These terms are incorporated in all contracts for the Drink & Dine App and Web Ordering Tool.

In addition, by activating and accessing your Drink & Dine account (“your Account”), login details for which have been sent to you by email, you are agreeing to these terms.

If you do not agree with these terms, you are unable to comply with these terms, or you do not have the power, right or authority to act on behalf of and bind the Customer (in the Contract), then you must not activate or access your Account.

The Contract (as set out in the contract sheet and these terms) forms a legal agreement (the “Contract”) between you and Drink & Dine, which is a trading name of LWC Drinks Limited, a company registered in England and Wales with company number 07677007 (“we” or “us”). Please print a copy of this Contract for your record and future reference.

 

1        DEFINITIONS

  1. In this Contract these words have the following meaning:

App means our DRINK & DINE branded application, which facilitates your customers' orders and payments for goods and services from your Venue;

App Store mean the Apple or Google Play app store where the App will be made available for downloading by your customers;

Data means the information and data provided by us relating to the users of the App as set out in clause 2.1.2;

Platform means the App and the Web Ordering Tool;

QikServe means QikServe Limited, a company incorporated in Scotland (registered number SC405733) with registered office at 5th Floor, 125 Princes Street, Edinburgh, EH2 4AD, a service provider to us;

Venue means the specific venue, bar, hotel or restaurant for which you have requested the App and the Web Ordering Tool to be set up and created;

Web Ordering Tool means the online ordering tool set up as an iFrame on your website, which facilitates your customers' order and payment for goods and services from your Venue; and

Working Day means a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business.

 

LICENCE

  1. Subject to the terms and conditions of this Contract and subject to payment of all Fees, we grant to you:
  1. a non-exclusive, non-transferable licence to access and use the Platform in your business for the purpose of facilitating your customers' orders and payment for goods and services from you; and
  2. grant to you a non-exclusive, non-transferable licence to access information and data provided by us relating to your customers as set out below:
  • customer profiles and order histories;
  • order analytics and easy-to-use charts;
  • standard and customised reporting;
  • reports across multiple outlets; and
  • Excel downloads of the above reports and analytics.
  1. Your licence in clause 2.1.2 is limited to using the Data in accordance with our privacy policy. You must not use the Data provided to send any marketing communications to any of your customers unless those customers have opted in to receiving such communications via the Platform.
  2. You agree to indemnify us, our officers, employees, agents and service providers against all liabilities, costs, expenses (including reasonable legal fees and expenses), damages and losses suffered or incurred by us as a result of any breach by you of clause 2.2.

 

  1. OUR ACCOUNT
    1. You are responsible for maintaining the confidentiality of your Account and password and for restricting access to your computer and devices, and to the extent permitted by applicable law you agree to accept responsibility for all activities that occur under your Account or password. You should take all necessary steps to ensure that the password is kept confidential and secure and should inform us immediately if you have any reason to believe that your password has become known to anyone else, or if the password is being, or is likely to be used in an unauthorised manner.
    2. You may access and manage your Account at any time. If you require assistance with this you should contact us and we or a service provider will provide reasonable assistance to you.
    3. We will support your use of the Platform and you will find details of the support services we provide in Appendix 2.
  2. OUR OBLIGATIONS
    1. You agree that you:
      1. have provided, and will continue to provide, accurate and complete information in your Account, and will update such information as appropriate;
      2. are responsible for the accuracy of any data or content provided by you for use on the Platform as we may use this for our purposes in accordance with the data policies and preferences indicated by your customers when they install and use the App; and
      3. will not upload or transmit to our (or our service providers') systems or otherwise provide to us any unlawful content (including any content which is defamatory, obscene or abusive, or in breach or an infringement of intellectual property or privacy rights, or any data protection or confidentiality obligations).
    2. You should not rely on the Platform or any of our services, for storage or maintenance of information or your content. We may, at any time at our absolute discretion review and remove any content from the App and/or the Web Ordering Tool or request that you re-register or set up a new account for your continued use of the Platform.
    3. You agree to indemnify us, our officers, employees, agents and service providers against all liabilities, costs, expenses (including reasonable legal fees and expenses), damages and losses suffered or incurred by us as a result of any breach by you of clause 4.1.3.
  3. FEES AND PAYMENT
    1. The Fees are to be paid as set out in the Contract.
    2. In order for you to receive your customers' payments for the food, drink, merchandise, e-vouchers and/or other items they order using the App or Web Ordering Tool, you will need to register with our payment service provider, Global Pay and our gateway provider, Optomany, who will both charge transaction fees.
    3. Payment processing services are provided by a third party. The details you provide to the payment service provider will be subject to its terms of use and privacy policy. If you have any questions relating to these services, please contact the relevant payment services provider.
    4. Payment transactions are between you and your customers. Whilst we facilitate the payment procedure, we are not involved in the processing of your customers' payments and we are not responsible or liable for the services provided by the payment service provider.
  4. OUR USE OF THE APP, THE WEB ORDERING TOOL AND THE DATA
    1. You acknowledge that, except for the content provided by you, the Platform and the Data are protected by copyright, database rights, trade marks and other intellectual property rights of us and our licensors, as applicable, and all rights not expressly granted to you are reserved to us and our licensors.
    2. You may set up the look and feel of your Web Ordering Page as they will appear when being used by your customers in your Venue. We provide a basic template for your use, and it is your responsibility to ensure that the information provided to your customers is accurate and complete. The functionality of the Platform and the categories of information which you may include in the Platform are described in Appendix 1.
    3. You must not:
      1. sub-license, assign or transfer your rights or obligations under this

