3 The End User must immediately inform GBG and the Intermediary if there is any reason to believe that a User ID or password has or is likely to become known to an Unauthorised User or is being or is likely to be used in an unauthorised way.
3.4 To maintain the security of the GBG / Services, GBG reserves the right to:
(a) update User ID and security processes for the Services from time to time; and suspend User ID and password access to the Services if at any time GBG reasonably considers that there is, or there is likely to be, a breach of security, misuse of the Service or access granted to an Unauthorised User and/or to require the End User to change any or all of the passwords used by the End User in connection with the Service.
4. PROVISION OF THE SERVICE
4.1 GBG will provide the End User with the Service detailed in the End User Registration Form received via the Intermediary and in accordance with the terms set out in these End User Terms.
4.2 The End User acknowledges that GBG is not responsible to the End User for the performance, delivery or support of the Services. The performance, delivery and support of the Services are strictly a matter for the End User and the Intermediary in accordance with the Intermediary Terms.
4.3 Where relevant to the Service being provided, the End user acknowledges and accepts that occasionally GBG, in providing the Service, may be required to:
(a) change the technical specification of the Service for operational reasons, to comply with applicable laws or regulations or to reflect changes to Supplier Data used within the Service. Where a change is made for operational reasons, GBG will ensure that any such change does not materially reduce or detrimentally impact the performance of the Service;
(b) give the End User instructions which it reasonably believes are necessary to enhance or maintain the quality of any Service provided by GBG and GBG shall not be responsible for any errors in the Service resulting from the End User’s non-compliance with such instructions; and
(c) suspend the Service for operational reasons such as repair, maintenance or improvement or because of an emergency, in which case GBG will give the End User as much on-line, written or oral notice as possible and shall ensure that the Service is restored as soon as possible following suspension.
4.4 The End User must inform the Intermediary and GBG, without undue delay, of any changes to the information which the End User supplied within the End User Registration Form.
4.5 As part of the provision of the Service, GBG will collect, store and analyse information about how its End Users use the Service, including any Results generated, in order to improve GBG solutions and identify future opportunities. This may include assessing Dataset match rates, population coverage, Service uptime and End User experience.
5. SAVED GRAPHS
5.1 Where applicable, Users may save Graphs they create as part of an Investigation carried out via the Service.
5.2 Subject to clause Error! Reference source not found. below, Saved Graphs will remain available to the User that saved a Graph for a period of 12 months from the date a Graph is saved, providing that the Agreement remains active and the User has a live account.
5.3 The End User acknowledges and accepts that the act of saving a Graph saves the Results of an Investigation, at that point in time. Therefore, any future changes or updates to the data that could affect the Results of a Saved Graph will not appear when the User later accesses that Saved Graph.
5.4 Notwithstanding clause Error! Reference source not found., the User will be responsible for deleting any Saved Graphs that are no longer required to ensure compliance with its own privacy and data retention policies and obligations under Applicable Data Protection Laws to ensure data is not retained for longer than is necessary.
6. USE OF SERVICE
6.1 The End User shall comply with these End User Terms I ncluding all relevant Additional Terms, Special Conditions and Local Laws.
6.2 The Service is licensed solely for the End User’s own internal use. The End User must not resell (or attempt to resell) or sub-license (or attempt to sub- license), transfer (or purport to transfer) the Service (or any part or facility of it, including the Results) to any third party.
6.3 The End User shall be responsible for the completeness of all End User Data provided as part of its use of the Service in accordance with Applicable Data Protection Laws and should retain back-up copies of all End User Data.
6.4 The End User warrants that it shall comply with all applicable legislation, instructions and guidelines issued by regulatory authorities, relevant licences and any other codes of practice which apply to the End User and its use of the Service including those which relate to the provision of End User data.
6.5 The End User is responsible for the acts and omissions of all Users of the Service and is liable for any failure by a User to perform or observe the terms and conditions of these End User Terms including without limitation to the provisions set out in the Additional Terms and any instructions issued under clauses 4.3(b).
6.6 If the End User uses the Services is in contravention of clauses 0, 6.4, 6.5, 78.4 or 11.4 then GBG shall be entitled to treat the contravention as a material breach of these End User Terms, which cannot be remedied for the purposes of clause 14.4(b).
7. CHARGES
7.1 The End User shall pay charges owed for their use of the Service to the Intermediary in accordance with its payment terms in the Intermediary Terms.
7.2 The End User acknowledges and agrees that in exceptional circumstances, it will pay charges owed to GBG for its use of the Service in accordance with payment terms specified by GBG. In such circumstances, the End User will be notified of GBG’s standard payment terms in relation to the Services. For the avoidance of doubt, GBG will not exercise this right where the End User can demonstrate that it has already paid the charges to the Intermediary.
