top of page
Black Writing Transparent.png

Supply of Services Agreement

THIS AGREEMENT is made between:

​

Our App Limited, a company incorporated in England and Wales, registered under company number 15232804, with its registered office at 2 Chalkhill Cottages, Chalk Hill, Little Somborne, Hampshire SO20 6QU (referred to as the Supplier);

 

Our Customers, being individuals, companies, or organisations in any form that have purchased a product or service from the Supplier, either online or in person (referred to as the Customer).

​

AGREEMENT

 

Definitions

  1. In this Agreement, the following terms shall have the meanings assigned to them:

 

Agreement This document governs the provision of the Services (as specified in Schedule 2), including any associated schedules.

The Supply of Services is to be read alongside and in addition to our Privacy Policy and Terms and Conditions (click these links to view).

 

Confidential Information In relation to either party, this refers to any information, whether explicitly stated as confidential or not, disclosed by one party to the other. This also includes any information obtained by a party from such disclosures, whether shared orally, in writing, or by other means in connection with this Agreement.

 

Customer An individual, company, or organisation in any form that purchases Goods and Services from Our App Limited or CL Booking Limited

​

Deliverables

 

All documents, items, plans, products, goods, and materials provided by the Supplier. This includes methodologies, ideas, designs, computer programs, data, disks, tapes, and reports, in any format, that are developed, created, written, prepared, devised, or discovered by the Supplier or their agents, sub-contractors, consultants, and employees in connection with the Services.

​

Effective Date

T

he date and time when the Agreement is confirmed.

​

Equipment

 

Any equipment, systems, tools, cabling, materials, or facilities requested or utilised directly or indirectly in the provision of the Services by the Supplier or their sub-contractors.

​

Intellectual Property Rights

 

All forms of intellectual property owned or utilised by the Supplier worldwide, whether registered or not. This includes inventions, patents, utility model rights, copyright and related rights, registered and unregistered design rights, trade marks, trade names, internet domain names, service marks, database rights, topography rights, rights in get-up, goodwill, and the right to sue for passing off. It also encompasses applications, extensions, renewals, priority claims, and any similar rights or protections currently or in the future.

Services

 

The services detailed in Schedule 1 of this Agreement, including any additional services provided or agreed upon through the change control process (Change Control).

​

Service Charges

 

The charges for the Services as outlined in Schedule 2 of this Agreement.

​

Service Levels

 

The applicable service levels, standards, or performance targets related to the Services, as defined in Schedule 3 of this Agreement.

Specification

The description or specification of the Services as detailed in Schedule 1 of this Agreement or as otherwise agreed upon by both parties through Change Control.

​

Working Day

 

A Working Day refers to any day other than a Saturday, Sunday, or public holiday in England and Wales. Within this Agreement, unless the context specifies otherwise: a. Singular terms include the plural and vice versa. b. References to sub-clauses, clauses, schedules, or appendices relate to corresponding sections of this Agreement. c. References to a person include firms, companies, government entities, trusts, and partnerships. d. The term "including" means "including without limitation." e. References to statutory provisions include any amendments or modifications thereof. f. Headings and subheadings are not considered part of this Agreement. g. The terms "writing" or "written" include fax and email unless explicitly stated otherwise.

Provision of Services

 

  1. The Supplier shall deliver the Services to the Customer under the terms and conditions set forth in this Agreement, starting from the Effective Date and as detailed in Schedule 1.

  2. The Services will be provided by the Supplier either: a. Continuously on an ongoing basis; or b. As required, in response to specific Customer requests, as outlined in Schedule 1.

  3. The Agreement commences on the Effective Date and will remain in effect for its designated duration, unless terminated earlier under the Termination clause. All agreements will automatically renew annually on the anniversary of the Effective Date, under the same terms as the original Contract Period, unless one party provides the other with at least 24 hours' notice of cancellation prior to the renewal date.

  4. The Supplier shall deliver the Services (including any Deliverables) in accordance with the Specification and Service Levels, ensuring material compliance. Time is of the essence for any specified delivery dates unless otherwise stated in the schedules.

