ULab Terms and Conditions
This agreement is between ULab Limited, a company incorporated in Scotland (No.SC600573) and having its Registered Office is at C/O Blackadders Llp, 53 Bothwell Street, Glasgow, G2 6TS trading as ULab ("ULab") and you ("the Customer"). This is a Click to Agree Contract from within the Software if the Customer wishes to be bound by these Terms and Conditions. If the Customer does not agree to be bound by these Terms and Conditions, the Customer cannot use the Software.
The contract ("Agreement") between the Customer and ULab will comprise:
- these Terms and Conditions;
- the Privacy Policy; and
PART ONE – SUBSCRIPTION SERVICES
1. Access to the Software
ULab grants to the Customer a non-exclusive, royalty based, non-sublicensable licence to Use and sub-license the Software for the Customer’s internal business purposes for the duration of this Agreement, subject to the following conditions:-
- 1.1. The Software is located on the Platform. ULab has full administrative access rights to the Platform. Users may access the Software, but have no right to administer the Platform or receive a copy of the object code or source code to the Software.
- 1.2. Users must have a reasonable speed Internet connection, and hardware and software that is compatible with the Software, as set out in the Documentation. None of these things are ULab’s responsibility.
- 1.3. ULab may periodically Upgrade and Update the Services, in order to provide Users with a greater, evolving user experience. Some of these changes shall occur automatically, while others may require the Customer to schedule and implement the changes. The changes may also mean that Users need to upgrade their equipment in order to make efficient use of the Software. ULab shall provide the Customer with reasonable notification in advance in this case.
- 1.4. ULab recognises that the Customer may have legitimate business reasons for not Upgrading to a new version of the Software as soon as the version becomes available. However, ULab will not support old versions indefinitely. When an old version used by the Customer is at end-of-life or at ULab’s discretion, ULab may remove the Customer’s access to that version and Upgrade the Customer to a new version.
- 1.5. ULab has all required distribution rights to the Intellectual Property in the Software and the Documentation.
- 1.6. ULab shall be under no liability to the Customer in respect of anything which, apart from this provision, may constitute breach of this Agreement arising by reason of Force Majeure.
2. Conditions of Use
The rights to use the Software provided to the Customer are non-exclusive, non-transferable and are for the Customer's internal business use only. The Customer's right to use the Software is subject to the following conditions:-
the Customer shall not:
- 2.1. Transfer to any other person any of its rights to use the Software;
- 2.2. Sell, license, rent or lease the Software;
- 2.3. Make the Software available to anyone who is not a User;
- 2.4. Create any derivative works based upon the Software or Documentation;
- 2.5. Copy any feature, design or graphic in, or reverse engineer the Software (including without prejudice to the foregoing generality the graphical user interface and menu command hierarchy);
- 2.6. Access the Software (i) in order to build a competitive solution or to assist someone else to build a competitive solution; or (ii) if the User is an employee or contractor of a ULab competitor;
- 2.7. Use the Software in a way that violates any criminal or civil law;
- 2.8. Load test the Software in order to test scalability; or,
- 2.9. Exceed any specified usage limits listed the Documentation.
3. User Content/Security
- 3.1. Users provide all data for use in the Software, and ULab is not obliged to modify or add to User Content except as specified in Clause 4. The Customer is solely responsible for User Content and the accuracy of User Content.
- 3.2. User Content belongs to the Customer or its licensors, and ULab makes no claim to any right of ownership in it.
- 3.3. ULab shall keep User Content confidential in accordance with Clause 14 of this Agreement.
- 3.4. Subject to the terms of Clause 4, ULab shall only be entitled to use User Content strictly as necessary to carry out its obligations under this Agreement, and for no other purpose. However, ULab:
- 3.4.1. may observe and report back to the Customer on the Customer’s usage of the Software, and make recommendations for improved usage of the Software;
- 3.4.2. may identify trends and publish reports on its findings provided the reports include data aggregated from more than one site of the Customer and do not identify the Customer; and,
- 3.4.3. shall use reasonable endeavours to ensure that the data centre containing the User Content complies with ISO 27001.
- 3.5. ULab shall use reasonable endeavours to comply with the principles of the DPA and GDPR in accordance with the Privacy Policy. For the purposes of the GDPR, ULab will be a Data Processor and the Customer will be the Data Controller of User Content.