8. INTELLECTUAL PROPERTY RIGHTS
8.1 The End User acknowledges that all Intellectual Property Rights in the GBG Service and/or Results belong and shall continue to belong to GBG and/or GBG’s Suppliers. Unless otherwise specified in the Additional Terms, GBG grants to the End User:
(a) a non-exclusive, non-transferable, revocable licence to the End User for its Authorised Users to use, access and benefit from the Service during the Term.
(b) a perpetual licence to use the Results (including any Supplier Data received as part of the Results) providing that it does so in accordance with all Applicable Data Protection Laws and relevant licence provisions set out in the Additional Terms.
8.2 GBG acknowledges all Intellectual Property Rights in the End User Data belong and shall continue to belong to the End User. The End User grants to GBG a non-transferable, non-exclusive, royalty free, revocable licence to use, disclose and copy the End User Data where applicable to enable GBG to provide the GBG Service and carry out its obligations under these End User Terms.
8.3 If any third-party makes or threatens to make a claim against GBG, the End User or one of GBG’s Suppliers, Intermediary or other intermediaries that the use of the Service and/or Results or part thereof infringes any third-party’s Intellectual Property Rights, GBG shall be entitled to do one or more of the following:
(a) suspend any part of the delivery of the GBG Service or Results that is subject to the infringement claim made by the third-party;
(b) modify the Service, or Results, to avoid any alleged infringement, provided that the modification does not materially affect the performance of the Service;
(c) if the remedies at 8.3(a) and (b) are not reasonably possible or commercially viable, terminate these End User Terms or affected part of these End User Terms upon written notice to the End User.
8.4 Except as expressly permitted within the terms of the Licence granted to it under these End User Terms or by law, the End User warrants that it will not:
(a) use, copy, modify, exploit, adapt, or create derivative works from the Service and/or Results;
(b) decode, reverse engineer, disassemble, decompile or otherwise translate or convert the Services;
(c) attempt to circumvent or interfere with any security features of the Services;
(d) assign, sub-licence, lease, resell, or distribute the Services and/or Results or in any other way enable or permit others to use, exploit or benefit from the Intellectual Property Rights in the Service and/or Results;
(e) exceed the scope of the Licence.
(f) use or exploit the Intellectual Property Rights in the Service or Results or permit others to use or exploit the Intellectual Property Rights in the Service or Results outside of the terms of the Licence;
(g) its use of the Service through any software, equipment, materials or services not provided by GBG will not infringe the rights of any third party;
(h) the use by GBG of the End User Data through the provision of the Service in accordance with the End User’s instructions and in accordance with the terms of these End User Terms, will not infringe any third party’s Intellectual Property Rights; and or
(i) all computers and/or IT systems which GBG are required to use, access or modify as part of the Service are legally licensed to the End User or are the End User’s property and that such activities by GBG will not infringe the rights of any third party.
9. INDEMNITY
9.1 GBG will indemnify the End User against all liabilities, costs, expenses, damages and losses incurred by the End User as a direct result of any third-party instituting any legal or court action against the End User that the End User’s use of the Service and/or Results, in accordance with the terms of these End User Terms, infringes that third-party’s Intellectual Property Rights (a “Claim”), provided that the End User:
(a) notifies GBG promptly and in any event within 5 Business Days in writing of any Claim;
(b) makes no admission or compromise relating to the Claim or otherwise prejudices GBG’s defence of such Claim;
(c) allows GBG to conduct all negotiations and proceedings in relation to the Claim;
(d) gives GBG all reasonable assistance in doing so (GBG will pay the End User’s reasonable expenses for such assistance); and
(e) takes all reasonable steps to mitigate its losses.
9.2 GBG shall not be liable to provide any refund, or meet any Claim under the indemnity at this clause 0, arising as a result of the use of the Services and/or Results in breach of the End User warranty within 8.4 or to Claims caused by designs or specifications made on the End User's instructions.
10. CONFIDENTIALITY AND PUBLICITY
10.1 Each Party undertakes that it shall not at any time disclose the other Party’s Confidential Information to any third-party except as permitted by clauses 10.4 or to the extent necessary for the proper performance of these End User Terms.
10.2 Each Party warrants to the other that it shall apply the same security measures and degree of care to Confidential Information disclosed to it as it takes in protecting its own Confidential Information and in any event no less than that which a reasonable person or business would take in protecting its own Confidential Information.
10.3 Neither Party shall use the other Party’s Confidential Information for any purpose other than to perform its obligations under these End User Terms.
10.4 Each Party may disclose the other Party’s Confidential Information:
(a) to its or its Group Companies’ employees, officers, representatives, advisers and third-party suppliers who need to know such information to perform its obligations under these End User Terms. Each Party shall ensure that its and its Group Companies’ employees, officers, representatives, advisers and third-party suppliers to whom it discloses the other Party’s Confidential Information comply with this clause 10;
(b) as may be required by law, court order or any governmental or regulatory authority; or
(c) where the other Party agrees it may be disclosed.