  5. The Supplier will perform the Services with reasonable care and skill, adhering to: a. Recognised commercial standards and practices within the relevant industry. b. All applicable laws and regulations, including but not limited to those concerning (i) anti-bribery and corruption, and (ii) data protection.

​​

Customer's Obligations

 

  1. Schedule 1 can only be amended with the written agreement of both parties, in accordance with the Change Control clause.

  2. The Customer must: a. Collaborate with the Supplier on all matters related to the Services. b. Promptly provide any Equipment, materials, or information reasonably requested by the Supplier. Equipment provided must be in good working order and suitable for its intended use, while information must be accurate in all material respects. c. Obtain and maintain any necessary licences and consents and comply with all relevant legislation prior to the commencement of the Services.

  3. ​

Defective Services

 

  1. The Supplier must promptly inform the Customer of: a. Any delays or issues in the provision of the Services as they arise and come to the Supplier's attention. b. Any situations that may prevent the Supplier from delivering the Services in accordance with this Agreement, along with recommendations, where feasible, for avoiding such situations. c. Any complaints (whether formal or informal) or other matters that the Supplier reasonably believes could lead to a loss, claim, or adverse publicity for the Customer.

  2. The Customer, without restricting their rights or remedies, must report to the Supplier any defects in the performance of the Services as soon as reasonably possible after identifying such defects.

  3. Upon receiving notification of a defect from the Customer, or becoming aware of it independently, the Supplier must use reasonable efforts to provide any additional services necessary to rectify the defect as quickly as practicable, without restricting the Customer’s rights or remedies.

​​

Charges, Payment, and Time Records

 

  1. In exchange for the provision of the Services by the Supplier, the Customer agrees to pay the Service Charges as specified in Schedule 2. These charges may be based on time and materials, a fixed price, or a combination of both. Timely payment of the Service Charges is essential.

  2. All charges quoted to the Customer are exclusive of VAT, which will be applied to invoices at the applicable rate.

  3. When Services are provided on a time-and-materials basis: a. The charges for the Services will be calculated according to the Supplier’s standard daily rates for each individual, based on an eight-hour day worked between 9 am and 5 pm on Working Days, unless otherwise agreed between the parties. b. The Supplier will ensure that all individuals engaged in the Services complete time sheets documenting time spent on Services or Deliverables. c. The Supplier will invoice the Customer monthly in arrears for charges related to time, expenses, and materials (including VAT where applicable) incurred during that month, accompanied by relevant receipts for any Equipment, materials, and expenses.

  4. For fixed-price Services, the total cost is detailed in Schedule 2. These charges must be paid before any work begins. The Supplier will invoice the Customer for the payable amount, including any additional charges for Equipment, materials, and expenses not explicitly included in the fixed price, plus VAT.

  5. Expenses incurred by the Supplier may include costs related to accommodation, subsistence, travel, necessary materials, or services provided by third parties required for the Services. Expenses exceeding £100 must receive prior written approval from the Customer. Such costs, along with VAT, will be invoiced at cost.

  6. The Customer is required to pay the full cost of the first year for goods or services in advance by credit card when placing the order. This payment is non-refundable unless the Supplier fails to deliver the Services due to its own fault. No refund will be issued if the failure is beyond the Supplier’s control.

  7. The Customer must pay all invoices submitted by the Supplier in full, with cleared funds, by the date specified on each invoice (the Due Date), to the bank account designated by the Supplier in writing.

  8. If the Customer fails to pay by the Due Date, the Supplier reserves the right to: a. Charge interest on the overdue amount at a rate of 4% per annum above the Bank of England base rate or 8%, whichever is higher. Interest will accrue daily from the Due Date until payment is made, whether before or after judgment. The Supplier may opt to charge statutory interest. The Customer must pay both the overdue amount and the accrued interest. b. Suspend all Services until payment is made in full.

  9. All amounts due to the Supplier under this Agreement become payable immediately upon termination of the Agreement, regardless of any other provisions.

