Terms and Conditions
BACKGROUND :
B. In these Terms and Conditions we call the provider of employee data a Data Provider, the person seeking verification a Verifier and an individual a Data Subject and each of them will become a User of our Services.
C. Each of Workpass and a User are a “Party” and together “Parties”.
Please note that these Terms and Conditions apply to this Contract to the exclusion of any other terms that the User seeks to impose or incorporate, or which are implied by law, trade custom, practice or course of dealing.
1. INTERPRETATION
1.1 In these Terms and Conditions, unless the context otherwise requires, the following
words and expressions shall have the following meanings
Affiliate
Means in relation to a User any other person that controls or is controlled by or under common control with that User.
API
means the Workpass Application Programming Interface, other developer Services and associated software and documentation that enable the User to integrate access with certain Services and obtain certain Information via the User’s systems.
Applicable Law
means all applicable laws, legislation, statutory instruments, regulations and governmental guidance having binding force whether local, national or international in any relevant jurisdiction and relevant codes of conduct.
Applicant
a Data Subject or Verifier or Data Provider who has applied for an Account with Workpass to use the Website.
Account
an account with Workpass.
Bribery Laws
means the Bribery Act 2010 and all other Applicable Laws, statutory instruments and regulations in relation to the prevention of bribery or corruption and associated guidance published by the Secretary of State for Justice under the Bribery Act 2010.
Business Days
means any day except weekends, bank holidays, public holidays and the period 25th December – 31st December in any calendar year when banks generally are open for non- automated business in England.
Confidential Information
means the Personal Data obtained by Workpass from the User and/or the Applicant in the course of providing the Services and any information relating to a Party or the business, prospective business, technical processes, computer software (both source code and object code), Intellectual Property Rights or finances of a Party, commercial, financial or technical information, or compilations of two or more items of such information whether or not each individual item is itself confidential, coming into the possession of the other Party by virtue or in anticipation of the Contract and which the disclosing Party regards or could reasonably be expected to regard as confidential, whether or not such information is reduced to a tangible form or marked in writing as “confidential” and any and all information which has been or may be derived or obtained from such information.
Consent Code
a unique code generated by a Data Subject on the Website for use by a Verifier when requesting applicable References.
Contract
means the agreement between Workpass and a User for the provision of the Services subject to these Terms and Condition.
Controller
has the meaning set out in the Data Protection Legislation from time to time.
Credits
means payments made by a User on account of future Fees.
DPA
means the UK Data Protection Act 2018.
Data Provider
means the party which has Personal Data and acts as a Controller and is using Workpass to provide References and other Services, as applicable, on its behalf.
Data Protection Legislation
means, as binding on either Party:
A. the GDPR;
B. the UK Data Protection Act 2018;
C. any laws which implement any such laws; and
any laws that replace, extend, re-enact, consolidate or amend any of the foregoing, together with all Applicable Laws in any jurisdiction relating to the Processing or protection of Intellectual Property Rights and privacy.
Data Subject
has the meaning given to that term in Data Protection Legislation from time to time.
Description of Processing
means the description and other particulars of Personal Data Processed by Workpass (and/or Processed on behalf of Workpass or Workpass Related Persons) for which the User is a Controller.
Fees
means the cost notified by Workpass to the User or as agreed from time to time in return for Workpass providing the Services.
GDPR
means Retained Regulation (EU) 2016/679.
Group
means in relation to a party that is a company, that party’s subsidiaries, its ultimate holding company and its subsidiaries as defined in section 1159 Companies Act 2006.
Intellectual Property Rights (IPR)
means copyright, patents, know-how, trade secrets, trademarks, trade names, design rights, rights in get-up, rights in goodwill, rights in Confidential Information, rights to sue for passing off, domain names and all similar rights and
in each case:
- whether registered or not;
- including any applications or right of application to protect or register such rights;
- including all renewals and extensions of such rights or applications;
- whether vested, contingent or future;
- to which the relevant Party is or may be entitled; and in whichever part of the world existing.
MSA Offence
has the meaning given to that term in clause 14.1.1.10 (Modern Slavery).
Personal Data
has the meaning set out in section 1(1) of the DPA.
Person Responsible
the named individual who is responsible for managing an Account with Workpass.
Portal
means the web applications and websites used by the User to access the Services and by Workpass to provide the Services.
Privacy Notice
Workpass’s privacy notice and statement as published by Workpass on its website from time to time.
Processor, Process or Processing
has the meaning given to that term in Data Protection Legislation.
Purpose
means the legitimate reason for obtaining the Reference notified by the Verifier to Workpass when the Verifier ordered the Reference from Workpass.
Reference
means the specific part of the Personal Data about a Data Subject which the Data Provider has instructed Workpass to release to Verifiers in accordance with its internal policies and the Services.
Related Persons
means a member of the Workpass Group or where the User is a company the User’s Group (as applicable) and any of their employees, officers, shareholders, Affiliates, representatives, agents, consultants, contractors, suppliers and advisers.
Sanctioned Person
has the meaning given to that term in clause 15.1.1 (Sanctions Compliance).
Sanctioned Country
has the meaning given to that term in clause 15.1.2 (Sanctions Compliance).
Sanctions
means any economic or trade sanctions or restrictive measures enacted, administered, imposed or enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC), the U.S. Department of State, the United Nations Security Council; and/or the European Union; and/or the French Republic; and/or His Majesty’s Treasury, or any other relevant sanctions authority.
Services
Means:
- the services pursuant to Clause 2 of these Terms and Conditions;
- those generally available services (as detailed on Workpass’s website (www.workpass.co.uk) provided byWorkpass from time to time; and
- any bespoke and non-standard services agreed between Workpass and the User from time to time.