10.5 For the purposes of this clause 10, Confidential Information shall not include information which:
(a) is or becomes generally available to the public (other than through a breach of these End User Terms;
(b) is lawfully in the possession of the other Party before the disclosure under these End User Terms took place;
(c) is obtained from a third-party who is free to disclose it; or
(d) the Parties agree in writing is not confidential.
11. DATA PROTECTION
11.1 This clause 1111 sets out the general privacy provisions that shall apply to the Services. In addition to the general privacy provisions set out in this clause 11, there may be additional privacy provisions that relate to:
(a) the use of certain Datasets and/or Results as set out in the Additional Terms;
(b) the use of the Services and/or Results in a particular country or jurisdictions as set out on in the Local Laws.
11.2 The Parties acknowledge that, save where otherwise stated in the Additional Terms or the Local Laws:
(a) the End User is a controller of the End User Data that it supplies to the Services;
(b) to the extent GBG receives and processes the End User Data in order to perform the Services, it shall do so as a separate and independent controller;
(c) GBG is a controller of the Supplier Data that it uses to supply the Service and Results to the Intermediary. The End User shall act as a separate and independent controller upon receipt of the Supplier Data which it shall use solely for the Customer Use Case; and
(d) GBG is a controller of the GBG Audit Trail.
11.3 Customer Use Case: The End User is responsible for identifying and communicating its Customer Use Case to GBG and the Intermediary. The End User represents, warrants and undertakes that it shall only use the Results in accordance with the Customer Use Case it communicates to GBG and the Intermediary and shall not change its Customer Use Case without first agreeing, in writing, such change with GBG. The End User shall regularly review its Customer Use Case and notify GBG and the Intermediary without undue delay if it determines a change in its Customer Use Case is likely to be required.
11.4 Each Party warrants that it will comply with the obligations that apply to it under Applicable Data Protection Law and the obligations set out in the End User Terms. In particular (and without limitation):
(a) the End User shall comply with all necessary transparency and lawful requirements under Applicable Data Protection Law in order to disclose the End User Data to GBG for the purpose of using the Service;
(b) GBG shall comply with all necessary transparency and lawful requirements under Applicable Data Protection Law in order to disclose the Supplier Data to the End User to process for the Customer Use Case;
(c) the End User acknowledges that the Results may be subject to Additional Terms and the User agrees that (i) where relevant for the provision of the Service, the End User shall comply with the Additional Terms; and (ii) where the Additional Terms for a particular Dataset specifies that certain types of personal data cannot be processed by the Supplier that provides the Dataset, the User warrants that it will not provide End User Data that meets such criteria for processing via that Dataset;
(d) where applicable the End User will post and maintain a publicly accessible privacy notice that satisfies the transparency and information requirements of Applicable Data Protection Law and where applicable, links to GBG’s Products and Services Privacy Notice available at https://www.gbgplc.com/products-services-privacy-policy; and
(e) where applicable in accordance with Applicable Data Protection Law, each Party shall be responsible for maintaining its own record of processing activity.
11.5 Security: Each Party will implement and maintain appropriate organisational measures to protect the End User Data and Supplier Data from a Data Breach. Where expressly stated in the Additional Terms, the End User shall also comply with the additional security provisions in relation to the relevant Supplier Data.
11.6 Data Breach: In the event GBG becomes aware of a Data Breach in relation to the End User Data, GBG will notify the End User without undue delay and both Parties shall cooperate and provide reasonable assistance as is necessary to each other in order to facilitate the handling of the Data Breach.
11.7 General Cooperation: If a Party (the “first Party”) becomes aware of or receives any correspondence, enquiry or complaint from a, regulator or other third-party (“Correspondence”) related to:
(a) the disclosure of the End User Data by the End User to GBG in relation to the Services;
(b) the disclosure of the Supplier Data by GBG to the End User for the Customer Use Case; or
(c) the processing of End User Data or Supplier by the other Party, which could have a negative impact on the reputation of the other Party or any aspect of the other Party’s business then:
(i) the first Party shall promptly inform the other Party, giving full details of the same, and (ii) the Parties shall cooperate reasonably and in good faith in order to respond to the Correspondence in accordance with any requirements under Applicable Data Protection Law.
11.8 Mutual Assistance: Each Party shall provide reasonable assistance to the other Party as may be required in order to enable the other Party to perform its responsibilities pursuant to these End User Terms and Applicable Data Protection Law. In particular (without limitation) in relation to data protection impact assessments if required.
11.9 Subcontracting: Either Party may, at its election, appoint a third-party processor to process the End User Data, or Supplier Data for the Customer Use Case, provided that such processors (unless otherwise stated in the Additional Terms):
(a) agree in writing to process End User Data or Supplier Data, as applicable, in accordance with the appointing Party’s documented instructions;
(b) implement appropriate technical and organisational security measures to protect the End User Data or Supplier Data, as applicable, against a Data Breach;
(c) enter into a legally binding written and enforceable agreement to ensure compliance with Applicable Data Protection Laws; and
(d) otherwise provide sufficient guarantees that they will process the End User Data or Supplier Data, as applicable, in a manner that will meet the requirements of Applicable Data Protection Law.