  10. Both the Supplier and the Customer must pay all amounts due under this Agreement in full, without any deductions except as required by law. Neither party may assert any credit, set-off, or counterclaim as grounds for withholding payment of amounts owed, whether in whole or in part.

​

Change Control

 

  1. During the term of this Agreement, the Customer may request an increase or decrease in the volume of the Services, a change to the Specification, or the addition of new Services (Change Request), provided that no reduction in the agreed fees payable occurs. The Customer must notify the Supplier in writing of any such request.

  2. Upon receiving a Change Request, the Supplier will consider it and respond within 5 Working Days by either: a. Confirming acceptance of the Change Request without requiring any variation to the terms of the Agreement. In this case, both parties shall execute a variation to the Agreement as soon as reasonably practicable, and the Supplier will implement the Change Request accordingly; or b. Providing a written proposal to accept the Change Request, subject to variations deemed reasonably necessary to the Services, the Specification, or the Service Charges, including any new Services (Change Proposal); or c. Providing a written statement explaining why the Change Request is not reasonably practicable to accept, with or without any proposed variations.

  3. Any Change Proposal from the Supplier will be based on the agreed Service Charges, or if this is not suitable, it will reflect a fair and reasonable quotation for the Change Request.

  4. The Customer must consider the Supplier’s Change Proposal and respond in writing within 5 Working Days, either accepting the Change Proposal (with or without further negotiation) or rejecting it. If the Change Proposal is accepted, both parties will execute a variation to the Agreement as soon as reasonably practicable, and the Supplier will implement the agreed changes.

  5. The Supplier reserves the right to make changes to the Services that are necessary to comply with applicable laws or safety requirements, provided that reasonable notice is given to the Customer and that these changes do not materially affect the nature, scope, or cost of the Services.
     

Indemnity

 

The Supplier agrees to indemnify the Customer against any claims made by third parties alleging that the provision of Services to the Customer under this Agreement infringes any Intellectual Property Rights belonging to those third parties.
 

Liability and Insurance

 

  1. The Supplier shall not be held liable for any costs, charges, or losses incurred by the Customer, whether directly or indirectly, resulting from the prevention or delay of the Supplier's performance caused by any act or omission of the Customer, its agents, sub-contractors, consultants, or employees.

  2. This Agreement does not limit or exclude the liability of either party for: a. Death or personal injury caused by negligence. b. Fraud or fraudulent misrepresentation. c. Breach of the terms implied by Section 2 of the Supply of Goods and Services Act 1982 (title and quiet possession). d. Any other liability that cannot be limited or excluded under applicable law.

  3. Subject to Clause 29 and Clause 27 (Indemnity), neither party shall be liable to the other, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, for any of the following losses arising under or in connection with this Agreement: a. Loss of profits. b. Loss of sales or business. c. Loss of agreements or contracts. d. Loss of anticipated savings. e. Loss of or damage to goodwill. f. Loss of use or corruption of software, data, or information. g. Any indirect or consequential losses.
     

Liability and Insurance

 

  1. Subject to the preceding two clauses and the clause above (Indemnity), the Supplier’s total liability for any other losses incurred by the Customer, in relation to a single event or a series of related events, shall not exceed £500.

  2. To the fullest extent permitted by law, the terms implied by Sections 3 to 5 of the Supply of Goods and Services Act 1982 are excluded from this Agreement.

  3. Throughout the duration of this Agreement, both the Supplier and the Customer must maintain insurance, issued by a reputable provider, sufficient to indemnify risks for which they are responsible. This includes coverage for their respective sub-contractors, agents, and employees in connection with the Services. Upon request, either party must produce their insurance certificate detailing the coverage and the receipt confirming the current year's premium payment.
     

Confidentiality

 

  1. Each party agrees to use Confidential Information solely to fulfil its obligations under this Agreement and will not disclose such information, except: a. When required by law, court order, or any governmental or regulatory authority. b. To its employees, officers, sub-contractors, representatives, or advisers, provided such individuals need the information to perform obligations under this Agreement and agree to use it solely for that purpose, preventing further disclosure. c. If the information is already publicly available (other than through a breach of this Agreement by the disclosing party or its representatives). d. If the information was already available or known on a non-confidential basis before disclosure under this Agreement. e. If the information is independently developed by or for the recipient without reference to the disclosing party’s Confidential Information.
     