Software
means any computer program and its related documentation owned or licensed by Workpass, which is or will be used by the User, its Group or its Related Persons for the delivery of the Services, including but not limited to the API, Portal, Workpass App, Workpass IPR and Workpass Created IPR.
User
an Applicant who has been accepted by Workpass to use the Website including where appropriate a User’s Related Persons.
User Created IPR
means IPR created by Workpass for the User’s use pursuant to the provision of the Services;
User IPR
VAT
means United Kingdom value added tax or any other tax imposed in substitution for it and equivalent or similar tax imposed outside the United Kingdom.
Verifier
a third party who wants to obtain a Reference about a Data Subject and who has been accepted by Workpass to use the Website.
Website
any application programming interface (API) published andsupported by Workpass or the Internet site operated by Workpass under www.Workpass.co.uk and any other domain name and used to deliver the Services.
Workpass App
means the mobile applications created or licensed by Workpass, which the User may use to access the Services.
Workpass Created IPR
means IPR created by Workpass in the course of providing the Services including but not limited to software, algorithms, databases, know-how, techniques, systems and processes.
Workpass IPR
means the Intellectual Property Rights which are used in connection with the delivery of the Services and are owned by or licensed to Workpass and are, or have been, developed independently of the Contract (whether prior to the Commencement Date or otherwise) including but not limited to the Portal, the Workpass App, the API and Workpass Created IPR.
Workpass Trade Marks
means the word Workpass, the Workpass Logo and the slogan “we make it easier” and any other trademarks owned by Workpass anywhere in the world
1.2 Unless the context otherwise requires:
1.2.1
he headings used in these Terms and Conditions are for convenience only and do not affect the interpretation of the Contract;
1.2.2
references to “clause” or “clauses” refer to clause or clauses of these
Terms and Conditions;
1.2.3
references to “writing” or “written” include any method of reproducing word in a legible and non-transitory form including email and any other means of electronic communication including but not limited to Workpass’s online ordering platform;
1.2.4
a reference to a gender includes each other gender;
1.2.5
words in the singular include the plural and vice versa;
1.2.6
a reference to a “person” includes a natural person, corporate or unincorporated body (in each case whether or not having separate legal personality) and that person’s personal representatives, successors and permitted assigns; and
1.2.7
references to legislation include any modification or re-enactment thereof.
2. SERVICES
2.1
In consideration of payment of the Fees, Workpass will provide the Services subject to these Terms and Conditions
2.2
Workpass shall provide Verifiers on behalf of the Data Provider with the following References:
2.2.1
Basic Reference: means Personal Data about a Data Subject which consists of at least the Data Subject’s identity, confirmation that the Data Subject was employed by the Data Provider and may also include the Data Subject’s position within the Data Provider’s business, the Data Subject’s reason for leaving and other customised information provided by the Data Provider. Basic References will be provided to Verifiers upon their request providing they have confirmed that they have permission from the Data Subject.
2.2.2
Detailed Reference: means Personal Data in addition to the Personal Data included in the Basic Reference which the Data Provider has provided to Workpass and which has been customised by the Data Provider including pay and employment history. Detailed References will be provided to Verifiers upon their request providing they present a valid Consent Code from the Data Subject.
2.2.3
Missing Reference Search: means an additional search where the Verifier has been unable to locate a Basic or Detailed Reference for a Data Subject from a Data Provider and the Data Provider has been asked to carry out a manual search of the Data Provider’s records to find information on the Data Subject.
2.2.4
Regulated Reference: means Personal Data in addition to the Personal Data included in the Basic Reference which the Data Provider has provided to Workpass in a format that is compliant with certain regulated industries. Workpass will set up a separate product type for each regulated industry the Data Provider has to comply with. Regulated References will be provided to Verifiers upon their request providing they present a valid Consent Code from the Data Subject.
2.2.5
The content and type of References Workpass shall provide on behalf of each individual Data Provider will be agreed with them from time to time and displayed on the Website
2.3
Workpass agrees through its Website:
2.3.1
to answer requests from Verifiers by providing References on a named Data Subject for whom Workpass holds Personal Data; and
2.3.2
to provide co-operation and assistance in relation to requests made by a Data Subject to have access to that person’s Personal Data held by Workpass in accordance with the following principles:
(A) to provide each Data Subject with an online account that will allow them, amongst other things, to:
- generate Consent Codes;
- view the name of the Verifiers who have obtained their References, the date the References were obtained and the Purpose;
- request a copy of the References Workpass hold on them; and
- view the name of the Data Providers who have contributed Personal Data on them;
B) Workpass may charge the Data Subject a Fee for a copy of the References Workpass hold on them and for other Services.
2.4
Before a request from Verifiers for References on a named Data Subject for whom Workpass holds Personal Data on behalf of Data Providers can be answered, Verifiers shall obtain permission from the Data Subject to obtain the reference and confirm that they have obtained permission or present a valid Consent Code or both and, if requested, state the Purpose. Where applicable, the decision to request a valid Consent Code can be made by Workpass, the Data Provider or the Data Subject as follows:
2.4.1
a Data Provider can decide that all or some of the Reference types they provide through Workpass require the Verifiers to present a valid Consent Code;
2.4.2
Workpass may stipulate that some Verifiers can only request References of any type if they present a valid Consent Code; and
2.4.3
Workpass may also decide that certain types of References must be requested by a Verifier with a valid Consent Code.
2.5
Workpass may suspend the provision of any Service(s) at any time if (i) the information needed to provide the Service(s) is not provided by the Data Providers for reasons outside of the control of Workpass or (ii) provision of the Service(s) is no longer permitted due to changes in Applicable Law. In these circumstances Workpass will use reasonable endeavours to continue to provide the Services but where it is unable to, Workpass shall promptly notify the User (before suspending the provision of the Services) and shall refund any Fees paid in respect of the Service(s) that it is unable to perform.