11.10 The Party engaging a third-party processor in accordance with clause 11.9 will remain liable for any act or omission of that third-party processor.
11.11 Where a Supplier acts as a third-party processor of End User Data in accordance with clause 11.9, additional details regarding such processing activities, including the location of the processor, will be set out in the Additional Terms for the relevant Dataset. By purchasing the relevant Dataset, the End User acknowledges that End User Data will be shared with and processed by such Supplier in accordance with the relevant Additional Terms.
11.12 Notwithstanding clause 11.2, GBG is a processor and the End User is a controller of the personal data contained within Saved Graphs and MyData hosted in the GBG environment and therefore the terms set out in clauses 11.14 to 11.22 shall apply in relation to personal data contained within Saved Graphs and MyData. Clauses 11.14 to 11.22 will also apply where GBG acts as a processor in relation to a specific Dataset as set out in the relevant Additional Terms.
11.13 Notwithstanding clause Error! Reference source not found., where GBG acts as a processor in relation to a specific Dataset (as set out in the relevant Additional Terms), the Intermediary shall be appointed by the End User (as controller) as the End User’s authorised processor of the End User Data in relation to that specific Dataset, and the End User shall also consent to the appointment of GBG as the Intermediary’s authorised sub-processor of the End User Data for that specific Dataset.
11.14 Relationship of the Parties. The End User (the controller) appoints GBG as a processor where applicable to provide any processor Datasets. Each Party shall comply with the obligations that apply to it under Applicable Data Protection Law.
11.15 Purpose limitation. GBG shall process Saved Graphs Data, MyData and End User Data provided in relation to any relevant Dataset, as a processor as necessary to provide the Service to the End User and strictly in accordance with the documented instructions of the End User, except where otherwise required by any United Kingdom, EU (or any EU Member State) law applicable to GBG, in which case GBG shall inform the End User of that legal requirement before processing (unless prohibited by that law on important grounds of public interest). GBG shall immediately inform the End User if it becomes aware that the End User’s processing instructions infringe Applicable Data Protection Law.
11.16 Confidentiality of processing. In addition to the confidentiality obligations set out in clause 10, the applicable personal data shall be subject to a strict duty of confidentiality (whether a contractual duty or a statutory duty).
11.17 Security. GBG shall implement and maintain appropriate technical and organisational measures to protect the applicable personal data from a Data Breach. Such measures shall have regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. Such measures shall include, as appropriate:
(a) the pseudonymisation and encryption of personal data;
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
(c) ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and/or
(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
11.18 Sub processing. The End User consents to GBG engaging third-party sub processors to process the applicable personal data provided that: (i) GBG informs the End User of any intended changes concerning the addition or replacement of a third-party sub-processor with access to the applicable personal data and give the End User the opportunity to object to such changes; (ii) GBG imposes data protection terms on any sub processor it appoints that protects the applicable personal data to the same standard provided for by clauses 11.12-11.22; and (iii) GBG remains fully liable for any breach of clauses 11.14-11.22 that is caused by an act, error or omission of its third-party sub processor.
11.19 Cooperation and data subjects’ rights. Where GBG is a processor it shall provide all reasonable and timely assistance (including by appropriate technical and organisational measures) to the End User at its own expense to enable the End User to respond to: (i) any request from a data subject to exercise any of its rights under Data Protection Law correction, objection, erasure and data portability, as applicable); and (ii) any other correspondence, enquiry or complaint received from a data subject, regulator or other third-party in connection with the processing of the applicable personal data. In correspondence, enquiry or complaint is made directly to GBG, GBG shall promptly inform the End User providing full details of the same.
11.20 Data Protection Impact Assessment GBG is a processor, upon the End User’s request, GBG shall provide the End User with all such reasonable and timely assistance as the End User may require in order to conduct a data protection impact assessment in accordance with Applicable Data Protection Law including, if necessary, to assist the End User to consult with its relevant data protection authority.
11.21 Data Breaches. Where GBG is a processor, upon becoming aware of a Data Breach, GBG shall inform the End User without undue delay and shall provide all such timely information and cooperation the End User may require in order for the End User to fulfil its data breach reporting obligations under Applicable Data Protection Law. GBG shall further take all such measures and actions as are necessary to remedy or mitigate the effects of the Data Breach and shall keep the End User informed of all developments in connection with the Data Breach.
11.22 Deletion or return of Saved Graph Data. Notwithstanding clause 5.2, upon termination or expiry of these End User Terms, GBG shall (at the Customer’s election) destroy or return to the End User within 30 days, all Saved Graph Data contained within Saved Graphs (including all copies of the Saved Graph Data contained within the Saved Graph in its possession). This requirement shall not apply to the extent that GBG is required by any United Kingdom or EU (or any EU Member State) law to retain some or all of the Saved Graph Data, in which event GBG shall isolate and protect the Saved Graph Data from any further processing except to the extent required by such law until deletion is possible.