- 3.6. Sharing of accounts is not permitted unless expressly authorised in writing by ULab. Users must keep account details confidential and Users should not reveal their username or password to any unauthorised third parties. ULab accepts no liability for any losses or damages incurred as a result of account details being shared in breach of the terms of this Agreement. It is recommended that Users do not save account details in their internet browser.
- 3.7. Passwords must be robust and difficult to break.
- 3.8. Industry Best Practice security recommendations should be implemented at all times, such as (a) maintaining a recognised Cyber Essentials Certification IT systems such as https://www.cyberessentials.ncsc.gov.uk (b) Always implementing Strong, robust, difficult to break passwords, that are changed on a regular basis (c) that Users do not save account details in their internet browser. (d) Implementing Two Factor authentication at each endpoint.
4. Acceptable Usage Policy
- 4.1. Without prejudice to the generality of Clause 2.7, when using the Software; Users should do so in accordance with the following rules:
- 4.1.1. Users must not use obscene or vulgar language;
- 4.1.2. User Sites may not contain any material that is unlawful or otherwise objectionable (including that which may be in breach of rules, regulations or legislation in force in the United Kingdom or any other jurisdiction in which the Customer’s User Site can be lawfully accessed. This does not extend to material which may be automatically blocked in certain jurisdictions but that is lawful in the Customer’s home country);
- 4.1.3. User Sites may not contain any material that is intended to promote or incite violence or any other unlawful conduct against any group, individual or animal. This includes, but is not limited to, the provision of instructions on how to assemble weapons of any kind, bombs, grenades or other explosive devices;
- 4.1.4. User Sites may not infringe the Intellectual Property rights of any third party including, but not limited to, copyright, trademarks, patents and designs;
- 4.1.5. User Sites may not contain any material that may contain viruses or other software or instructions that may damage or disrupt other software, computer hardware or communications networks;
- 4.1.6. User Sites may not be used for unauthorised mass-communications such as "spam" or "junk mail"; and
- 4.2. ULab does not screen or pre-approve any User Site or User Content (although Users acknowledge that ULab may do so if it wishes).
- 4.3. ULab may edit a User Site to comply with the provisions of sub-Clause 4.1 without prior consultation. In cases of severe breaches of the provisions of sub-Clause 4.1, a User Site may be taken down and the relevant account may be suspended or terminated. The Customer will not be informed in writing of the reasons for such alterations or take downs.
- 4.4. ULab accepts no responsibility or liability for any infringement of third party rights by User Sites.
- 4.5. ULab will not be liable in any way or under any circumstances for any loss or damage that any User may incur as a result of such User Sites, or ULab exercising its rights under this Agreement, nor for any errors or omissions in User Sites. Use of and reliance upon User Sites is entirely at the Customer’s own risk.
- 4.6. The Customer acknowledges that ULab may retain copies of any and all communications, information, User Content and User Sites sent to ULab.
- 4.7. Users must comply with the terms of the DPA and the GDPR at all times.
5. Intellectual Property
- 5.1. Subject to the exceptions in Clause 6 of this Agreement, all Content, that is not User Content, and the Database and the Software and the Documentation are the property of ULab, or ULab’s Affiliates or licensors. By continuing to use the Software the Customer acknowledges that such material is protected by applicable United Kingdom and international Intellectual Property and other laws.
- 5.2. You may print, reproduce, copy, distribute, store or in any other fashion re-use Content from the Software for personal or educational purposes only unless otherwise given ULab's express written permission to do so. Specifically, the Customer agrees that it will not systematically copy Content from the Software with a view to creating or compiling any form of comprehensive collection, compilation, directory or database unless given ULab's express written permission to do so.
- 5.3. In the event that new inventions, designs or processes evolve in performance of or as a result of this Agreement, the Customer acknowledges that the same shall be the property of ULab unless otherwise agreed in writing by ULab.
6. User Site Intellectual Property
- 6.1. The Intellectual Property rights subsisting in the User Content of User Sites belong to the User to which that/those User Site(s) belong(s) unless it is expressly stated otherwise.
- 6.2. Where expressly indicated, certain Content available through User Sites and the Intellectual Property rights subsisting therein belongs to other parties.
- 6.3. The third-party Content described in this Clause 6, unless expressly stated to be so, is not covered by any permission granted by Clause 5 of these Terms and Conditions to use Content.