Intellectual Property

 

  1. The Supplier retains all Intellectual Property Rights (if any) that may subsist in any Deliverables or relate to the provision of the Services. The Supplier reserves the right to take appropriate action to prevent or restrain any infringement of such rights.

  2. The Supplier grants the Customer a non-exclusive, worldwide licence, free of charge, for the duration of the Agreement. This licence allows the Customer to reasonably use the Deliverables and the Services as intended.

  3. If this Agreement is terminated, the licence granted to the Customer will automatically terminate.
     

Data Protection

 

Each party shall fulfil its obligations and exercise its respective rights and remedies as outlined in Schedule 4.

​

Anti-Bribery

 

  1. The Supplier, along with its agents, sub-contractors, consultants, and employees, agrees to: a. Adhere to all applicable laws, regulations, statutes, and codes concerning anti-bribery and anti-corruption, including, but not limited to, the Bribery Act 2010 (Bribery Laws). b. Avoid committing offences under Sections 1, 2, or 6 of the Bribery Act 2010. c. Comply with any relevant industry codes pertaining to anti-bribery (Bribery Policies). d. Establish, maintain, and enforce its own policies and procedures throughout the term of this Agreement to ensure compliance with Bribery Laws and Bribery Policies. e. Promptly notify the Customer of any request or demand for undue financial or other advantages received in connection with performing this Agreement.
     

Non-Solicitation

 

  1. The Customer agrees not to solicit, entice away, or employ (or attempt to employ) any person who is or has been engaged as an employee, consultant, or sub-contractor of the Supplier in connection with the Services. This restriction applies from the start of this Agreement and continues for 24 months following either the last supply of Services or the termination of this Agreement, whichever is later, without prior written consent from the Supplier.
     

Circumstances Beyond the Control of Either Party

 

  1. Neither party will be liable for any failure or delay in fulfilling its obligations if such failure or delay arises from causes beyond its reasonable control.

  2. These causes may include, but are not limited to: power outages, Internet Service Provider failures, acts of God, epidemics, pandemics, civil unrest, fires, floods, droughts, storms, earthquakes, structural collapses, explosions, accidents, acts of terrorism, acts of war, governmental actions, laws or restrictions imposed by public authorities, and other unforeseen events.

  3. The affected party must use reasonable efforts to mitigate the impact of the force majeure on the performance of its obligations.

  4. The other party’s obligations will be suspended to the same extent as those of the affected party during the force majeure event.

  5. If the delay caused by the force majeure continues for 90 days, either party may terminate or cancel the Services governed by this Agreement.
     

Termination

 

  1. A party may terminate this Agreement immediately by giving written notice if the other party: a. Fails to pay any amount due within 30 days of its due date. b. Commits a material breach of the Agreement and fails to remedy it within 30 days of receiving written notice specifying the breach and requesting its resolution. c. Persistently breaches any terms of the Agreement. d. Is dissolved, ceases to conduct most of its business, or becomes insolvent. e. Has a receiver appointed over its assets or property. f. Arranges terms with its creditors or enters administration (as defined by the Insolvency Act 1986). g. (If an individual or firm) becomes bankrupt or (if a company) enters liquidation. h. Undergoes a change of control (as defined by Section 1124 of the Corporation Tax Act 2010). i. (If an individual) dies or becomes incapacitated due to illness, preventing the management of their affairs.
     

Consequences of Termination

 

  1. Upon termination or expiry of this Agreement: a. The Customer must immediately pay all outstanding invoices and interest to the Supplier. For any Services provided but not yet invoiced, the Supplier may submit an invoice, which must be paid immediately upon receipt. b. The Customer must return all Equipment and Deliverables belonging to the Supplier within a reasonable timeframe. Until returned or repossessed, the Customer assumes responsibility for their safekeeping.