11.23 Deletion or return of MyData. Upon termination or expiry of these End User Terms, GBG shall (at the End User’s election) destroy or return all personal data contained within the MyData element of the Service. This requirement shall not apply to the extent that GBG is required by any United Kingdom or EU (or any EU Member State) law to retain some or all of the MyData, in which event GBG shall isolate and protect the personal data within MyData from any further processing except to the extent required by such law until deletion is possible.
12. GENERAL
12.1 Changes in Law or Guidance: The Parties agree that, following any changes or amendments to Applicable Data Protection Law or any associated guidelines and instructions issued by relevant national, federal and/or state authorities that affect these End User Terms, GBG may be required to update this clause 11 and/or the terms set out in the Local Laws to ensure compliance with the applicable change in law and/or issued guidance.
12.2 International transfers of End User Data. The End User acknowledges that GBG may process End User Data in a territory outside of EEA, the United Kingdom, or your local country or region. GBG will take all necessary measures to ensure such onward transfers of End User Data are in compliance with Applicable Data Protection Law.
12.3 International Transfers of Results. GBG acknowledges and agrees, except where expressly prohibited in the Additional Terms, that the End User may process Results (and permit Results to be processed) in a territory outside of EEA and/or the United Kingdom, so long as it takes necessary measures to ensure such transfers are in compliance with Applicable Data Protection Law. Any transfer that is subject to additional laws shall be subject to the provisions set out in the applicable Local Laws.
12.4 The End User acknowledges and agrees that End User Data may be transferred outside the EEA to a GBG Group Company in the course of providing the Service. GBG shall be responsible for ensuring that such Group Company complies with Applicable Data Protection Law and the terms of these End User Terms
13. LIABILITY
13.1 Neither Party excludes or limits its liability for death or personal injury resulting from its negligence; fraud or fraudulent misrepresentation; wilful or deliberate misconduct; gross negligence; or any other type of liability that cannot by law be excluded or limited.
13.2 Save as set out in clause 13.1 each Party’s liability to the other Party, in respect of clauses 0 (Security), 0 (Intellectual Property Rights), 0 (Indemnity); 10 (Confidentiality and Publicity); 11 (Data Protection) and 0 (Fraud, Bribery, Tax Evasion and Ethical Trading) shall be subject to a cap of £2,000,000 GBP (or equivalent in local currency) per breach.
13.3 The End User does not exclude or limit its liability in respect of exceeding their Licence.
13.4 Subject to clauses 13.1, 13.2, and 13.3, each Party’s aggregate liability to the other Party under or in connection with these End User Terms, whether such liability arises in contract, tort (including, without limitation, negligence) misrepresentation or otherwise, shall be limited to £20,000 GBP (or equivalent in local currency).
13.5 Subject to clauses 13.1, neither Party shall be liable for loss of profits, loss of business or anticipated savings, destruction or deletion of data, loss of use of data, loss of or damage to reputation, loss of or damage to goodwill, any special, indirect or consequential loss or damage.
13.6 Without prejudice to any provision in these End User Terms whereby liability is excluded or limited to a lesser amount, the liability of GBG under or in connection with these End User Terms (whether in contract or in tort, in negligence, for breach of statutory duty or otherwise) for any claim, shall not exceed the amount, if any, recoverable by GBG under its Professional Indemnity Insurance and/or Cyber Insurance, as taken out by GBG and in force at the time of the claim or, if applicable, any amount recoverable from a Supplier.
13.7 Due to GBG’s reliance on Suppliers, and telecommunication services, over which GBG has no direct control, GBG cannot warrant:
(a) accuracy, suitability or uninterrupted availability of the Service or Results; and
(a) that the use of the Service and/or the Results will meet the End User's business requirements and the End User accepts that the Service was not designed or produced to its individual requirements and that it was responsible for its selection; consequently, the End User agrees that except as expressly set out in these End User Terms, all warranties, conditions and other terms relating to the Service and these End User Terms whether express or implied by law, custom or otherwise are, to the fullest extent permitted by law, excluded from these End User Terms. GBG shall not be responsible for the decisions that the End User makes as a result of the information, Service, Results or data that GBG provides under these End User Terms.
13.8 The End User shall not be entitled to recover any amount from GBG in respect of sums which it has already recovered under the Intermediary Terms.
13.9 For the purposes of these End User Terms, the Parties acknowledge that any breach of the following clauses shall be deemed a material breach of these End User Terms:3.1-3.3, 0-10.3, Error! Reference source not found.-11.6, 11.9, 19.1 and 19.2 together with any other clauses detailed in these End User Terms, any applicable Additional Terms, and the Local Laws that apply to the End User's use of the Service and Results.