Contract; or

  1. access or use the Platform or the Data other than in accordance with this Contract; or
  2. access or use the Platform or the Data for any venue other than the Venue (if you want to use the Platform at another of your venues please let us know and we can agree to extend this Contract subject to payment of the additional Fees for new venue).
  3. You must not use the Platform or the Data in any way incompatible with their intended purpose or in any unlawful or unauthorised manner and, in particular, you must not:
    1. make any copies of the App, the Web Ordering Tool or the Data (other than a single back-up copy to the extent necessary to exercise your rights under this Contract);
    2. modify, adapt, reverse engineer, decompile or disassemble, create derivative works of, publish, distribute exploit the App or the Web Ordering Tool;
    3. remove any copyright or proprietary notices on the App, the Web Ordering Tool or the Data;
    4. use, distribute or disclose confidential, personal or sensitive data or information within the App, the Web Ordering Tool or the Data without appropriate authority;
    5. export the App or the Web Ordering Tool in breach of applicable export control or other laws relating to the export of technology and software; or
    6. make any unlawful or unauthorised use of our (or our service providers') equipment, networks, systems or software (including attempting to gain unauthorised access, introducing any computer virus or malware, or inhibiting their operation).
  4. Both you and us will comply with all applicable laws, regulations and codes relating to the protection of personal data.

 

WARRANTIES

  1. We warrant and represent that the Platform shall, on the date that the App is approved for placing by an App Store and for three (3) months after that date, conform substantially in accordance with the specifications set out in Appendix 1 below.
  2. The sole remedy for breach of the warranty in clause 7.1 is that we may, at our sole discretion:
  1. rectify the defect that constitutes such breach within a reasonable time from notification by you of the defect; or
  2. if (in our opinion) rectification of the defect is not feasible, terminate this Contract by notice in writing to you with immediate effect and refund any Fees paid by you for any unexpired term.
  1. The warranty set out in this clause 7 are in lieu of all other express or implied warranties or conditions, including implied warranties or conditions of satisfactory quality and fitness for a particular purpose, in relation to this Contract. Without limitation, and except as may be expressly set out in this Contract, we specifically deny any implied or express representation that the App and/or the Web Ordering Tool will be:
  1. fit to operate uninterrupted or error-free; and
  2. free from any defects or errors.
  1. Any unauthorised modifications or use of the App and/or the Web Ordering Tool by or on your behalf shall render all our warranties and obligations under this Contract null and void.
  2. You
  1. warrant to us that you will at all times comply with all applicable laws and regulations with respect to your activities under this Contract and any part of the Platform; and
  2. shall indemnify us, our officers, employees, agents and service providers against all liabilities, costs, expenses (including reasonable legal fees and expenses), damages and losses suffered or incurred by the us arising out of any non-compliance by you of clause 7.5.1.

