Last updated: 8th August, 2022
Customer terms of service
THESE TERMS OF SERVICE (“TERMS”) CONSTITUTE A CONTRACT BETWEEN YOU AND CONSENT KIT AND GOVERN USE OF AND ACCESS TO THE SERVICE AND WEBSITE BY YOU, USERS, AND END-USERS WHETHER IN CONNECTION WITH A PAID SUBSCRIPTION TO THE SERVICE OR A FREE TRIAL OF THE SERVICE.
In this Agreement, except to the extent expressly provided otherwise:
“Account” means an account enabling a person to access and use the Hosted Services, including both administrator accounts and user accounts;
“Affiliate” means an entity that Controls, is Controlled by, or is under common Control with the relevant entity;
“Agreement” means this agreement including any Schedules, and any amendments to this Agreement from time to time;
“Business Day” means any weekday other than a bank or public holiday in England;
“Business Hours” means the hours of 09:00 to 17:00 GMT/BST on a Business Day;
“Change” means any change to this Agreement;
“Charges” means the following amounts: such amounts as may be agreed in writing by the parties from time to time for the provision of the Services; and amounts calculated by multiplying Consent Kit’s standard time-based charging rates (as notified by Consent Kit to the Customer before the date of this Agreement) by the time spent by Consent Kit’s personnel performing the Support Services (rounded down by Consent Kit to the nearest quarter hour);
“Confidential Information” means Consent Kit Confidential Information and the Customer Confidential Information;
“Control” means the legal power to control (directly or indirectly) the management of an entity (and “Controlled” should be construed accordingly);
“Consent Kit” means Consent Kit Ltd, a company incorporated in England and Wales (registration number 11960970) having its registered office at Federation House, 2 Federation Street, Manchester, M4 4BF England. In this Agreement, Consent Kit may also be referred to through the use of “We” or “Our.”
“Consent Kit Confidential Information” means any information disclosed by or on behalf of Consent Kit to the Customer at any time before the termination of this Agreement (whether disclosed in writing, orally or otherwise) that at the time of disclosure was marked or described as “confidential” or should have been understood by the Customer (acting reasonably) to be confidential in the circumstances.
“Customer” the organisation or institution that you are engaged or employed by, whom that you enter into this Agreement on behalf of. In this Agreement, the Customer may also be referred to through the use of “You” or “Your.”
“Customer Confidential Information” means:- any information disclosed by or on behalf of the Customer to Consent Kit at any time before the termination of this Agreement (whether disclosed in writing, orally or otherwise) that at the time of disclosure:
- was marked or described as “confidential”; or
- should have been reasonably understood by Consent Kit to be confidential in the circumstances; and the Customer Data;
“Customer Data” means all data, works and materials: uploaded to or stored on the Platform by the Customer; transmitted by the Platform at the instigation of the Customer; supplied by the Customer to Consent Kit for uploading to, transmission by or storage on the Platform; or generated by the Platform as a result of the use of the Hosted Services by the Customer (but excluding analytics data relating to the use of the Platform and server log files);
“Customer Personal Data” means any Personal Data that is processed by Consent Kit on behalf of the Customer in relation to this Agreement, but excluding personal data with respect to which Consent Kit is a data controller;
“Data Protection Laws” means all applicable laws relating to the processing of Personal Data including, while it is in force and applicable to Customer Personal Data, the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679);
“Documentation” means the documentation for the Hosted Services produced by Consent Kit and delivered or made available by Consent Kit to the Customer;
“Effective Date” means the first date on which the Customer commences the Subscription Term;
“End-User” means any person or entity other than the Customer or a User with whom the Customer or its Users interact using the Service.