14. SUSPENSION AND TERMINATION
14.1 Where reasonable and appropriate to do so, GBG may suspend and/or may require the Intermediary to suspend, all or part of the Service immediately and without providing notice in the event that the End User breaches or GBG acting reasonably suspects that the End User has committed a material breach of these End User Terms.
14.2 GBG may terminate or require the Intermediary to terminate the provision of the Service on immediate notice in writing to the End User if:
(a) the End User commits a material or persistent breach of these End User Terms, which is capable of remedy, and it fails to remedy the breach within 10 Business Days of a written notice to do so. and/or
(b) the End User commits a material or persistent breach of these End User Terms which cannot be remedied;
14.3 Upon termination of these End User Terms:
(a) the End User will: (i) cease receiving or using the Service or in the case where access to a specific part of the Service has been terminated, cease to receive or use the specified part of the Service; ((ii) comply with any additional post-termination provisions that relate to the Services;
(b) GBG will cease the processing of End User Data (and any copies of it) and, save for the copy contained within the GBG Audit Trail, shall arrange for its safe return or destruction as shall be required by the End User (unless any Applicable Data Protection Law requires storage of any personal data contained within the End User Data or an exemption under Applicable Data Protection Law applies);
(c) the End User may continue to use the Results generated as a result of its use of the Service subject to any conditions set out in any applicable Local Laws and/or Additional Terms; and
(d) save as otherwise set out in this clause 14.3, the Parties will return or destroy (at the option and request of the disclosing Party) any Confidential Information belonging to the other Party in its possession or control.
14.4 The termination of these End User Terms does not affect the accrued rights, remedies and obligations or liabilities of the Parties existing at termination, nor shall it affect the continuation in force of any provision of these End User Terms that is expressly or by implication intended to continue in force after termination.
15. AUDIT, INSPECTIONS AND RECORDS
15.1 The Parties acknowledge and accept that, due to the nature of the Services provided, a mutual right to carry out an audit and/or inspection is required for each Party to be able to verify and monitor the other Party’s compliance with its material obligations under these End User Terms. The following provisions of this clause 0 are to give effect to that requirement.
15.2 Each Party shall maintain accurate and complete records as is necessary to demonstrate compliance with its obligations under these End User Terms, in particular in relation to the use of the Service and the provision, receipt and processing of personal data.
15.3 Prior to undertaking an audit and/or inspection in accordance with clause 15.4, the Party carrying out the audit and/or inspection (the “Auditing Party”) shall be entitled to (but not obligated to) submit to the other Party (the “Audited Party”) questions regarding the Audited Party’s performance of its obligations under these End User Terms. All responses, information and records shall be provided to the Auditing Party without undue delay and where possible within 10 Business Days of receipt of such request. The submission of questions under this clause 15.3 shall not prejudice the Auditing Party’s other rights under this clause 0.
15.4 The Auditing Party shall be entitled to conduct an on-site audit and/or inspection or to appoint a third-party auditor, subject to the Auditing Party and/or its third-party auditor’s agreement to reasonable and appropriate confidentiality undertakings.
15.5 The Auditing Party shall provide reasonable prior notice of any such audit, save where:
(a) the Auditing Party reasonably believes that the Audited Party is in breach of its obligations under these End User Terms; and
(b) such notice is likely to prejudice or unreasonably delay the investigation of such breach, for example in the case of a Data Breach or security incident involving personal data.
15.6 The Audited Party shall notify the Auditing Party of the name of the individual within its organisation who will act as the point of contact for the provision of information and records in accordance with clause 15.3 and/or for enabling an audit or inspection to be carried out in accordance with clause 15.4.
15.7 The Audited Party shall provide the Auditing Party (or any third-party auditor as relevant) with reasonable, supervised access to its premises, employees, computers, IT systems and records as required for the purpose of any such audit and/or inspection.
15.8 The Auditing Party shall be entitled to take copies of any relevant records, information, documents or data obtained during an on-site audit and/or inspection as may be reasonably required by the Auditing Party.
15.9 Audits and/or inspections shall not be carried out on more than one occasion per year under these End User Terms unless the Auditing Party reasonably believes that the Audited Party is in material breach of these End User Terms or unless the Auditing Party is required to do so by any regulatory body with competent jurisdiction (or in the case of GBG, a Supplier engaged in connection with the Service). The Auditing Party or its auditor may be accompanied by representatives of any such regulatory body (or Supplier in the case of GBG) in respect of any such audit imposed on the Audited Party.
15.10 All audits and/or inspections will be conducted in a manner that does not materially disrupt, delay or interfere with the Audited Party’s performance of its business and shall be carried out at the expense of the Auditing Party.
15.11 As an alternative to an on-site audit and/or inspection, the Audited Party may request that an audit is undertaken by the Audited Party’s own internal audit function for the purposes of investigating the Audited Party’s compliance with its obligations under these End User Terms. If such request is agreed by the Auditing Party (at its sole discretion), the Audited Party shall procure that the audit and/or inspection is undertaken as soon as practicable and shall provide the Auditing Party with unfettered access to:
(a) all audit reports, information and/or documentation produced or created as a result of the internal audit; and
(b) all relevant members of the Audited Party’s internal audit team for the purpose of understanding such audit reports.