  2. Termination or expiry does not affect any rights, remedies, obligations, or liabilities of the parties accrued before that date, including claims for damages related to breaches existing at or before the termination or expiry.

  3. Aside from provisions outlined in this Agreement, neither party will have further obligations to the other once the Agreement terminates.
     

General

 

  1. This Agreement constitutes the entire understanding between the parties regarding its subject matter and supersedes all prior discussions, arrangements, or agreements relating to it. This clause does not limit or exclude liability for fraud or fraudulent misrepresentation.

  2. The Customer may not assign, transfer, or sub-contract any benefit or obligation of the Agreement to a third party without prior written consent from the other party, which will not be unreasonably withheld.

  3. Any variation to the Agreement will only be valid and binding if documented in writing and signed by or on behalf of both parties.

  4. The Contracts (Rights of Third Parties) Act 1999 does not apply to this Agreement. No third party has the right to enforce or rely on any provision of the Agreement.

  5. Unless otherwise agreed, no delay, act, or omission by either party in exercising a right or remedy shall constitute a waiver of that or any other right or remedy.

  6. Any provision intended to survive the termination of the Agreement will remain enforceable.

  7. If any provision (or part of it) is deemed invalid, illegal, or unenforceable by a court or authority, it will, to the necessary extent, be treated as deleted. The validity and enforceability of the remaining provisions will not be affected.

  8. Unless expressly agreed otherwise, nothing in this Agreement will establish an employment relationship, partnership, or joint venture between the parties. Neither party will act as an agent or enter into commitments on behalf of the other.

  9. Notices (except in legal proceedings) under this Agreement must be in writing and sent via pre-paid first-class post, hand delivery, or email to the recipient's registered address or main business email, as notified.

Notices: a. Notices sent by post within the UK will be considered received on the second Working Day after posting; for international post, on the tenth Working Day after posting. b. Notices delivered by hand will be considered received immediately upon delivery at the recipient's address. c. Notices sent by email will be considered received on the next Working Day after dispatch.

  1. The Supplier may occasionally recommend third-party software or products to enhance the Customer's use of the App. However, such recommendations are made without any support or warranty from the Supplier and are expressly excluded from this Agreement.

  2. The Supplier reserves the right to amend or update the terms outlined in this document. Customers will be notified of changes by email. If they disagree with the new terms, they may choose to terminate the Agreement. Continued use of the product(s) beyond 14 days from notification will be considered as acceptance of and compliance with the new terms.
     

Governing Law and Jurisdiction

 

  1. This Agreement is governed by the laws of England and Wales. Any disputes arising from the Agreement, including non-contractual claims or disputes, are subject to the exclusive jurisdiction of the courts of England and Wales.

 

 

SCHEDULE 1 - SPECIFICATION OF SERVICES

 

Services Provided by the Supplier

  1. The Supplier will either:

    • Provide access to the shared apps portfolio; or

    • Create a Native App for the Customer using the Our App Template code and publish it on both the Apple App Store and Google Play Store. Links to the app pages on both stores will be provided to the Customer.

  2. The Supplier will supply the Customer with a unique URL and QR codes to assist in promoting their app to users.

  3. The service is compatible with Apple and Android mobile phones and certain tablets and accessible online.

  4. The Customer has selected an initial contract period of 1–3 years, as stated in the order form.

  5. The app features a fixed layout that the Customer can personalise. Personalisation includes:

    • Adjusting the look and feel using the Customer's own branding, colour schemes, and images.

    • Customising the content through widgets provided by the Supplier.

  6. The Customer will have access to the Supplier's complimentary content data sets. While the Supplier ensures these datasets are kept up to date at its sole discretion, it reserves the right to charge a fee for updates requested by the Customer that involve additions to the data.

 

Supplier's Responsibilities

The Supplier will:

  • Host the app's content and code on UK servers (which the Customer cannot access).

  • Manage the apps and databases.

  • Maintain the service.

  • Provide content app widgets for the Customer's use in displaying their content.