- 6.4. For the avoidance of doubt, the Database (excluding the User Content therein) shall not be considered User Content.
7. Third Party Intellectual Property
- 7.1. Unless otherwise expressly indicated, all Intellectual Property rights including, but not limited to, Copyright and Trademarks, in Content belong to the manufacturers or distributors of such products as may be applicable.
- 7.2. Subject to Clause 5 the Customer may not reproduce, copy, distribute, store or in any other fashion re-use Content unless otherwise indicated on the Software or the Documentation or unless given express written permission to do so by the relevant manufacturer or supplier.
8 Warranty Disclaimer
Except as expressly provided in this agreement, the software and professional services is provided with no other warranties of any kind, and ULab disclaims all other warranties, express or implied, including without limitation any warranty of merchantability or fitness for a particular purpose. ULab does not warrant that the use of the subscription services shall be uninterrupted or error-free.
9. Limitation of Liability
Neither party shall be liable under this agreement for any indirect, special, incidental, punitive or consequential damages (including without limitation damages for loss of goodwill, work stoppage, computer failure or malfunction, lost or corrupted data, lost profits, lost business or lost opportunity), or any other similar damages under any theory of liability (whether in contract, tort/delict, strict liability or any other theory), even if the other party has been informed of this possibility. The customer assumes all responsibility for the selection of the software and documentation necessary to achieve the customer's intended results, and for the use and results of the software. Each party's total liability for any direct loss, cost, claim for damages of any kind shall not exceed the sum of one thousand pounds (£1,000) sterling. This limitation on liability was and is an express part of the contract between ULab and the customer and was a controlling factor in the setting of the fees payable to ULab. However, there is no limitation on direct loss, claim for damages arising as a result of an infringement of ULab's intellectual property rights by the customer, or a breach of clause 10 of this agreement by the customer, or in connection the customer's indemnification obligations.
ULab's liability under this agreement (except where provided otherwise in this agreement to a lesser extent) shall be limited to the amount of professional indemnity insurance underwritten in the name of ULab which shall be £2,000,000.
10. Confidentiality
- 10.1. The Software and Documentation contain valuable trade secrets that are the sole property of ULab, and the Customer agrees to use reasonable care to prevent third parties (other than Clients) from learning of these trade secrets. The Customer shall take reasonable care to prevent unauthorised access to or duplication of the Software and Documentation. The Customer shall use all reasonable endeavours to ensure that their Clients, employees, agents and independent contractors are bound by the same duty of confidentiality to ULab in terms of this Clause 10.
- 10.2. The User Content may include valuable trade secrets that are the sole property of the Customer and its Clients. ULab shall take reasonable care to prevent third parties from learning of these trade secrets. ULab use reasonable endeavours to ensure that their employees, agents and independent contractors are bound by the same duty of confidentiality to ULab in terms of this Clause 10.
- 10.3. Sections 10.1 and 10.2 do not apply to any information that (i) is now, or subsequently becomes, through no act or failure to act on the part of receiving party (the "Receiver"), generally known or available; (ii) is known by the Receiver at the time of receiving such information, as evidenced by the Receiver’s records; (iii) is subsequently provided to the Receiver by a third party, as a matter of right and without restriction on disclosure; or (iv) is required to be disclosed by law, provided that the party to whom the information belongs is given prior written notice of any such proposed disclosure.
11. Indemnification by the Customer
- 11.1. The Customer shall indemnify and hold harmless ULab, its Affiliates, directors, and employees from any damages finally awarded against ULab (including, without limitation, reasonable costs and legal fees incurred by ULab) arising out of any third party suit, claim or other legal action (including but not limited to any governmental investigations, complaints and actions) in connection with the User Content, including, without limitation, any action for infringement of any trademark, copyright, trade secret, right of publicity or privacy (including defamation), patent or other proprietary right with respect to the User Content ("Legal Claim").
- 11.2 ULab shall give written notice to the Customer of any Legal Claim no later than 30 days after first receiving notice of a Legal Claim and shall give copies to the Customer of all communications, notices and/or other actions relating to the Legal Claim. ULab shall give the Customer the sole control of the defence of any Legal Claim, shall act in accordance with the reasonable instructions of the Customer and shall give the Customer such assistance as the Customer reasonably requests to defend or settle such claim. The Customer shall conduct its defence at all times in a manner which is not adverse to ULab’s interests. ULab may employ its own counsel to assist it with respect to any such claim. ULab shall bear all costs of engaging its own counsel, unless engagement of counsel is necessary because of a conflict of interest with the Customer or its counsel, or because the Customer fails to assume control of the defence. ULab shall not settle or compromise any Legal Claim without the Customer’s express written consent.