2.6
Workpass will provide documentation to assist the User, where appropriate, with use of the Software and where applicable, the integration process with the API. Workpass will provide reasonable assistance on integration but reserves the right to charge (with prior notice) a fee for integration assistance where the support is beyond what Workpass deems as reasonable, subject to the prior written agreement of the User.
3. ACCOUNT MANAGEMENT
3.1
To apply for an Account with Workpass, the Applicant must complete the applicable registration form on the Website. The form must include accurate and verifiable details of the Applicant which is applying for the Account and the nominated Person Responsible (if required).
3.2
The individual who is applying to open an Account with Workpass is promising to Workpass that:
3.2.1
they are either the Data Subject or have the authority of the Data Subject or have the authority of the Data Provider or the Verifier to do so; and
3.2.2
they agree to be the Person Responsible until they or the User have notified Workpass of a change either in writing or through the Website.
3.3
Workpass will review the completed application and, if approved, will confirm the username and password (together the User ID) for the Person Responsible. Once Workpass have issued the User ID the contract between Workpass and the User (Contract) will be formed.
3.4
Only one Account is permitted for each User. This Account must cover the Group where applicable unless approved otherwise by Workpass. The Person Responsible may apply for further User IDs for their Related Persons but is responsible for ensuring that no other Accounts are opened with Workpass in the name of the same User.
3.5
Credits need to be used within a certain time as specified on the Website at the time of purchase of the Credits. When an Account is terminated by Workpass in accordance with Clause 11.1 or 11.2 no refund will be made by Workpass of any unused Credits.
4. RESTRICTIONS ON USE
4.1
In relation to the User’s use of the Services and the Software either during the term of the Contract or at any time afterwards, the User must:
4.1.1
only use them in compliance with all Applicable Laws;
4.1.2
only use them for proper and lawful business purposes and otherwise in accordance with the Contract;
4.1.3
only make backup copies of the Software for their lawful use. The User must take reasonable steps to prevent unauthorised copying of the Software;
4.1.4
not modify, copy, adapt, translate or create derivative works based on the Software or any part of the Services, or attempt to discover any source code or underlying ideas or algorithms or reverse engineer, decompile or disassemble the Software or part of the Services for any purpose;
4.1.5
not attempt to gain, or gain unauthorised access to, or disrupt the integrity or performance of the Services;
4.1.6
not use the Services or the Software to commit, or with the intention to commit any unlawful, fraudulent, dishonest, threatening, invasive or improper behaviour;
4.1.7
not and are not permitted to sub-license, assign, hold on trust or novate the Contract to or on behalf of any person;
4.1.8
provide all cooperation and information reasonably required by Workpass in relation to the Services, including all information and materials reasonably required by Workpass to make the Services available to you. You must ensure that such information is up-to-date and accurate in all material respects;
4.1.9
not use the Software or the Services to build a competitive product or service or copy its features, technology or user interface; and
4.1.10
not act or omit to act in any way that results in damage to Workpass’s business or reputation.
5. SECURITY
The User agrees to follow any reasonable rules and guidelines that apply to the way in which Workpass provides the Services from time to time, provided such rules and guidelines have been provided to the User. Workpass will maintain appropriate technical and organisational security measures and procedures to prevent the User’s ID being accidentally given to or used by unauthorised people.
5.1
The User shall provide Workpass with an accurate list of its Related Persons’ authorised personnel who are permitted to order Services and receive or access the Website. The User is responsible to update Workpass with changes to the list to enable Workpass to add or remove access rights. Workpass will provide to each person on this list with an individual identification referred to as “User ID”. The Customer will ensure that it notifies individuals with a User ID that only the person to whom it is issued is permitted to use the User ID and will ensure that the User ID is notified that he or she is not permitted to transfer the User ID to, or allow usage of the User ID by others.
5.2
The User is responsible for keeping its User IDs confidential and secure. Workpass will not be responsible for any losses arising from unauthorised use of the User IDs, unless Workpass is responsible for the breach. Workpass reserves the right to issue new User IDs at any time.
5.3
The User agrees that it will:
5.3.1
maintain appropriate technical and organisational security measures and procedures to prevent its User IDs being accidentally given to or used by unauthorised people;
5.3.2
inform Workpass as soon as it becomes aware that any third party has found or used any of the User IDs or if any equipment the Customer uses to access the Services or the Software is stolen;
5.3.3
be responsible for any Charges connected to the reissuing of User IDs, unless Workpass is responsible for the User IDs being used by unauthorised people;
5.3.4
not breach or circumvent any security or authentication measures of the Software or Services;
5.3.5
not interfere with or disrupt any part of the Software or Services; and
5.3.6
not use a robot or other automated means to access the Software or Services.
5.4
Workpass may without notice cancel or suspend the User’s use of the User IDs without incurring any liability if either of the following circumstances occurs, namely:
5.4.1
the User fails to comply with any of its security obligations pursuant to clause 5 (Security); or
5.4.2
Workpass is advised or becomes aware of any unauthorised or improper use of the User’s User IDs (either by the User or by any third party) or that any equipment the Customer uses to access the Software or Services has been stolen; and
5.4.3
either of those circumstances may in Workpass’s reasonable opinion have a detrimental or potentially detrimental effect on Workpass’s business. Workpass may choose not to suspend the User’s use of the User IDs, or may reinstate it if the User demonstrates to the reasonable satisfaction of Workpass that the User has rectified the issue. Workpass reserves the right to charge if Workpass agrees to re-activate an Account which has been suspended.