  • Offer UK-based data sets on the following topics:

    • Pubs

    • Cinemas

    • Sports Clubs

    • Beaches

    • Supermarkets

    • Doctors (England only)

    • Things to do and

    • comprehensive Restaurants data

    • Farm shops

  • Respond to reasonable Customer requests for additional content. While the datasets aim to be comprehensive, complete accuracy cannot be guaranteed. The Supplier retains full editorial control over the content and will consider reasonable requests to add or remove listings.

 

Customer's Responsibilities

The Customer will:

  • Provide all necessary information, content, images, and videos for app publication.

  • Communicate any innovative ideas for features or additions that fit within the app's existing infrastructure (as outlined in clauses 23–27).

  • Supply any media assets required for app production and effective promotion.

  • Distribute the app efficiently to users.

  • Ensure timely payment of invoices.

  • Safeguard and take full responsibility for any third-party copyrighted content uploaded to the app(s).

  • Complete and return the Native App Information Form immediately after placing the order.

 

App Ownership

  1. The Customer agrees that the Supplier lends the app, code, and datasets to the Customer for the duration of the Agreement.

  2. The Customer acknowledges that:

    • The Supplier retains sole ownership of the app's design, code, and generic content.

    • They will not have access to the Supplier's proprietary code.

    • Any changes or repairs to the code must be requested from the Supplier.

 

​

SCHEDULE 2 - CHARGES

 

Set-Up

The Supplier will provide the initial setup of the Customer-branded app at no charge. This setup will include configuring the app with information widgets as specified in the artwork and information form submitted by the Customer immediately after placing the order.

 

Annual App Fee

An annual fee will be charged for the use of the app and related services.

  • The Agreement will automatically renew on the anniversary of the effective date for one-year periods under the same terms and conditions unless the Supplier receives notice of termination at least 24 hours prior to the renewal date (refer to Clause 4).

  • This contract must be read in conjunction with the original order form, which has been or will be sent via email.

  • Any additional work beyond the scope of this Agreement will be quoted for prior to commencement and added to the invoice accordingly.

 

​

SCHEDULE 3 - SERVICE LEVELS

 

Maintenance

The Supplier will oversee all technical aspects of maintaining and running the app(s) throughout the Agreement period. Efforts will be made to resolve any reported issues within 72 working hours of notification.

 

Opening Hours

The Supplier’s technical and development services will be available from 9 am to 5 pm, Monday to Friday, excluding public and bank holidays.

Let me know if further adjustments are needed!

 

​

SCHEDULE 4 - DATA PROTECTION

 

PART A

60. Definitions For the purposes of this Schedule: a. Data Protection Laws refer to any applicable law relating to the processing of Personal Data, as applicable to either party or the Services, including: i. Directive 95/46/EC (Data Protection Directive) or the GDPR; ii. Laws implementing or supplementing such directives; iii. Laws replacing, extending, re-enacting, consolidating, or amending the above; and iv. All guidance, codes of practice, and codes of conduct issued by any relevant Data Protection Supervisory Authority relating to Data Protection Laws (whether legally binding or not). b. GDPR refers to the General Data Protection Regulation (EU) 2016/679. c. Protected Data means Personal Data received from or on behalf of the Customer, or obtained in connection with the Supplier's performance of obligations under the Agreement. d. Sub-processor refers to any agent, subcontractor, or other third party engaged by the Supplier (or another Sub-processor) to perform processing activities concerning Protected Data.

The terms Controller, Data Subject, International Organisation, Member State, Personal Data, Personal Data Breach, Processor, Processing, and Supervisory Authority shall have the meanings ascribed to them in the GDPR.

Compliance with Data Protection Laws

  1. Both parties agree that the Customer is the Controller and the Supplier is the Processor for Protected Data processed under this Agreement.

  2. The Supplier shall, and shall ensure its Sub-processors and personnel comply with, all Data Protection Laws while processing Protected Data and delivering the Services.