15.12 As a further alternative to an on-site audit and/or inspection, the Auditing Party (at its sole discretion) may undertake an audit and/or inspection by way of remote access.
15.13 If any audit and/or inspection undertaken in accordance with this clause 0 identifies a breach of these End User Terms by the Audited Party, then without prejudice to any rights and/or remedies the Auditing Party may have
(a) the Audited Party shall take the necessary steps to comply with its obligations at no additional cost to the Auditing Party; and
(b) if that breach is material, the Audited Party shall reimburse the Auditing Party for the full cost of the audit and/or inspection.
15.14 Any records, documents and information provided by an Audited Party under this clause 0 may be redacted to remove Confidential Information not relevant to the request.
15.15 The provisions of this clause 0 shall survive termination or expiry of these End User Terms for: (i) a period of six (6) months for all general provisions under these End User Terms; and (ii) indefinitely for the purposes of verifying the Party’s compliance with these End User Terms that survives termination, its obligations on termination or expiry of these End User Terms, or where a Party reasonably suspects the other Party to have breached End User Terms during its Term.
16. DISPUTE RESOLUTION
16.1 If a dispute arises out of or in connection with these End User Terms or the performance, validity or enforceability of it (a “Dispute”) then the Parties shall follow the procedure set out in this clause 0, specifically:
(a) either Party shall give to the other written notice of the Dispute, setting out its nature and full particulars (a “Dispute Notice”), together with relevant supporting documents. On service of the Dispute Notice, authorised representatives of GBG and the End User shall attempt in good faith to resolve the Dispute;
(b) if the authorised representatives of GBG and the End User are, for any reason, unable to resolve the Dispute within 10 Business Days of service of the Dispute Notice, the Dispute shall be escalated, appropriately in the circumstances, within GBG and the End User in an attempt in good faith to resolve the matter; and
(c) if, following escalation of the Dispute as described in clause 16.1(b) above, GBG and the End User are for any reason unable to resolve the Dispute within 30 Business Days of it being escalated, then the Parties may attempt to settle it by way of mediation. Should the Parties fail to reach a settlement within 25 Business Days from the date of engaging in such mediation, the Parties shall be entitled to refer the Dispute to the courts in accordance with clause 21.1 of the End User Terms.
16.2 Notwithstanding clause 16.1 above, the Parties acknowledge that damages alone may not always be an adequate remedy for a breach by the other Party of the terms of these End User Terms. Accordingly, without prejudice to any other rights and remedies it may have, the injured Party shall be entitled to seek specific performance and/or injunctive or other equitable relief at any point should that Party deem it necessary to protect the legitimate business interests of that Party.
17. EVENT OF FORCE MAJEURE
17.1 Neither Party shall be in breach of these End User Terms nor liable for any delay in performing, or failure to perform, any of its obligations under these End User Terms if such delay or failure results from an Event of Force Majeure. In such circumstances, the affected Party shall be entitled to a reasonable extension of the time for performing such obligations. If the period of delay or non-performance continues for 30 days, the Party not affected may terminate these End User Terms immediately by giving written notice to the affected Party.
18. NOTICES
18.1 Notices required to be given under these End User Terms must be in writing and may be delivered by email, hand or by courier, or sent by first class post to the following addresses:
(a) to GBG:
(i) at its registered office address and marked for the attention of the Head of Legal; and
(ii) by email to legal@gbgplc.com or other email address as notified from time to time; and
(b) to the End User:
(i) at the address listed on the End User Registration Form or the End User’s registered office address (in the case of a corporate body); or
(ii) by email to the address specified by the End User as its legal notice email address on the End User Registration Form or if not provided or undeliverable, to such other End User contract email address as set out on the End User Registration Form and updated from time to time.
18.2 Any notice shall be deemed to have been duly received:
(a) if delivered by hand or by courier, when left at the address referred to in clause 18.1 or if sent by first class post, two Business Days after the date of posting.
(b) if delivered by email at the time of transmission, or, if this time falls outside business hours in the place of receipt, when business hours resume. In this clause 18.2(b) business hours means 9.00am to 5.00pm on Business Days.
18.3 This clause does not apply to the service of any proceedings or other documents in any legal action.
19. FRAUD, BRIBERY, TAX EVASION AND ETHICAL TRADING
19.1 Both GBG and the End User undertake:
(a) not to engage in Tax Evasion or the Facilitation of Tax Evasion of any kind in any territory;
(b) to implement reasonable procedures to prevent the Facilitation of Tax Evasion by Persons Associated with the relevant Party;
(c) to take such steps as may be required to ensure compliance with all applicable laws relating to anti-bribery, anti-corruption, modern-slavery and human trafficking (the “Compliance Requirements”);
(d) to implement, maintain and, where appropriate, enforce its own policies and procedures as required to comply with the Compliance Requirements throughout the term of these End User Terms;
(e) not to do, or omit to do, any act that will cause the other Party to be in breach of the Compliance Requirements;
(f) to promptly provide the other Party with such information as it may request in order to comply with its own reporting obligations under the Compliance Requirements; and
(g) to promptly report to the other Party any request or demand for any undue financial or other advantage of any kind received by that Party in connection with the performance of these End User Terms.