5.5
Workpass undertakes to issue the User with new User IDs as soon as possible provided that the User is not in breach of the provisions of the Contract.
5.6
Workpass will take instructions from the Person Responsible by email or phone.
5.7
In the event of any breach or attempted breach of security, either Party shall take reasonable steps to prevent a recurrence thereof and to mitigate the effects of such breach. Workpass shall be entitled to fully investigate such breach and the User shall cooperate with Workpass with such investigation or audit.
6. INSURANCE
6.1
The User acknowledges that Workpass is reliant on the User for direction as to the extent to which Workpass is entitled to use and process Personal Data. Consequently, Workpass will not be liable for any claim brought by a Data Subject arising from any action or omission by Workpass, to the extent that such action or omission resulted directly from or is implied by the User’s instruction.
6.2
Workpass shall at its own cost have in place sufficient contracts of insurance with reputable and solvent insurers to cover its obligations under the Contrac
7. LIABILITY
7.1
Workpass shall use all reasonable skill and care to provide the Services.
7.2
The User hereby acknowledges that Workpass cannot guarantee that the Personal Data provided pursuant to the Services is absolutely accurate, up-to-date, error free or comprehensive in breadth or depth as this depends on the accuracy of the data provided to Workpass. Workpass does and will have in place appropriate quality procedures designed to ensure at all times the accuracy (to the extent reasonably possible) of the Services.
7.3
Without prejudice to Clause 7.4, each Party will not be liable to the other Party, whether such liability arises in tort (including negligence), breach of contract, or in any other way for:
7.3.1
loss of actual or anticipated profit;
7.3.2
loss of use or corruption of software, data or information;
7.3.3
loss or damage to goodwill;
7.3.4
loss of business or loss of business use, including but not limited to loss of sales;
7.3.5
loss of agreements or contracts;
7.3.6
loss of anticipated savings;
7.3.7
losses arising from enforcement action by regulators, including any fines;
7.3.8
loss of opportunity; or
7.3.9
any consequential, indirect, incidental or special losses.
7.4
Subject to Clauses 7.4 and 7.5, each Party’s total liability to the other Party in any one (1) year (starting on the Commencement Date and each anniversary thereof) for all claims for negligence, breach of contract, or another liability or obligation is limited to one thousand Pounds Sterling (£1,000) or the Fees paid by User in that year, whichever is the higher.
7.5
Subject to Clauses 7.4 and 7.5, each Party’s total liability to the other Party in any one (1) year (starting on the Commencement Date and each anniversary thereof) for all claims for negligence, breach of contract, or another liability or obligation is limited to one thousand Pounds Sterling (£1,000) or the Fees paid by User in that year, whichever is the higher.
7.6
To the extent permitted by law, Workpass excludes all representations, guarantees or conditions that:
7.6.1
the Services are fit for a particular purpose; or
7.6.2
the Services will meet the User’s requirements.
7.7
Nothing contained in the Contract will operate to exclude or limit loss or damage in any way in respect of the following:
7.7.1
liability for death or personal injury arising out of Workpass’s negligence;
7.7.2
liability for fraud or fraudulent misrepresentation; or
7.7.3
any other losses that cannot be excluded or limited by Applicable Law.
8. INTELLECTUAL PROPERTY
8.1
Workpass is the absolute, legal and beneficial owner of Workpass IPR. All IPR in Workpass IPR shall at all times be and remain the exclusive property of Workpass or its third party licensors.
8.2
The User is the absolute, legal and beneficial owner of the User IPR and User Created IPR. All IPR in the User IPR and the User Created IPR shall at all times be and remain the exclusive property of the User.
8.3
Workpass grants Users a non-exclusive licence to use the Workpass Trade Marks in relation to the Services in any publications subject to the following conditions:
8.3.1
the User shall use the Workpass IPR for the purposes of obtaining the benefit of the Services provided by Workpass pursuant to these Term and Conditions and in so doing agrees to use the Workpass IPR in the form approved by Workpass;
8.3.2
the User shall make use of the Workpass Trade Marks only for the purposes licensed under the Contract and, in particular, shall not use any of the Workpass Trade Marks in any way which would tend to allow it to become generic, lose its distinctiveness, become liable to mislead the public, or be materially detrimental to or inconsistent with the good name, goodwill, reputation and image of Workpass;
8.3.3
the User shall not, by virtue of the Contract, obtain or claim any right, title or interest in or to any of the Workpass Trade Marks except the rights of use as are specifically set out in these Terns and Conditions, and hereby acknowledge and agree that the benefit of all such use shall at all times belong to Workpass;
8.3.4
the User shall not adopt or use any trade mark, symbol or device which incorporates or is confusingly similar to, or is a simulation or colourable imitation of any of the Workpass Trade Marks, or unfairly competes with any of the Workpass Trade Marks;
8.3.5
if the User learns of any infringement or threatened infringement of any of the Workpass Trade Marks or of any action detrimental to any of the Workpass Trade Marks or of any third party allegation that any of the Workpass Trade Marks is liable to cause deception or confusion to the public, the User shall forthwith and without delay inform
Workpass giving full particulars of such circumstances; and
8.3.6
upon the termination of the Contract, all rights licensed to the User under these Terms and Conditions shall cease and the User shall have no further right to use the Workpass Trade Marks.
9. CONFIDENTIALITY
9.1
Each Party shall protect, treat secret and confidential the Confidential Information of the other Party, using at least the same degree of care as it takes to preserve and safeguard its own Confidential Information of a similar nature and in any event at least a reasonable degree of care.
9.2
Confidential Information may be disclosed by the receiving Party to its Related Persons on a “need to know” basis in order to provide or receive the Services (as applicable), provided that the recipient is bound in writing to maintain the confidentiality of the Confidential Information received.