 

LIMITATIONS OF LIABILITY

  1. Nothing in this Contract shall exclude or limit our liability for fraud or fraudulent misrepresentation, death or personal injury caused by our negligence or any other liability which cannot be lawfully excluded or limited.
  2. Subject to clause 8.1, we shall not in any circumstances be liable whether in contract, tort (including for negligence and breach of statutory duty howsoever arising), misrepresentation (whether innocent or negligent), restitution or otherwise, for:
  1. the accuracy, completeness or legality of any data, content or other information provided by you; nor
  2. any breach of any obligations due to a cause beyond our reasonable control.

8.3      Subject to clause 8.1, we shall not in any circumstances be liable whether in contract, tort (including for negligence and breach of statutory duty howsoever arising), misrepresentation (whether innocent or negligent), restitution or otherwise, for any:

  1. loss, damage or distress arising from reliance on the Data or reliance on availability of the Platform; or
  2. loss of business, customers or profits; or
  3. indirect, consequential or economic loss, damage or distress (including any such loss, damage or distress arising from unauthorised use of or damage to your data or content),

which you suffer as a result of this Contract, or your use of the App, the Web Ordering Tool or the Data.

8.4      Subject to clause 8.1, but without prejudice to other limitations on our liability

(including clauses 8.2 and 8.3), our total liability to you in any twelve (12) month period for any other losses or claims relating to the App, the Web Ordering Tool or the Data and arising during that period is limited to the fees paid by you to us in such a period.

9        DURATION AND TERMINATION

  1. This Contract will commence on the Contract Start Date for a period of one month. At the end of this first month and each subsequent month, the Contract will automatically renew for a further month.
  2. We may suspend your access to the App, the Web Ordering Tool and the Data and/or terminate this Contract immediately and without notice:
  1. if you breach, or we reasonably suspect that you are in breach, of any term of this Contract; or
  2. if we cease to provide (or change the way in which we provide) the App, the Web Ordering Tool and the Data; or
  3. pursuant to clause 7.2.2.
  1. If we terminate this Contract because we no longer provide the App, the Web Ordering Tool and the Data, we will refund any sums received by us from you for any unexpired term.
  2. You may terminate this Contract by giving us at least 30 days’ notice in writing and the termination will take effect at the end of the month in which the 30 days’ notice expires.
  3. Following termination of this Contract for any reason your licence to use the App and the Web Ordering Tool will terminate. You agree that, as soon as reasonably practicable, you will permanently delete any proprietary software and any copies of such software belonging to us.
  4. Following termination of this Contract for any reason you may continue to use the Data you have. You agree that it is your responsibility to comply with all data protection laws in respect of any future use you may make of such Data.
  5. Following termination of this Contract or suspension of your access to the App, the Web Ordering Tool and the Data for any reason, we may retain your account details and other records relating to you for our record keeping. Additionally, your customers will no longer be able to access or use the App or the Web Ordering Tool.
  6. Except where expressly stated, you agree that neither we, nor our officers or employees shall be liable to you or any third-party for any termination of this Contract or any suspension or restriction of your access to the App, the Web Ordering Tool or the Data.

10      CHANGES

  1. We may make changes to these terms and the terms on which the App and the Web Ordering Tool may be used by your customers at any time at our absolute discretion.
  2. We may upgrade or update the App and/or the Web Ordering Tool from time to time. This may be for reasons such as; to fix errors, enhance security, enhance user interfaces or to facilitate third party (such as payment providers) requirements.
  3. We may (by means of a notice on our website, within the relevant application store or otherwise) require your customers to install and use an upgraded version of the App in place of the current version, or to uninstall the App if we cease to offer it. All upgrades to the App fall under the definition of the “App” under this Contract.

11      PRIVACY

  1. You agree to our use of your personal data as set out in our privacy policy, which can be found at www.drinkanddine.co.uk/privacypolicy and in accordance with Appendix 3.