  3. This Agreement does not absolve the Supplier of its responsibilities or liabilities under Data Protection Laws.

Indemnity

  1. Each party shall indemnify and keep the other indemnified against any actions, liabilities, claims, costs, losses, compensation to Data Subjects, and other reasonable professional costs arising from breaches of Data Protection Laws by the indemnifying party, its employees, or agents.

Instructions

  1. The Supplier will process Protected Data solely per Section 1 of Part B and the Customer's written instructions. If any instructions conflict with Data Protection Laws, the Supplier will notify the Customer immediately.

Security

  1. The Supplier shall implement and maintain appropriate technical and organisational measures to protect Protected Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures are outlined in Part B.

Sub-Processing

  1. The Supplier will not allow any third-party processing of Protected Data (except for Supplier personnel subject to enforceable confidentiality obligations) without prior written permission from the Customer, except where required by law.

  2. Any Sub-processor must be appointed under a written agreement providing at least the same level of protection for Protected Data as this Schedule.

  3. The Supplier remains fully liable to the Customer for the actions or omissions of any Sub-processor or Supplier personnel.

  4. When engaging Sub-processors, the Supplier shall: a. Conduct due diligence to ensure they can meet the required level of data protection. b. Assume liability for breaches caused by Sub-processors. c. Provide details of Sub-processor agreements upon request.

Assistance

  1. The Supplier will provide reasonable assistance to the Customer to fulfil any requests from Data Subjects exercising their rights under Data Protection Laws. If such requests are made directly to the Supplier, they shall notify the Customer promptly.

  2. The Supplier will assist with Data Protection Impact Assessments (DPIAs) or consultations with data protection authorities when required by law, considering the nature of processing and the available information.

Data Subject Requests

  1. The Supplier will refer all requests or communications from Data Subjects or Supervisory Authorities regarding Protected Data to the Customer within three days of receipt and will not respond without the Customer’s written approval, unless legally required to do so.

International Transfers

  1. The Supplier will not transfer or disclose Protected Data outside the EEA or to any International Organisation without the Customer's prior written consent.

Audits and Records

  1. In accordance with Data Protection Laws, the Supplier will provide the Customer with requested information to demonstrate compliance with its obligations as a Processor.

  2. The Customer may exercise audit rights by requesting: a. An audit report (issued within the last 18 months) confirming the Supplier's compliance with industry standards; and b. Additional information requested by a Supervisory Authority concerning the Supplier’s data processing activities.

Breach Notifications

  1. If the Supplier, its personnel, or Sub-processors suspect or become aware of a Personal Data Breach, the Supplier must notify the Customer within 24 hours.

  2. The Supplier will provide all necessary details to enable the Customer to report the breach to a Supervisory Authority or affected Data Subjects under Data Protection Laws.

Return or Deletion of Protected Data

  1. Upon termination or expiry of the Agreement, the Supplier will, at the Customer's request, either delete or return all Protected Data (including copies) via secure file transfer within 30 days, unless legally required to retain it.

  2. Within 30 days of the Agreement's termination or expiry, the Supplier will confirm compliance with this process in writing.

Survival

  1. This Schedule survives the termination or expiry of the Agreement.

 

PART B

Section 1 - Data Processing

Subject Matter: The Supplier’s provision of the Services and related technical support to the Customer.

Duration: For the term of the Agreement and until Protected Data is returned or deleted per this Schedule.

Nature and Purpose: Processing Protected Data to provide the Services and technical support as stipulated in the Agreement.

Type of Personal Data: Title, First Name, Last Name, Email Address, Mobile Number, Address.

Categories of Data Subjects:

  • Data Subjects whose Protected Data is collected by the Supplier while providing the Services; and/or

  • Data Subjects whose Protected Data is transferred to the Supplier by or on behalf of the Customer.

Section 2 - Minimum Technical and Organisational Security Measures

The Supplier must implement and maintain the following security measures:

  • Data encryption using the SHA-256 Cryptographic Hash Algorithm.

  • Ensuring GDPR compliance agreements with all third-party suppliers.

Updated 20th March 2025

bottom of page