9.3
The obligations set out in this clause 9 (Confidentiality) shall not apply to Confidential Information which the receiving Party can demonstrate:
9.3.1
is or has become publicly known other than through a breach of this clause 9 (Confidentiality);
9.3.2
was in possession of the receiving Party prior to disclosure by the other Party;
9.3.3
was received by the receiving Party from an independent third party who has full right to the disclosure;
9.3.4
was independently developed by the receiving Party; or
9.3.5
was required to be disclosed by a governmental authority, stock exchange or regulatory body, provided that, where permitted by Applicable Law, the Party subject to such requirement to disclose gives the other Party prompt written notice of the requirement.
9.4
The obligations of confidentiality in this clause 9 (Confidentiality) shall not be affected by the expiry or termination of the Contract.
9.5
Each Party undertakes not to use the Confidential Information for any other purpose except for the purpose of providing or receiving the Services and as authorised by these Terms and Conditions.
9.6
The User will not publish or release any benchmarking or performance data applicable to the Services.
10. USER OBLIGATIONS
At the User’s cost and expense, the User agrees to co-operate with Workpass and provide Workpass with such reasonable information and assistance as may be required in order for Workpass to perform its obligations in relation to the Services.
10.2
The User agrees to comply with its obligations under the Contract. Workpass will endeavour to bring to the User’s attention any changes to the Contract which are relevant to the Services provided to the User. The User shall be bound by those changes to the Contract by continuing to buy Services from Workpass after notification of such changes.
11. TERMINATION
11.1
Without prejudice to any other rights or remedies which the parties may have, the Contract may be terminated with immediate effect by either Party giving the other Party notice in writing in the event that the other Party:
11.1.1
is in material breach of the Contract including these Terms and Conditions and the breach cannot be remedied; or
11.1.2
is in material breach of the Contract including these Terms and Conditions and the breach is capable of remedy but has not been remedied within thirty (30) calendar days of notification of the breach; or
11.1.3
the User has failed to pay any amount due under the Contract on the due date and such amount remains unpaid for one hundred and twenty (120) days after Workpass has given notification that the payment is overdue.
11.2
Either Party may terminate the Contract at any time by giving notice in writing to the other Party if the other Party:
11.2.1
stops carrying on all or a significant part of its business, or indicates in any way that it intends to do so;
11.2.2
is unable to pay its debts either within the meaning of section 123 of the Insolvency Act 1986 or if Workpass reasonably believes that to be the case;
11.2.3
becomes the subject of a company voluntary arrangement under the Insolvency Act 1986;
11.2.4
has a receiver, manager, administrator or administrative receiver appointed over all or any part of its undertaking, assets or income;
11.2.5
has a resolution passed for its winding up;
11.2.6
has a petition presented to any court for its winding up or an application is made for an administration order or any winding-up or administration order is made against it;
11.2.7
is subject to any procedure for the taking control of its goods that is not withdrawn or discharged within seven (7) days of that procedure being commenced;
11.2.8
has a freezing order made against it;
11.2.9
is subject to any recovery or attempted recovery of items supplied to it by a supplier retaining title in those items;
11.2.10
any representations or warranties made by the other Party prove to be inaccurate or false;
11.2.11
the other Party breaches any Applicable Law; or
11.2.12
either Party doing anything that may bring the other Party into serious disrepute.
11.3
Terminating the Contract will not affect any rights accrued to either Party prior to termination or any part of these Terms and Conditions that will continue to apply notwithstanding termination.
11.4
On termination or expiry of the Contract:
11.4.1
Each party will return to the other party any materials or data relating to the Services which are not owned by or no longer licensed to the party in possession of the materials or data;
11.4.2
Workpass shall cease providing the Services;
11.4.3
all accrued rights and liabilities of the parties in existence at the time of termination shall continue; and
11.4.4
any clauses of these Terms and Conditions that by their nature extend beyond the termination of the Contract shall remain in effect until fulfilled, and apply to both parties’ respective successors and assigns.
11.5
Without affecting any other right or remedy under these Terms and Conditions, the Contract may be terminated:
11.5.1
by the Data Provider at any time upon not less than 6 months’ prior written notice to Workpass;
11.5.2
by the Verifier at any time upon not less than 30 days’ prior written notice to Workpass.
11.6
Without affecting any other right or remedy under these Terms and Conditions, the contract between the Data Subject and Workpass shall terminate automatically once Workpass ceases to process the personal data concerning the Data Subject provided by a Data Provider.
12. LEGAL COMPLIANCE
12.1
Each Party shall at all times comply with and shall procure that its Related Persons at all times comply with all Applicable Laws in the performance of its obligations under the Contract.
12.2
Each Party shall not do or permit anything to be done which might cause or otherwise result in a breach of Applicable Law by the other Party and/or its Related Persons.
13. ANTI-BRIBERY
13.1
For the purposes of this clause 13, the expressions “adequate procedures” and “associated with” shall be construed in accordance with the Bribery Act 2010 and legislation or guidance published under it.
13.2
Each Party shall comply with applicable Bribery Laws including ensuring that it has in place adequate procedures to prevent bribery and use all reasonable endeavours to ensure that:
13.2.1
all of that Party’s personnel; and
13.2.2
all others associated with that Party; involved in performing the Contract so comply.
13.3
Without limitation to clause 13.2 (Anti-Bribery), neither Party shall make or receive any bribe (as defined in the Bribery Act 2010) or other improper payment or allow any such bribe or improper payment to be made or received on its behalf either in the United Kingdom or elsewhere and shall implement and maintain adequate procedures to ensure that such bribes or improper payments are not made or received directly or indirectly on its behalf.