12      GENERAL

  1. All provisions of this Contract which by their nature are intended to continue shall survive termination, including terms relating to exclusions and limitations of liability, intellectual property restrictions and on-going use of your data.
  2. Termination of this Contract shall not affect accrued rights and liabilities of you or us up to the date of termination.
  3. No provision of this Contract is intended to be enforceable by any person other than you and us.
  4. No variation of this Contract shall be effective unless it is in writing and signed by both you and us (or authorised representatives).
  5. A person who is not a party to this Contract shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Contract , but this does not affect any right or remedy of a third party which exists, or is available, apart from that Act.
  6. We may, without your consent, sub-license our rights under this Contract to our third party service providers.
  7. We may, without your consent, assign or transfer any or all of our rights and obligations under this Contract to any successor in title of all or part of the App, the Web Ordering Tool, or intellectual property or other rights or obligations subsisting in relation to the same.
  8. You may not assign, transfer, mortgage, charge, subcontract, declare a trust of or deal in any other manner with any or all of your rights and obligations under this Contract without our prior written consent.
  9. Failure or delay by us to exercise any right or remedy under this Contract does not constitute a waiver of that right or remedy.
  10. Any notice or other communication required to be given by you under this Contract shall be given by email to info@drinkanddine. Any notice or other communication required to be given by us under this Contract shall be given to the email address you specify in your Account. Any notice shall be deemed to have been duly received at 9.00am on the next Working Day after transmission.
  11. The terms of this Contract constitute the entire agreement between you and us with respect to the subject matter and supersede any and all prior agreements, negotiations and discussions relating to the same.
  12. If any provision of this Contract is found by any court or legal authority to be invalid, unenforceable or illegal, the other provisions shall remain in force and, to the extent possible, the provision shall be modified to ensure it is valid, enforceable and legal, whilst maintaining or giving effect to its commercial intention.
  13. Both parties to this Contract will, at all times, comply with all applicable laws and neither party will do anything which would lead the other to commit any offence or to bring the other into disrepute.
  14. This Contract is governed by the laws of England and Wales, and the courts of England and Wales shall have jurisdiction to hear any disputes arising in connection with it.

 

Appendix 1

1. Drink & Dine App and Online Ordering General Description

The Platform consisting of the App and the Web Ordering Tool facilitate the transaction of goods and services between you and a customer.

The Platform is accessed by the Venue primarily via a web portal for the purposes of administration and order management. The customer may access the platform via a web app or phone app.

The phone app is Android and iOS compatible.

The Platform allows you to manage the entire order and fulfilment lifecycle. You present products and services (for your Venues) via a menu, take orders from customers, accept payment via a payment service provider, track fulfilment and gain access to in-depth sales data and analytics.

Integration of the App and the Web Ordering Tool with EPOS and local printers is completed under a separate statement of work and we will agree the charges for this work. The scope of integration available is dependent on the EPOS specification and relevant API.

2. Drink and Dine App and Online Ordering Specification

Commencing at the completion of the onboarding process the App and the Web Ordering Tool provide the following functionality:

  • Manage Venue Settings: Specify opening times, fulfilment lead times, max delivery distance, discounts, minimum order values, default prep times, delivery fees, payment options and currency,
  • Menu build and configuration: Descriptions, prices, images, mandatory/optional modifiers including labelling for vegans, vegetarians, allergens and intolerances,
  • Accept orders for collection or delivery, providing lead times and delivery windows,
  • Push notification to customers via App and email,
  • Analytics dashboard covering, customer numbers, order numbers, average basket size, items ordered, total order value, order number by channel, most popular items, times order placed, order number by Venue. Stock reporting - menu items ordered within date range. Customer analytics including, name, email address, total value of orders made, contact preferences. Standard reports exportable via PDF and CSV.
  • Order management. Real time view of orders placed, orders in progress, orders complete. Consumer notifications.
  • Styling of Home screen and Menu screen allowing the modification of main heading, button and button text colour, background.
  • Advance settings allow for the management of admin user access, payment method, tax configuration, App ordering availability.

 

 

 

 

 

 

Appendix 2

Support Services

Overview

A help desk and support is provided by QikServe and is available to respond to questions from you and your customers. This desk is available on Working Days from 9am to 5pm (Support Hours).

 

Support

Support is available to assist with technical issues of varying degrees of severity. There may be occasions where the support may not be able to answer all questions, but they will also engage with other groups within QikServe to help provide answers to you.

Outside Support Hours a reduced team is available for Severity 1 and Severity 2 issues.

