ToB - Data Protection, Confidentiality, & IP

Data Protection

Both of us will need to comply with all applicable requirements of the Data Protection Legislation.

This means (i) any data protection legislation from time to time in force in the UK, including the Data Protection Act 2018 or any successor legislation; and (ii) the General Data Protection Regulation ((EU) 2016 / 679) and any other directly applicable European Union Regulation (for as long as they are applicable in the UK).

For the purposes of the Data Protection Legislation, we acknowledge that you are the data controller and we are the data processor (each defined in the Data Protection Legislation).

You agree to make sure that you have all necessary appropriate consents and notices in place to enable the lawful transfer of the Personal Data (as defined in the Data Protection Legislation) to us for the duration and purposes of these terms.

In relation to any Personal Data we process for you in connection with these terms, we promise to:

Process that Personal Data only on your written instructions unless we are required by applicable law to otherwise process that Personal Data;

Where we are relying on laws of an EU Member State as the basis for processing Personal Data, promptly notify you of this before performing the processing (unless applicable law set out in a. above prevents us from doing so);

• Make sure that we have all appropriate technical and organisational measures in place, reviewed and approved by you, to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
• Make sure all personnel who have access to and / or process Personal Data are obliged to keep the Personal Data confidential; and
• Not transfer any Personal Data outside of the EEA unless the following conditions are satisfied:
  1. You or we have provided appropriate safeguards.
  2. You or we have provided appropriate safeguards;
  3. The Data Subject has enforceable rights and remedies in relation to their Personal Data;
  4. We comply with our obligations to provide an adequate level of protection to any Personal Data that is transferred;
  5. We comply with reasonable instructions notified to us in advance with regard to the processing of Personal Data;

• Assist you, at your own costs, in responding to requests from Data Subjects;
• Notify you without delay of a data breach;
• At your written direction, delete or return Personal Data on termination of our agreement under these terms, unless we are obliged by law to store the Personal Data; and
• Maintain complete and accurate records and information to demonstrate compliance with this clause.

Confidentiality

Both of us agree to keep all Confidential Information secure and confidential, including any personal or business information that you supply to other other than that which is already in the public domain.

We agree to only disclose to each of our employees, directors, consultants or advisers on a strictly ‘need to know’ basis.

We may need to disclose Confidential Information if required by law, regulation or court order.

On the expiry or termination of these terms, you can request for us to return all documents and materials containing your Confidential Information and Personal Data.  To the extent possible, we will also erase all of your Confidential Information from our storage system, although we will retain materials that we are required to retain by law.

Intellectual Property

You agree that each of us retains ownership of our intellectual property rights.

We may use your intellectual property only to the extent necessary for the delivery and use of the Services in the way that they are intended to be used.  All intellectual property created by either of us in the course of the Services will belong to the creating party.

You agree that you won’t resell the services or offer them or a version of them for sale at any time, unless they are intended for publication, for example if the services involved us assisting you with drafting website terms and conditions.