13.4
Each Party shall immediately notify the other as soon as it becomes aware of a breach or possible breach of any of the requirements in this clause 13 (Anti-Bribery).
14. MODERN SLAVERY
14.1
Workpass undertakes, warrants and represents that:
14.1.1
neither Workpass nor any of its Related Persons has:
14.1.1.1
committed an offence under the Modern Slavery Act 2015 (an “MSA Offence”); or
14.1.1.2
been notified that it is subject to an investigation relating to an alleged MSA Offence or prosecution under the Modern Slavery Act 2015; or
14.1.1.3
is aware of any circumstances within its supply chain that could give rise to an investigation relating to an alleged MSA Offence or prosecution under the Modern Slavery Act 2015;
14.1.2
it shall comply with the Modern Slavery Act 2015; and
14.1.3
it shall notify the User immediately in writing if it becomes aware or has reason to believe that it has breached or potentially breached any of its obligations under clause 14 (Modern Slavery). Such notice to set out full details of the circumstances concerning the breach or potential breach of Workpass’s obligations.
15. SANCTIONS COMPLIANCE
15.1
Workpass warrants and represents that it and each of its direct or indirect beneficial owners or shareholders and/or any other person acting on behalf of Workpass, is not or is not owned or controlled by an individual or entity that is:
15.1.1
the target of any Sanctions (a “Sanctioned Person”); or
15.1.2
located, organised or resident in a country or territory that is or whose government is the subject of Sanctions broadly prohibiting dealings with such government, country or territory (a “Sanctioned Country”).
15.2
Any breach by Workpass of this clause 15 (Sanctions Compliance) shall be deemed to be a material breach of the Contract not capable of remedy.
16. DATA PROTECTION
16.1
Each Party shall be responsible for its own compliance obligations imposed by the Data Protection Legislation.
16.2
The Parties acknowledge that Workpass shall act as a Processor in respect of all Processing of Personal Data pursuant to the provision of the Services under the Contract. The Data Provider and Verifier shall act Controllers in respect of Personal Data Processed by Workpass. If this analysis is subsequently determined by a competent body in a manner inconsistent with this view, this clause shall not apply.
16.3
Processing and Transfer of Data – Article 28(3)(a) GDPR (Unless Stated Otherwise)
Subject to this clause 16 (Data Protection), in respect of any Personal Data which Workpass Processes as a Processor in relation to the Services, Workpass shall (and shall procure that all Workpass Related Persons shall):
16.3.1
only Process that Personal Data for the purposes of supplying the Services (except to the extent the laws of the UK require Workpass to do otherwise) and at all times in accordance with the User’s documented instructions from time to time and the Description of Processing;
16.3.2
not transfer or otherwise directly or indirectly disclose or make available any Personal Data to (or access those data from) any location outside the UK or the European Economic Area (“EEA”) except where one or more of the following applies:
16.3.2.1
Workpass has in place with the non-UK/non-EEA receiving entity an international data transfer agreement or the international data transfer addendum to the European Commission’s standard contractual clauses for international data transfers as amended or replaced in either case by the Information Commissioner’s Office from time to time;
16.3.2.2
the transfer is to a non-UK country that is deemed to have an adequate level of protection from time to time by the Information Commissioner’s Office;
16.3.2.3
there is an approved code of conduct in place by an association or other body representing the Controller or Workpass that applies to the non-UK/non-EEA territory or territories to which the Personal Data is to be transferred;
16.3.2.4
the transfer is necessary for the implementation of pre-contractual measures taken at the Data Subject’s request (Article 49(1)((b));
16.3.3
on the expiry or termination of the Contract at the User’s option, either return at the User’s cost all of the Personal Data and Confidential Information (and copies of it) or securely dispose of the Personal Data and Confidential Information. If the User insists on deletion, Workpass shall agree to the deletion on condition that the User irrevocably waives and foregoes any right to complain to Workpass about the Services or Fee associated with the deleted Personal Data and Confidential Information; and
16.3.4
comply with all Data Protection Legislation imposed on Workpass as Processor that is relevant to the Processing of Personal Data under the provision of the Services to the User. Workpass shall inform the User in writing if in Workpass’s opinion, any instruction provided by the User in relation to the Processing of Personal Data will or is likely to breach any Data Protection Legislation.
16.4
Workpass Personnel – Article 28(3)(b) GDPR
Subject to this clause 16 (Data Protection) in respect of any Personal Data which Workpass Processes as a Processor in relation to the Services, Workpass shall (and shall procure that all Workpass Personnel shall):
16.4.1
ensure that access to the Personal Data is limited to those of the Workpass Personnel or Sub-contractors who need access to them to supply the Services and only in accordance with the terms of these Terms and Conditions (Article 28(3)(b) GDPR);
16.4.2
ensure that all Workpass Personnel and Sub-contractors are informed of the confidential nature of the Personal Data and are always subject to enforceable obligations of confidentiality by Workpass in relation to Personal Data (Article 28(3)(b) GDPR); and
16.4.3
ensure that all Workpass Personnel and Sub-contractors are assessed by Workpass to ensure their reliability (Article 28(3)(b) GDPR).
16.5
Description of Processing – Article 28(1) GDPR
The Data Provider shall regularly review and maintain a Description of Processing to ensure that it is up to date at all times and that it accurately and fully reflects the Data Provider’s instructions and Processing of Personal Data in relation to all Services. For the avoidance of doubt, if the nature of the Processing under the Contract changes in such a way as to change the scope of the Services, the costs for the Services shall change accordingly.