12. Logo
- 12.1. Any trade mark, trade name or logo appearing on or in the Software is the property of ULab and must not be copied, obscured or removed from the Software.
13. Miscellaneous
- 13.1. This Agreement represents the entire express agreement of the parties, and supersedes any prior or current agreements or understandings, whether written or oral.
- 13.2. This Agreement may not be changed or any part waived by the Customer except by written agreement between the parties. ULab reserves the right to change the terms of this Agreement from time to time on written notice to the Customer.
- 13.3. This Agreement shall be governed by the laws of Scotland or England and Wales depending on principal place of business of the Customer (excluding its choice of law rules). The parties consent to the exercise of exclusive jurisdiction of the Courts of Scotland or England depending on principal place of business of the Customer for any claim relating to this Agreement.
- 13.4. The Customer shall not assign or otherwise transfer any of its rights or obligations under this Agreement without the prior written consent of ULab.
14. Data Processing
- 14.1. The provisions of this Agreement shall apply to the processing of the Personal Data carried out for the Customer by ULab, and to all Personal Data held by ULab in relation to all such processing whether such Personal Data is held at the date of this Agreement or received afterwards.
- 14.2. This Agreement shall continue in full force and effect for so long as ULab is processing Personal Data on behalf of the Customer.
- 14.3. ULab is only to process the Personal Data received from the Customer:
- 14.3.1. for the purposes of this Agreement and not for any other purpose;
- 14.3.2 to the extent and in such a manner as is necessary for these purposes; and
- 14.3.3. strictly in accordance with the Agreement or otherwise with the express written authorisation and instructions of the Customer (which may be specific instructions or instructions of a general nature or as otherwise notified by the Customer to ULab).
- 14.4. All instructions given by the Customer to ULab shall be made in writing and shall at all times be in compliance with the GDPR and other applicable laws. ULab shall act only on such written instructions from the Customer unless ULab is required by law to do otherwise (as per Article 29 of the GDPR).
- 14.5. ULab shall promptly assist the Customer (where the Customer cannot do this itself via the Software) in complying with a legitimate data subject request to amend, transfer, delete, or otherwise dispose of Personal Data. Where permitted to do so by law, ULab may charge a reasonable fee for providing such assistance.
- 14.6. Both Parties shall comply at all times with the GDPR and other applicable laws and shall not perform their obligations under this Agreement or any other agreement or arrangement between themselves in such way as to cause either party to breach any of its applicable obligations under the GDPR.
- 14.7. The Customer hereby warrants, represents, and undertakes that the Personal Data shall comply with the GDPR in all respects including, but not limited to, its collection, holding, and processing.
- 14.8. ULab agrees to comply with any reasonable measures required by the Customer to ensure that its obligations under this Agreement are satisfactorily performed in accordance with any and all applicable legislation from time to time in force (including, but not limited to, the GDPR) and any best practice guidance issued by the ICO.
- 14.9. ULab shall provide all reasonable assistance (at the Customer's cost) to the Customer in complying with its obligations under the GDPR with respect to the security of processing, the notification of personal data breaches, the conduct of data protection impact assessments, and in dealings with the ICO.
- 14.10. When processing the Personal Data on behalf of the Customer, ULab shall:
- 14.10.1. not process the Personal Data outside the European Economic Area (all EU member states, plus Iceland, Liechtenstein, and Norway) ("EEA") other than the United Kingdom (which shall be permitted) without the prior written consent of the Customer and, where the Customer consents to such a transfer to a country that is outside of the EEA (other than the United Kingdom as aforesaid), to comply with the obligations of Data Processors under the provisions applicable to transfers of Personal Data to third countries set out in Chapter 5 of the GDPR by providing an adequate level of protection to any Personal Data that is transferred;
- 14.10.2. not transfer any of the Personal Data to any third party without the written consent of the Customer and, in the event of such consent, the Personal Data shall be transferred strictly subject to the terms of a suitable agreement, as set out in Clause 14.19;
- 14.10.3. process the Personal Data only to the extent, and in such manner, as is necessary in order to comply with its obligations to the Customer or as may be required by law (in which case, ULab shall inform the Customer of the legal requirement in question before processing the Personal Data for that purpose unless prohibited from doing so by law);
- 14.10.4. implement appropriate technical and organisational measures, and take all steps necessary to protect the Personal Data against unauthorised or unlawful processing, accidental loss, destruction, damage, alteration, or disclosure;
- 14.10.5. make available to the Customer any and all such information as is reasonably required and necessary to demonstrate ULab's compliance with the GDPR; and
- 14.10.6. inform the Customer immediately if it is asked to do anything that infringes the GDPR or any other applicable data protection legislation.