“Force Majeure Event” means an event, or a series of related events, that is unforeseeable and outside the reasonable control of the party affected (including, but not limited to, failures of the internet or any public telecommunications network, hacker attacks, denial of service attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, epidemics, pandemics, explosions, fires, floods, riots, terrorist attacks, acts of God and wars);
“Hosted Services” means app.consentkit.io, which will be made available by Consent Kit to the Customer as a service via the internet in accordance with this Agreement;
“Hosted Services Defect” means a defect, error or bug in the Platform having a material adverse effect on the appearance, operation, functionality or performance of the Hosted Services, but excluding any defect, error or bug caused by or arising as a result of:
- any act or omission of the Customer or any person authorised by the Customer to use the Platform or Hosted Services;
- any use of the Platform or Hosted Services contrary to the Documentation, whether by the Customer or by any person authorised by the Customer;
- a failure of the Customer to perform or observe any of its obligations in this Agreement; and/or
- an incompatibility between the Platform or Hosted Services and the Supported Web Browsers;
“Intellectual Property Rights” means all intellectual property rights wherever in the world, whether registrable or unregistrable, registered or unregistered, including any application or right of application for such rights (and these “intellectual property rights” include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trade marks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs);
“Order” means any order completed through the Consent Kit website or app, or any Consent Kit generated service order form executed or approved by You with respect to Your subscription to the Service, which may detail, among other things, the number of Users authorised to use the Service under Your subscription to the Service and the Service Plan applicable to Your subscription to the Service.
“Personal Data” has the meaning given to it in the Data Protection Laws applicable in England and Wales from time to time;
“Platform” means the platform managed by Consent Kit and used by Consent Kit to provide the Hosted Services, including the application and database software for the Hosted Services, the system and server software used to provide the Hosted Services, and the computer hardware on which that application, database, system and server software is installed;
“Representative” means an authorised representative of a party;
“Schedule” means any schedule attached to the main body of this Agreement;
“Services” means any services that Consent Kit provides to the Customer, or has an obligation to provide to the Customer, under this Agreement, which may include, without limitation, the Hosted Services and Support Services;
“Service Plan(s)” means the packaged service plan(s) and the functionality and services associated therewith (as detailed on the Website applicable to the Service) for the Services to which You subscribe.
“Subscription Term” means the period during which You have agreed to subscribe to the Services with respect to any individual User.
“Support Services” means support in relation to the use of, and the identification and resolution of errors in, the Hosted Services, but shall not include the provision of training services;
“Supported Web Browser(s)” means the current release from time to time of Microsoft Edge, Mozilla Firefox, Google Chrome or Apple Safari, or any other web browser that Consent Kit agrees in writing shall be supported;
“Third Party Services” means any hosted or cloud services provided by any third party that may transmit data to and/or from the Hosted Services;
“Update” means a hotfix, patch or minor version update to any Platform software;
“Upgrade” means a major version upgrade of any Platform software; and
“User” means an individual authorised to use a Service through Your Account as an administrator, member, contributor, and/or viewer as identified through a unique login.
2.1 This Agreement shall continue in force from the Effective Date, subject to termination in accordance with Clause 17 or any other provision of this Agreement (the “Term”).
2.2 If You register for a free trial for the Service, We will make the Service available to You on a trial basis free of charge until the earlier of:
- (a) the end of the free trial period for which You registered to use the Service;
- (b) the start date of any subscription to the Service purchased by You for such Service; or
- (c) termination of the trial by Us in our sole discretion.
3. Hosted Services
3.1 Consent Kit shall ensure that the Platform will, on the Effective Date, automatically generate an Account for the Customer and provide to the Customer login details for that Account.
3.2 Consent Kit hereby grants to the Customer a licence to use the Hosted Services by means of a Supported Web Browser for the internal business purposes of the Customer in accordance with the Documentation during the Term.
3.3 The licence granted by Consent Kit to the Customer under Clause 3.2 may only be used by the officers, employees, agents and contractors of either the Customer or an Affiliate of the Customer in relation to the Customer’s business;
3.4 Except to the extent expressly permitted in this Agreement or required by law on a non-excludable basis, the licence granted by Consent Kit to the Customer under Clause 3.2 is subject to the following prohibitions:
- (a) the Customer must not sub-license its right to access and use the Hosted Services;
- (b) the Customer must not permit any unauthorised person to access or use the Hosted Services;
- c) the Customer must not use the Hosted Services to provide services to third parties;
- d) the Customer must not republish or redistribute any content or material from the Hosted Services;
- e) the Customer must not make any alteration to the Platform, except as permitted by the Documentation; and
- f) the Customer must not conduct or request that any other person conduct any load testing or penetration teting on the Platform or Hosted Services without the prior written consent of Consent Kit.