 

Severity Level Guidelines & Response Time

The following table outlines response times, measured from the time QikServe receive initial request for support, to the time QikServe provide an initial communication back to you regarding your request.

 

Severity

Severity Definition

Response Time

 

Response Time

Coverage

1

 

Critical business impact/service down: Complete or single point of failure of service affecting availability to you or at least 50% of all users of the Platform

Within 1 hours (if request received outside Support Hours, then 2 hours)

24 hours

 

2

Significant business impact: Where the Platform is available however one or more functions are degraded/impaired causing serious impact on business operation

Within 2 hours (if request received outside Support Hours, then 4 hours)

24 hours

 

3

Minor business impact: Indicates the Platform or functionality is usable and it is not a critical impact on operations

Within 1 Working Day

Support Hours

 

4

Minimal business impact: inquiry or non-technical request

Within 3 Working Days

Support Hours

 

 

Uptime Guarantee

QikServe warrant that the Platform will be available 99.9% of each month (the “Uptime Guarantee”), excluding Planned Downtime. In the event that QikServe fails to meet the Uptime Guarantee either (a) in two consecutive months; or (b) more than four times in any year, or (c) in a given month, Uptime is less than 90%, you may terminate the Contract on one week’s notice and receive a refund of fees for the unexpired portion of the current month.

 

“Uptime” means the amount of time that the Platform is available in all material respects in any given month excluding Planned Downtime. “Planned Downtime” means time scheduled by QikServe or our service providers for the purpose of performing periodic full system backups, software upgrades, or other services that may require the App and/or the Web Ordering Tool to be either fully or partially unavailable. Planned Downtime may occur daily between the hours of 11 p.m. to 6 a.m., GMT. Planned Downtime shall not count towards the Service Uptime calculation.

 

QikServe will provide two weeks advance notice of any Planned Downtime, if practicable, and if not, as much notice as is reasonably possible. The Uptime Guarantee shall not apply to any unavailability, suspension or termination of the Platform, or any other performance issues: (i) that result from termination or suspension of the Platform as authorized by the Contract; (ii) caused by factors outside of our or our service providers’ control, including any Internet or cellular access or related problems beyond the demarcation point of our and/or our service providers’ servers; (iii) that result from any of your actions or inactions of those of your customers or (iv) that result from your equipment, software or other technology and/or third party equipment, software or other technology.

 

Your Responsibilities

You play a key role in assisting us and QikServe when you have questions or have encountered problems with the Platform. Information that you provide about the problem at hand is often key to resolving your issue. The following practices can help us and QikServe to better understand your problem and more effectively respond to your concerns, as well as help you make the best use of your time:

 

• Submitting questions via email

• Keeping the questions/issues separate (one problem per Support Ticket/Incident/Case)

• Selecting a Severity based on your judgment of the business impact

• Providing timely feedback on recommendations, so that QikServe can close out the Support Ticket when the problem has been resolved. If the problem reoccurs you may reopen the original Support Ticket by resubmitting it electronically

 

You will be required to provide the following information when contacting support:

• Your name, venue name, e-mail address and telephone number with extension

• Any Support Case number that has already provided

 

Contacting Support

The primary way to contact QikServe for support is via email:  support@qikserve.com.

 

Service Request Workflow

Once your e-mail is received, QikServe reviews each item and assign a severity based on the issue details submitted.

QikServe will attempt to respond to requests with a solution at the first response. If QikServe determine that further research is required, you will receive an acknowledgement email and subsequent updates.  Each support ticket is followed through to closure by QikServe.

 

Escalation Process

This escalation process is made available if you wish to pursue a particular concern regarding an open support request.

 

First Escalation: You should submit a new e-mail via support@qikserve.com with the subject line of “Escalation” and the following information in the body of the email:

  • Reason for the escalation request on previously submitted tickets (please include the name that was used to open this ticket), so QikServe may prioritise your requests accordingly.

 

Please note that while QikServe may be able to process some requests quickly, there may be questions or issues that require a longer time for analysis.

 

 

 

 

Appendix 3

Data Processing

 

This Appendix, governs the Processing of Personal Data that you and/or your customers upload directly or otherwise provides to us in connection with the Platform and the Processing of any Personal Data that we upload or otherwise provide to you in connection with the Platform.