- 14.11. ULab shall, at the Customer's cost, assist the Customer in complying with its obligations under the GDPR. In particular, the following shall apply to data subject access requests, complaints, and data breaches.
- 14.12. ULab shall notify the Customer without undue delay if it receives:
- 14.12.1. a subject access request from a data subject; or
- 14.12.2. any other complaint or request relating to the processing of the Personal Data.
- 14.13. ULab shall, at the Customer’s cost, cooperate fully with the Customer and assist as required in relation to any subject access request, complaint, or other request, including by:
- 14.13.1. providing the Customer with full details of the complaint or request;
- 14.13.2. providing the necessary information and assistance in order to comply with a subject access request;
- 14.13.3. providing the Customer with any Personal Data it holds in relation to a data subject (within the timescales required by the Customer); and
- 14.13.4. providing the Customer with any other information requested by the Customer.
- 14.14. ULab shall notify the Customer immediately if it becomes aware of any form of Personal Data breach, including any unauthorised or unlawful processing, loss of, damage to, or destruction of any of the Personal Data.
- 14.15. The Customer shall be liable for, and shall indemnify (and keep indemnified) ULab in respect of any and all action, proceeding, liability, cost, claim, loss, expense (including reasonable legal fees and payments on a solicitor and client basis), or demand suffered or incurred by, awarded against, or agreed to be paid by, ULab and any Sub-Processor arising directly or in connection with:
- 14.15.1. any non-compliance by the Customer with the GDPR or other applicable legislation;
- 14.15.2. any Personal Data processing carried out by ULab or Sub-Processor in accordance with instructions given by the Customer that infringe the GDPR or other applicable legislation; or
- 14.15.3. any breach by the Customer of its obligations under this Agreement, except to the extent that ULab or Sub-Processor is liable under sub-Clause 14.16.
- 14.16. ULab shall be liable for, and shall indemnify (and keep indemnified) the Customer in respect of any and all action, proceeding, liability, cost, claim, loss, expense (including reasonable legal fees and payments on a solicitor and client basis), or demand suffered or incurred by, awarded against, or agreed to be paid by, the Customer arising directly or in connection with ULab’s Personal Data processing activities that are subject to this Agreement:
- 14.16.1. only to the extent that the same results from ULab's or a Sub-Processor's breach of this Agreement; and
- 14.16.2. not to the extent that the same is or are contributed to by any breach of this Agreement by the Customer.
- 14.17. The Customer shall not be entitled to claim back from ULab or a Sub-Processor any sums paid in compensation by the Customer in respect of any damage to the extent that the Customer is liable to indemnify ULab or Sub-Processor under sub-Clause 14.15.
- 14.18. Nothing in this Agreement (and in particular, this Clause 14) shall relieve either party of, or otherwise affect, the liability of either party to any data subject, or for any other breach of that party's direct obligations under the GDPR. Furthermore, ULab hereby acknowledges that it shall remain subject to the authority of the ICO and shall co-operate fully therewith, as required, and that failure to comply with its obligations as a data processor under the GDPR may render it subject to the fines, penalties, and compensation requirements set out in the GDPR.
- 14.19. In the event that ULab appoints a Sub-Processor, ULab shall:
- 14.19.1. enter into a Sub-Processing Agreement with the Sub-Processor which shall impose upon the Sub-Processor the same or similar obligations as are imposed upon ULab by this Agreement; and
- 14.19.2. ensure that the Sub-Processor complies fully with its obligations under the Sub-Processing Agreement and the GDPR.
15. Data Sharing
- 15.1.In certain circumstances, ULab and a Customer may require to share data which includes Personal Data for example to improve and enhance User experience and (2) to perform and/or improve the Services and (3) to obtain relevant marketing, demographic, clinical and other appropriate information from ULab.