16.6
Security – Technical and Organisational Measures – Articles 28(3)(c) and 32 GDPR
Taking into account the state of technical development and the nature of Processing, Workpass shall implement appropriate technical and organisational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration or damage and unauthorised disclosure, access, use, removal, copying, modification or other misuse.
16.7
Data Subject Rights – Articles 28(3)(e) and 33 GDPR
16.7.1
Subject to this clause 16 (Data Protection), in respect of any Personal Data which Workpass Processes as a Processor in relation to the Services, Workpass shall (and shall procure that all Workpass Personnel shall) notify the Data Provider without undue delay in writing of any notices received by it from Data Subjects or any competent supervisory authority relating to the Processing of Personal Data, including any requests, complaints or correspondence and provide such information, co-operation and assistance as the Data Provider may require in relation to such notices (at the Data Provider’s cost) including in connection with any approval of any supervisory authority to any Processing of Personal Data or any request, action, notice or investigation by such supervisory authority. For the avoidance of doubt, in no event shall Workpass or any of Workpass Personnel respond directly to any such notices without the Data Provider’s prior written consent unless and to the extent required by law.
16.7.2
Workpass shall, taking into account the nature of the Processing, assist the Data Provider (by appropriate technical and organisational measures and at the Data Provider’s cost where such measures fall outside the scope of the Services) insofar as this is possible, in relation to any request from any Data Subject for access, rectification or erasure of Personal Data or any objection to Processing.
16.8
Data Security, Breach Reporting and DPIAs – Articles 28(3)(f), 32, 33, 35 and 36 GDPR
16.8.1
Workpass shall notify the User without undue delay and in writing if any Personal Data has been disclosed in breach of these Terms and Conditions (Article 33 GDPR).
16.8.2
Workpass shall notify the User without undue delay if it becomes aware of a breach of security of Personal Data, such notices shall include full and complete details relating to such breach (Article 33(2) GDPR).
16.8.3
Workpass shall provide such assistance (at the Data Provider’s cost) as the Data Provider may reasonably require in relation to (a) the need to undertake a data protection impact assessment as such term is defined in the Data Protection Legislation in accordance with Data Protection Legislation and (b) any approval of the Information Commissioner’s Office or other data protection supervisory authority to any Processing of Personal Data (Articles 35 and 36 GDPR).
16.8.4
Workpass undertakes to not take any steps in relation to a data breach, including but not limited to contacting any Data Subject except in accordance with clause 16.8 (Data Security, Breach Reporting and DPIAs).
16.9
Audit – Article 28(3)(h) GDPR
16.9.1
At the Data Provider’s cost (including without limitation for any fees charged by any auditor appointed by the Data Provider to execute any such audit), Workpass shall allow for an audit (no more than once per annum, unless and to the extent additional audits are required by the Information Commissioner’s Office or other relevant supervisory. authority) by the Data Provider and any auditors appointed by it in order for Workpass to demonstrate its compliance with the Data Protection Legislation. For the purposes of such audit upon reasonable notice, Workpass shall make available to the Data Provider and any appointed auditors all information that the Data Provider deems necessary (acting reasonably) to demonstrate Workpass’s compliance with the Data Protection Legislation. If access is required to Workpass’s premises, such access shall be subject to compliance with Workpass’s relevant policies.
16.9.2
In Workpass’s reasonable opinion, to the extent that it believes that any instruction received by it in accordance with clause 16.9 (Audit) is likely to infringe Data Protection Legislation or any other Applicable Law, Workpass shall promptly inform the Data Provider and shall be entitled to withhold its permission for such audit and/or perform the relevant obligations under the Contract until the Data Provider amends its instruction so as not to be infringing.
16.9.3
With respect to the Data Provider’s rights under clause 16.9.1(Audit):
16.9.3.1
the Data Provider must provide at least thirty (30) Business Days’ prior written notice of its need to conduct an audit (unless a shorter timeframe is mandated by the Data Provider’s competent supervisory authority) and the Parties shall mutually cooperate in good faith to establish an audit date. Workpass will contribute to such audits by providing the Data Provider or the Data Provider’s competent supervisory authority with the information and assistance reasonably necessary to conduct the audit, including any relevant records of Processing activities applicable to the Services;
16.9.3.2
the Data Provider must provide at least thirty (30) Business Days’ prior written notice of its need to conduct an audit (unless a shorter timeframe is mandated by the Data Provider’s competent supervisory authority) and the Parties shall mutually cooperate in good faith to establish an audit date. Workpass will contribute to such audits by providing the Data Provider or the Data Provider’s competent supervisory authority with the information and assistance reasonably necessary to conduct the audit, including any relevant records of Processing activities applicable to the Services;
16.9.3.3
the audit is conducted during regular business hours at the applicable facility and in accordance with Workpass’s health and safety policies and may not unreasonably interfere with Workpass’s business activities;
16.9.3.4
the Data Provider will notify Workpass of any non-compliance discovered during the course of an audit and provide Workpass with any audit reports generated in connection with any audit under this clause, unless prohibited by the GDPR, other applicable Data Protection Legislation or otherwise instructed by a competent supervisory authority. The Data Provider may use the audit reports only for the purposes of meeting the Data Provider’s regulatory audit requirements and/or confirming compliance with the requirements of these Terms and Conditions. The audit reports are Confidential Information of the Parties under the terms of the Contract.
16.10
Data Provider’s Obligations
16.10.1
The obligations and rights of the Data Provider as the applicable Controller of the Personal Data shall be Processed in accordance with these Terms and Conditions are set out in these Terms and Conditions and in Data Protection Legislation. The Data Provider shall ensure that all instructions it issues to Workpass comply with Data Protection Legislation. For the avoidance of doubt, the Data Provider shall be solely responsible for determining the legal basis and conditions for the Processing of Personal Data under the Contract and shall make available to Workpass all information reasonably necessary to demonstrate compliance with its obligations in this clause.