In the event of any conflict or inconsistency between any of the terms of the Contract and this Appendix, the provisions of this Appendix will apply.

 

1. DEFINITIONS

“Data Controller” means you.

“Data Processor” means us and our service providers.

“Data Protection Requirements” means the Directive, the General Data Protection Regulation, Local Data Protection Laws, any subordinate legislation and regulation implementing the General Data Protection Regulation, and all Privacy Laws.

“Directive” means the EU Data Protection Directive 95/46/EC (as amended).

“General Data Protection Regulation” means Regulation (EU) 2016/679, the European Union Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

“Local Data Protection Laws” means any subordinate legislation and regulation implementing the Directive or the General Data Protection Regulation which may apply to the Contract, including, but not limited to, the Data Protection Act 2018.

“Personal Data” means any information about an individual that (a) can be used to identify, contact or locate a specific individual, including data that you choose to provide to us; (b) can be combined with other information that can be used to identify, contact or locate a specific individual; or (c) is defined as “personal data” or “personal information” by applicable laws or regulations relating to the collection, use, storage or disclosure of information about an identifiable individual.

“Personal Data Breach” means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Your Personal Data.

“Privacy Laws” means all applicable laws, regulations, and other legal requirements relating to (a) privacy, data security, consumer protection, marketing, promotion, and text messaging, email, and other communications; and (b) the use, collection, retention, storage, security, disclosure, transfer, disposal, and other Processing of any Personal Data.

“Process” and its cognates mean any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.  

“Subprocessor” means any entity which provides processing services to us in furtherance of our processing on your behalf, which is authorised by you.

“Supervisory Authority” means an independent public authority which is established by a European Union member state pursuant to Article 51 of the General Data Protection Regulation, such as the Information Commissioner’s Office (“ICO”) in the UK.

 

“Your Personal Data” means Personal Data that you and/or your customers or otherwise provide to us in connection with the access and use of the Platform or for which you are otherwise a data controller.



2. NATURE OF DATA PROCESSING

Each party agrees to Process Your Personal Data only for the purposes set forth in the Contract. The categories of Personal Data processed and the categories of data subjects subject to this Contract may include:

 

 

3. YOUR OBLIGATIONS

You agree to provide us with instructions and determine the purposes and general means of Processing of Your Personal Data in accordance with the Contract.



4. OUR OBLIGATIONS

4.1    Processing Requirements.

We will:

a.    Process Your Personal Data (i) only for the purpose of providing the Platform using appropriate technical and organizational security measures; and (ii) in compliance with the instructions received from you. We will not use or Process Your Personal Data for any other purpose. We will promptly inform you in writing if we cannot comply with the requirements of this Appendix, in which case you may terminate the Contract or take any other reasonable action, including suspending data processing operations;

b.     Inform you immediately if, in our opinion, an instruction from you violates applicable Data Protection Requirements;

c.     Where we are collecting Your Personal Data from your customers, follow the App process for setting up an account which you have agreed to and instruct us to undertake (including with regard to the provision of notice and exercise of choice);

d.    Take commercially reasonable steps to ensure that (i) persons we employ and (ii) other persons engaged to perform on our behalf comply with the terms of the Contract;

e.    Ensure that our employees, authorized agents and any Subprocessors are required to comply with and acknowledge and respect the confidentiality of Your Personal Data, including after the end of their respective employment, contract or assignment;

f.    Where we engage Subprocessors to help us satisfy its obligations in accordance with the Contract or to delegate all or part of the processing activities to such Subprocessors, (i) obtain your prior written consent to such subcontracting; (ii) remain liable to you for the Subprocessors’ acts and omissions with regard to its compliance with Data Protection Requirements in respect of Your Personal Data; and (iii) enter into contractual arrangements with such Subprocessors binding them to provide the same level of data protection and information security to that provided for herein and in particular a requirement that the Subprocessor will implement appropriate technical and organizational measures to ensure that the requirements of the Data Protection Requirements are met;

g.    Upon request, provide you with a summary of our privacy and security policies; and

h.    Inform you if we undertakes an independent security review.