- 15.2. The parties shall not process the Shared Personal Data for any purpose or in any way that is incompatible with the Stated Purposes.
- 15.3. The Shared Personal Data shall be disclosed by one party to another only to the extent reasonably necessary for the Stated Purposes.
- 15.4. Each party shall appoint a data protection officer and/or at least one other of its representatives as a point of contact for all issues relating to the sharing of the Shared Personal Data and the GDPR (including, but not limited to, compliance, training, and the handling of Personal Data breaches).
- 15.5. Both parties shall at all times during the Term comply with their obligations as Data Controllers, the rights of data subjects, and all other applicable requirements under the GDPR. These Terms and Conditions are in addition to, and do not relieve, remove, or replace either party’s obligations under the GDPR. Any material breach of the GDPR by either party shall, if not remedied within 14 days of written notice from the other party, give the other party grounds to terminate this Agreement with immediate effect.
- 15.6. The extent of the Shared Personal Data, including any applicable restrictions relating to will be agreed between the parties and set out in writing.
- 15.7. Each party shall ensure that the Shared Personal Data is accurate and up-to-date prior to its disclosure to the other party.
- 15.8. The parties shall use compatible technology for the processing of the Shared Personal Data in order to preserve accuracy.
- 15.9. Both parties shall at all times during the Term process the Shared Personal Data fairly and lawfully.
- 15.10. Both parties shall ensure that they have legitimate grounds for processing the Shared Personal Data under the GDPR.
- 15.11. Both parties shall ensure that they have in place all required notices and consents in order to enable the sharing of the Shared Personal Data under this Agreement. In particular, the parties shall ensure that data subjects are provided with clear and sufficient information about the following:
- 15.11.1. the purposes for which their Personal Data is to be processed;
- 15.11.2. the legal basis upon which it is relying for such purposes;
- 15.11.3. the fact that their Personal Data is to be transferred to a third party and sufficient detail about the transfer to enable the data subject to understand the purpose of the transfer and any risks associated therewith; and
- 15.11.4. in the event that their Personal Data is to be transferred outside of the United Kingdom or EEA, the fact that such a transfer is to take place and sufficient detail about the transfer to enable the data subject to understand the purpose of the transfer and any risks associated therewith; and
- 15.11.5. all other information required under Article 13 of the GDPR.
- 15.12. The parties shall assist one another in complying with their respective obligations and the rights of data subjects under the GDPR. Such assistance shall include, but not be limited to:
- 15.12.1. consulting with the other party with respect to information and notices provided to data subjects relating to the Shared Personal Data;
- 15.12.2. informing the other party about the receipt of data subject access requests and providing reasonable assistance in complying with the same;
- 15.12.3. not disclosing or otherwise releasing any Shared Personal Data in response to a data subject access request without prior consultation with the other party, whenever reasonably possible;
- 15.12.4. assisting the other party at the cost of the other party in responding to any other data subject request.
- 15.13. Each party shall maintain records of all data subject requests received, the decisions made in response, and any information provided to the data subject(s) concerned. Such records shall include copies of the request, details of any data accessed and shared, and, if applicable, details of any further correspondence, telephone conversations, or meetings relating to the request.
- 15.14. Each party shall hold and process the Shared Personal Data only for so long as is necessary for the fulfilment of the Stated Purposes.
- 15.15. In the event that any statutory or similar retention periods apply to any of the Shared Personal Data, the relevant Personal Data shall be retained by the relevant party in accordance therewith.
- 15.16. The parties shall delete (or otherwise dispose of) or at a party's option anonymise the Shared Personal Data (or the relevant part thereof) and any and all copies thereof or, on the written request of the other party, other than in the case of anonymised data, return it to the other disclosing party, subject to any legal requirement to retain any applicable Personal Data, in the following circumstances:
- 15.16.1. upon the termination or expiry of this Agreement; or
- 15.16.2. once the Stated Purposes have been fulfilled and it is no longer necessary to retain the Shared Personal Data (or the relevant part thereof) in light of the Stated Purposes;
whichever is earlier.
- 15.17. All Shared Personal Data to be deleted or disposed of or anonymised under this Agreement shall be deleted or disposed of using methods compliant with the GDPR.