16.10.2
The Data Provider shall indemnify Workpass against all liabilities arising out of or in connection with any breach by the Data Provider of any of the terms of this clause, including all amounts paid or payable by Workpass or any of its Related Persons to a third party, which would not have been paid or payable if the Data Provider’s breach of the Contract had not occurred. To the extent permitted by law, Workpass accepts no liability for any inaccurate Information provided to the Data Provider as part of the Services to the extent such inaccuracy comes from incorrect data provided by the Data Provider, the Data Subjects or any of Workpass’s sources which are not sub- processors for the purpose of the GDPR. Workpass further excludes to the extent permitted by law, all representations, guarantees or conditions that the Services or the Information (or both) are fit for a particular purpose or will meet the Data Provider’s requirements.
16.10.3
Workpass acknowledges that the Data Provider Related Persons may receive and Process Personal Data relating to Workpass personnel in connection with Workpass’s performance and the Data Provider’s and Workpass’s administration or management of the Contract. Workpass acknowledges and agrees that the Data Provider or its Related Persons shall Process such data as part of the Data Provider’s own Processing activities acting as Controller.
17. ANNOUNCEMENTS
17.1
Workpass may with the prior written consent of the Data Provider announce or publicly disclose (whether or not by a press release) any matters concerning the Contract or any case studies arising from the Services, subject to the Data Provider’s prior written approval (to be obtained on a case by case basis).
17.2
The Data Provider grants to Workpass a licence to use the Data Provider’s name and logo on Workpass’s website.
18. FORCE MAJEURE
18.1
If either Party cannot carry out its obligations because of events beyond their control for a period of at least thirty (30) calendar days, the Party that cannot perform its obligations will notify the other Party as soon as it is practical to do so. The defaulting Party’s obligations will be suspended immediately and it must do all it can to rectify the situation as soon as possible.
18.2
Events beyond the control of either Party include the following acts or circumstances which neither Party can prevent, including but not limited to acts of God, epidemics, pandemics, strikes, lockouts or other industrial disturbances, wars, blockades, riots, epidemics, landslides, lightning, earthquakes, fires, storms, civil disturbances and terrorism, governmental regulations and directions.
18.3
Workpass will use all reasonable endeavours to continue to provide the Services but in the event that it is prevented from doing so, the Services may be deferred until such time as Workpass is able to resume performance of the Services.
18.4
If either Party cannot carry out its obligations due to events beyond its control for a period of more than one hundred and eighty (180) days, the other Party will be entitled to terminate the Contract immediately upon written notice.
19. TRANSFERRING RIGHTS
19.1
The Contract between the Parties is binding on the Parties and on the parties’ respective successors and assigns.
19.2
Neither Party may transfer, assign, charge or otherwise dispose of the Contract, or any of its rights or obligations arising under it, without the other Party’s prior written consent.
19.3
Workpass may transfer, assign, charge, sub-contract or otherwise dispose of the Contract, or any of our rights or obligations arising under it, at any time during the term of the Contract.
20. WAIVER AND VARIATION
20.1
If either Party fails to exercise any right or solution available under the Contract, any failure or delay will not prevent either Party from relying on those rights or solutions in the future.
20.2
Unless otherwise expressly permitted by any provision, a variation of the Contract is valid only if it is in writing, making express reference to the Contract and signed by a duly authorised representative of each Party.
21. SEVERANCE
21.1
If a court finds any part of these Terms and Conditions to be invalid, it will be deleted and the rest of the Contract will stay in full force.
21.2
The Contract cancels and supersedes any prior oral or written commitments relating to the Services.
22. LAW
Both Parties agree that the Contract including these Terms and Conditions will be governed by English law. The courts of England will have the exclusive jurisdiction to settle any disagreement that may arise out of, under or in connection with the Contract and these Terms and Conditions.
23. NOTICES
23.1
All notices or other communication given by a Party under the Contract shall be:
23.1.1
in writing and in English;
23.1.2
signed by or on behalf of the Party giving it (except for notices sent by email); and
23.1.3
sent to the relevant Party at the address set out in clause 23.3 (Notices).
23.2
All notices are deemed to have been received:
23.2.1
by hand, on delivery;
23.2.2
by first-class Royal Mail Signed For post, at 9:00am on the second (2nd) Business Day after posting;
23.2.3
by international tracked and signed post, at 9:00am on the third (3rd) Business Day after posting;
23.2.4
by email, on receipt of a delivery email from the correct address or twenty-four (24) hours from delivery if sent to the correct email address and no notice of delivery failure is received.
23.3
Notices and other communications shall be sent to:
Workpass:
User:
Address: Workpass Limited, 5 Franklin Court, Stannard Way, Priory Business Park, Bedford, MK44 3JZ
Address: Workpass shall use such addresses as are provided as part of the online registration process for the purposes of any notices to the User
Email: Workpass shall use such email addresses as are provided as part of the online registration process for the purposes of any
notices to the User
24. RELATIONSHIP
The relationship of Workpass to the User shall be that of an independent contractor and nothing in the Contract is intended to, or should be constructed to create a partnership, agency, joint venture or employment relationship.
25. THIRD PARTY RIGHTS
Only the User and Workpass have legal rights under the Contract. Under the Contract (Rights of Third Parties) Act 1999, no-one else will be able to enforce any part of the Contract.
26. DISPUTE RESOLUTION
26.1
Should a dispute arise relating to the Contract or the Services under it, the Parties shall use reasonable endeavours in good faith to resolve it by a discussion between their duly authorised senior management before legal proceedings are brought.