4.2    Notices to You.

We will without undue delay inform you if we become aware of:

a.    Any non-compliance by us or our employees with any Data Protection Requirements relating to the protection of Your Personal Data;

b.    Any legally binding request for disclosure of Your Personal Data by a law enforcement authority, unless we are otherwise forbidden by law to inform you, for example to preserve the confidentiality of an investigation by law enforcement authorities;

c.    Any notice, inquiry or investigation by a Supervisory Authority with respect to Your Personal Data; or

d.    Any complaint or request to exercise any right under the General Data Protection Regulation received directly from one of your customers. We will not respond to any such request without your prior written authorization.

4.3    Assistance.

We will without undue delay provide reasonable assistance to you regarding:

a.    Any requests from your customers in respect of exercising any of their rights under the General Data Protection Regulation for Your Personal Data that we process for you. In the event that a customer of yours sends such a request directly to us, we will promptly send such request to you;

b.    The investigation of Personal Data Breaches and the notification to the Supervisory Authority and your customers regarding such Personal Data Breaches; and

c.    Where appropriate, the preparation of data protection impact assessments and, where necessary, carrying out consultations with any Supervisory Authority.

4.4    Required Processing.

If we are required by Data Protection Requirements to process any of Your Personal Data for a reason other than providing the services described in the Contract, we will inform you of this requirement in advance of any processing, unless we are legally prohibited from informing you of such processing (e.g., as a result of secrecy requirements that may exist under applicable laws).

4.5    Security.

We will:

a.    Maintain appropriate organizational and technical security measures (including with respect to personnel, facilities, hardware and software, storage and networks, access controls, monitoring and logging, vulnerability and breach detection, incident response, encryption of Your Personal Data while in transit and at rest) to protect against a Personal Data Breach;

b.    Be responsible for the sufficiency of the security, privacy, and confidentiality safeguards of all our personnel with respect to Your Personal Data and liable for any failure by such our personnel to meet the terms of this Contract;

c.    Take reasonable steps to confirm that all our personnel are protecting the security, privacy and confidentiality of Your Personal Data consistent with the requirements of this Contract; and

d.    Notify you of any Personal Data Breach by us or our Subprocessors without undue delay and in any event within 24 hours of becoming aware of a Personal Data Breach or having a reasonable suspicion there has been a Personal Data Breach.


5. AUDIT, CERTIFICATION

5.1    Supervisory Authority Audit.

If a Supervisory Authority requires an audit of the data Processing facilities from which we Process Your Personal Data in order to ascertain or monitor your compliance with Data Protection Requirements, we will cooperate with such audit. You are responsible for all costs and fees related directly to such audit, including all reasonable costs and fees for any and all time we and our service providers reasonably expend for any such audit.


5.2   Audits.

You may audit our compliance with the terms of this Contract during regular business hours, with reasonable advance notice and subject to reasonable confidentiality procedures. You will be responsible for all costs and fees related directly to such audit, including all pre-agreed reasonable costs and fees for any and all time we reasonably expend for any such audit. Before the commencement of any such audit, you and we shall mutually agree upon the scope, timing, and duration of the audit. You shall promptly notify us with information regarding any non-compliance discovered during the course of an audit. You may not audit us more than once annually unless you have reasonable grounds to suspect there has been a breach by us of this Contract.


6. DATA TRANSFERS

6.1 We will not transfer or otherwise process any Personal Data outside of the UK without your prior written consent, unless required to do so by relevant Legislation and in such a case we shall inform you of that legal requirement before Processing, unless that law prohibits such information on important grounds of public interest.

 

6.2 The parties acknowledge and agree that where you give instructions to transfer Your Personal Data outside of the UK, such transfer will not be affected unless and until you are satisfied that adequate safeguards and an adequate level of protection are in place in respect of the Your Personal Data to be transferred in accordance with Data Protection Requirements.

 

6.3 In the event that we intend to carry out Processing of Your Personal Data in a jurisdiction outside of the UK, the parties will be required to put in place adequate safeguards and an adequate level of protection in respect of the Your Personal Data to be transferred in accordance with Data Protection Requirements.

 

7. INDEMNITY

We shall indemnify and hold harmless you and your employees from and against any reasonable damages, costs, expenses (including reasonable court costs and legal fees), fines and other liabilities arising out of or resulting from any third party claims or actions resulting from a breach of the provisions of this Appendix or Data Protection Requirements by us.