- 15.18. Following the deletion and/or disposal or anonymisation of the Shared Personal Data (as applicable), the party deleting or disposing of the data shall notify the other party of the same in writing, confirming that the Shared Personal Data has been deleted or disposed of or anonymised using methods compliant with the GDPR.
- 15.19. For the purposes of this Clause the transfer of Shared Personal Data shall refer to any sharing of the Shared Personal Data by a party with a third party. Such sharing shall include, but not be limited to, the appointment of a third-party Data Processor and sharing the Shared Personal Data with a third-party Data Controller.
- 15.20. In the event that a party wishes to appoint a third-party Data Processor, it shall remain liable to the other party for any acts and/or omissions of the third-party processor and it shall comply with Articles 28 and 30 of the GDPR.
- 15.21. Neither party shall transfer any of the Shared Personal Data outside of the United Kingdom or EEA unless:
- 15.21.1. that party complies with the provisions of Article 26 of the GDPR (where the third party is a joint controller); and
- 15.21.2. that party ensures that the transfer is to a country that the European Commission has determined (by means of an adequacy decision) offers an adequate level of data protection, pursuant to Article 45 of the GDPR; there are appropriate safeguards in place pursuant to Article 46 of the GDPR; or one of the derogations for specific situations set out in Article 49 of the GDPR applies.
- 15.22. A party shall transfer the Shared Personal Data to the other party using methods compliant with the GDPR.
- 15.23. Both parties shall ensure that they have in place appropriate technical and organisational measures as reviewed and approved by the other party, to protect against the unauthorised or unlawful processing of, and against the accidental loss or destruction of, or damage to, the Shared Personal Data, having regard to the state of technological development and the cost of implementing any such measures.
- 15.24. When putting appropriate technical and organisational measures in place, both parties shall ensure a level of security appropriate to the nature of the Shared Personal Data which is to be protected, and to the potential harm resulting from the unauthorised or unlawful processing of, the accidental loss or destruction of, or damage to, the Shared Personal Data.
- 15.25. All technical and organisational measures put in place by both parties shall be reviewed regularly by the respective party, updating such measures upon the agreement of the other party as appropriate throughout the Term of this Agreement.
- 15.26. Both parties shall ensure that any and all of their representatives by whom the Shared Personal Data is to be handled and processed are appropriately trained to do so in accordance with the GDPR and with the requisite technical and organisational measures.
- 15.27. The parties shall further ensure that any of their respective representatives to whom the Shared Personal Data is to be disclosed are subject to contractual obligations in relation to confidentiality and data protection that bind those Representatives and that are same as the obligations imposed upon the parties by this Agreement.
- 15.28. In the event of a dispute or claim brought by a data subject or the ICO concerning the processing of Shared Personal Data against either or both parties, the parties will inform each other about any such disputes or claims, and will cooperate with a view to settling them amicably in a timely fashion.
- 15.29. The parties agree to respond to any generally available non-binding mediation procedure initiated by a data subject or by the supervisory authority. If they do participate in the proceedings, the parties may elect to do so remotely (such as by telephone or other electronic means). The parties also agree to consider participating in any other arbitration, mediation, or other dispute resolution proceedings developed for data protection disputes.
16. Feedback and Modifications
- 16.1. The Customer hereby acknowledges that upon submitting Feedback to ULab, the Customer automatically grants to ULab a worldwide, perpetual, irrevocable, royalty free licence to use that Feedback in any way ULab deems appropriate including, but not limited to:
- 16.1.1. The use, publication, distribution, transmission, broadcasting, licensing, sub-licensing, leasing, lending and sale of the Feedback; and 16.1.2. The creation, use, publication, distribution, transmission, broadcasting, licensing, sub-licensing, leasing, lending and sale of any derivative works based upon the Feedback.
- 16.2. ULab's use of the Feedback shall not bestow any rights or interests upon the Customer whatsoever.
- 16.3. The Customer hereby acknowledges that any modifications made to the Software at the request or suggestion of the Customer will belong to and be the Intellectual Property of ULab.