19.2 Each Party shall promptly and without undue delay, notify the other as soon as it becomes aware of a breach of any of the requirements in this clause 0.
19.3 The Parties acknowledge that any breach of clause 19.1(a) or
(e) shall be deemed a material breach of this Agreement that is not remediable.
20. MISCELLANEOUS
20.1 The Parties acknowledge and accept that GBG may be required to make changes to these End User Terms Additional Terms and the Local Laws from time to time. In such circumstances the process outlined in this clause 20.1 shall apply. Specifically:
(a) GBG shall be entitled to make changes to the Additional Terms as required to reflect a change to the Dataset or Supplier Data change, a change in Supplier, a change to the licencing terms imposed on GBG by the relevant Supplier and/or a change in regulation, law or guidance. In such circumstances, GBG will notify the End User of the change;
(b) GBG shall be entitled to make changes to the Local Laws as required to reflect a change in regulation, law or guidance and to add in new countries and provisions not previously covered by the Local Laws pages. In such circumstances, the update or amendment will be shown on the Local Laws page. Where a change to the Local Laws is considered by GBG (acting reasonably) to be material and/or negatively impacts the delivery of the Service, GBG will notify the End User of the change.
20.2 GBG shall be entitled to make changes to the End User Terms as required to reflect changes in law or to meet regulatory requirements, or to reflect operational changes to the way in which the Services are delivered. In such circumstances GBG will provide the End User with reasonable prior notice of the change (save where it is unable to do so in respect of a change in law).
20.3 Save as set out in clause 20.1, all other agreed changes or variations to these End User Terms must be recorded in writing and will be considered to be Special Conditions that form part of these End User Terms when signed by an Authorised Signatory of both Parties.
20.4 The End User may not assign or transfer (in whole or in part) any of its rights or obligations under these End User Terms, without GBG's prior written consent (such consent not to be unreasonably withheld or delayed).
20.5 GBG may assign such rights and obligations to a GBG Group Company without consent.
20.6 Save where expressly stated in the Local Laws, Special Conditions or Additional Terms, no term of these End User Terms is intended to confer any benefit on or be enforceable by any third-party whether automatically granted by any applicable legislation or otherwise.
20.7 These End User Terms constitutes the entire agreement between the Parties and replaces and supersedes all previous written or oral agreements relating to its subject matter.
20.8 The Parties agree that:
(a) neither Party has been induced to enter into these End User Terms by any representation, warranty or other assurance not expressly incorporated into it; and
(b) in connection with these End User Terms its only rights and remedies in relation to any representation, warranty or other assurance are for breach of contract and that all other rights and remedies are excluded, except in the case of fraud.
20.9 If any provision of these End User Terms (or part of any provision) is found by any court or other authority of competent jurisdiction to be invalid, illegal or unenforceable, that provision or part-provision shall, to the extent required, be deemed not to form part of these End User Terms, and the validity and enforceability of the other provisions of these End User Terms shall not be affected.
20.10 These End User Terms may be executed in any number of counterparts, each of which when executed and delivered shall constitute an original of these End User Terms, but all counterparts shall together constitute the same agreement.
No counterpart shall be effective until each Party has executed at least one counterpart.
20.11 No failure or delay by a Party to exercise any right or remedy under these End User Term or by law shall constitute a waiver of that or any other right or remedy nor shall it preclude or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall preclude or restrict the further exercise of that or any other remedy.
20.12 Unless otherwise stated herein, the rights and remedies provided under these End User Terms are in addition to, and not exclusive of, any other rights or remedies provided by law.
21. GOVERNING LAW AND JURISDICTION
21 By entering into these End User Terms, the Parties warrant to each other that they each have the right, authority and capacity to enter into the terms and conditions of these End User Terms in the jurisdiction in which that Party is based and that they agree to be bound by these.
21.1 These End User Terms and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed and construed in accordance with English law (“Governing Law and Jurisdiction”), save where the Local Laws specifies that certain provisions must be subject to local governing laws (“Local Governing Law and Jurisdiction”).
21.2 Both Parties submit to the exclusive jurisdiction of the courts of the relevant Governing Law and Jurisdiction, save that either Party may elect to bring:
(a) proceedings against the other Party in the courts of any Local Governing Law and Jurisdiction where required to by the Local Laws; and/or
(b) enforcement proceedings against the other Party in the courts of any jurisdiction where such Party or such Party’s property or assets may be found or located.