PART TWO – DEFINITIONS
17. Glossary
- 17.1. "Affiliate" means an entity which controls, is controlled by, or is under common control with, a party, and control means the ability to vote 50% or more of the voting securities of any entity or otherwise having the ability to influence and direct the polices and direction of an entity;
- 17.2. "Client" means a company, individual, partnership, Affiliate or other legal person which has entered into a contract or contracts with the Customer to purchase or lease or use the Software and/or the Professional Services or any part of them respectively in terms of an Order Form and this Agreement;
- 17.3. "Content" means any text, graphics, images, audio, video, software, data compilations including, but not limited to, text, graphics, logos, icons, sound clips, video clips, data compilations, page layout, underlying code and software and any other form of information capable of being stored in a computer that appears on, is uploaded to or forms part of the Software or the Platform; BUT excluding User Content;
- 17.4. "Database" means the database stored on the Platform which contains interalia User Content;
- 17.5 "Data Controller", "Data Processor", "Personal Data" "processing" and "data subject" shall have the meanings ascribed to them in the GDPR;
- 17.6. "DPA" means the Data Protection Act 2018 and any modification, amendment or re-enactment thereof;
- 17.7. "Documentation" means user documentation provided electronically by ULab for use with the Software, as periodically updated;
- 17.8. "Feedback" means all comments, suggestions, requests, requirements, improvements, feedback, or other input the Customer provides regarding any products or Services owned or supplied by ULab, its Affiliates and licensees;
- 17.9. "Force Majeure", means circumstances beyond the control of ULab which shall include (but shall not be limited to) acts of God, perils of the sea or air, fire, flood, drought, explosion, sabotage, accident, embargo, riot, civil commotion, including acts of local government and parliamentary authority; inability to supply the Software and or the Professional Services, materials, breakdown of Local Equipment and labour disputes of whatever nature and for whatever cause arising including (but without prejudice to the generality of the foregoing) work to rule, overtime bars, strikes and lockouts and whether between either of the parties hereto and any or all of its employees and/or any other employer and any or all of its employees and/or between any two or more groups of employees (and whether of either of the parties hereto or any other employer);
- 17.10. "GDPR" means the General Data Protection Regulation (Regulation (EU) 2016/679) as amended, replaced, supplemented or adopted into United Kingdom Legislation;
- 17.11. "ICO" means the UK’s supervisory authority, the Information Commissioner’s Office;
- 17.12. "Intellectual Property" means patents, trademarks, trade name, service mark, copyright, trade secrets, know-how, process, technology, development tool, ideas, concepts, design right, domain names, moral right, database right, methodology, algorithm and invention, and any other proprietary information (whether registered, unregistered, pending or applied for);
- 17.13. "Platform" means the hardware and software environment in which the software element of the Software operates, which comprises one or more server computers (whether virtual or not), mirroring/duplicating/back-up and storage systems and relative hardware operating software, virtual machine software (where relevant), operating system software, database software, anti-virus and security software, switches, power supplies and telecommunications infrastructure;
- 17.14. "Privacy Policy" means ULab’s policy relating to User Content and compliance with (amongst others) the DPA and the GDPR from time to time, the current version of the Privacy Policy is located here;
- 17.15. "Shared Personal Data" means the personal data and special category personal data to be shared between ULab and the Customer under these Terms and Conditions;
- 17.16. "Software" means the ULab™ proprietary operating software and the Third Party Software written in object and source code residing on and used for operating the Platform and the Software as Updated and Upgraded from time to time;
- 17.17. "Sub-Processor" means a sub-processor appointed by ULab to process the Personal Data;
- 17.18. "Sub-Processing Agreement" means an agreement between ULab and a Sub-Processor governing the Personal Data processing carried out by the Sub-Processor, as described in Clause 14;
- 17.19. "Third Party Software" means software other than the Software which belongs to third parties and in relation to which ULab has the right to grant sub-licenses;
- 17.20. "Update" means any update, update rollup, service pack, feature pack, critical update, security update, or hotfix that is used to improve or to fix a software product;
- 17.21. "Upgrade" means a software package that replaces an installed version of a product with a newer version of the same product, typically leaving existing customer data and preferences intact while replacing the existing software with the newer version;
- 17.22. "User" means the Customer and any of its employees, or a person to whom the Customer has outsourced services, that has permission to accesses the Software as a named user and is not employed by ULab and acting in the course of their employment;
- 17.23. "User Content" means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on, is uploaded to or forms part of a User Site or the Software and has been uploaded by a User;
- 17.24. "User Site" means a partition/tenancy on the Platform created by ULab for a User or Users accessing the Software which shall contain User Content and shall be hosted on the Platform;