3.5 The Customer shall use reasonable endeavours, including reasonable security measures relating to Account access details, to ensure that no unauthorised person may gain access to the Hosted Services using an Account.
3.6 Subject to circumstances outside of Consent Kit’s reasonable control, Consent Kit aims to keep the Platform available for a minimum of 95% of the time during Business Hours, subject to Clause 17.5.
3.7 The Customer must comply with the Acceptable Use Policy, and must ensure that all persons using the Hosted Services with the authority of the Customer or by means of an administrator Account comply with the Acceptable Use Policy.
3.8 The Customer must not use the Hosted Services in any way that causes, or may cause, damage to the Hosted Services or Platform or impairment of the availability or accessibility of the Hosted Services.
3.9 The Customer must not use the Hosted Services:
- (a) in any way that is unlawful, illegal, fraudulent or harmful; or
- (b) in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.
3.10 For the avoidance of doubt, the Customer has no right to access the software code (including object code, intermediate code and source code) of the Platform, either before, during or after the Term.
4. Customer Obligations
4.1 Save to the extent that the parties have agreed otherwise in writing, the Customer must provide to Consent Kit, or procure for Consent Kit, such:
- (a) co-operation, support and advice;
- (b) information and documentation; and
- (c) governmental, legal and regulatory licences, consents and permits, as are reasonably necessary to enable Consent Kit to perform its obligations under this Agreement.
5. Customer Data
5.1 The Customer hereby grants to Consent Kit a non-exclusive, transferable, royalty-free, worldwide licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Customer Data (excluding any Customer Personal Data) to the extent reasonably required for the performance of Consent Kit’s obligations and the exercise of Consent Kit’s rights under this Agreement during the Term. The Customer also grants to Consent Kit the right to sub-license these rights to its sub-contractors in accordance with the terms of this Agreement.
5.2 The Customer warrants to Consent Kit that the Customer Data will not infringe the Intellectual Property Rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation in any jurisdiction and under any applicable law.
5.3 Consent Kit shall use reasonable endeavours to create a back-up copy of the Customer Data on a regular basis.
5.4 Within the period of five Business Day following receipt of a written request from the Customer, Consent Kit shall use all reasonable endeavours to restore to the Platform the Customer Data stored in any back-up copy created and stored by Consent Kit in accordance with Clause 5.3. The Customer acknowledges that this process will overwrite the Customer Data stored on the Platform prior to the restoration.
6. Integrations with Third Party Services
6.1 The Customer may integrate Third Party Services (e.g. software or tools which augment or enhance the Consent Kit services) with the Hosted Services at any time. For the avoidance of doubt, Consent Kit sub-processors do not fall within the scope of Third Party Services under this clause and clause 11.12 governs the appointment of sub-processors.
6.2 Consent Kit may remove, suspend or limit any Third Party Services integration at any time in its sole discretion.
6.3 The supply of Third Party Services shall be under a separate contract or arrangement between the Customer and the relevant third party. Consent Kit does not contract to supply the Third Party Services and is not a party to any contract for, or otherwise responsible in respect of, the provision of any Third Party Services. Fees may be payable by the Customer to the relevant third party in respect of the use of any applicable Third Party Services and Third Party Service integrations with the Hosted Services.
6.4 The Customer acknowledges that:
- (a) the integration of Third Party Services may entail the transfer of Customer Data from the Hosted Services to the relevant Third Party Services; and
- (b) Consent Kit has no control over, or responsibility in respect of, any disclosure, modification, deletion or other use of Customer Data resulting from any integration with any Third Party Services.
6.5 Without prejudice to its other obligations under this Clause 6, the Customer must ensure that it has in place the necessary contractual safeguards to ensure that both:
- (a) the transfer of relevant Customer Personal Data to a provider of Third Party Services is lawful; and
- (b) the use of relevant Customer Personal Data by a provider of Third Party Services is lawful.
6.7 The Customer hereby consents to the transfer of the Customer Data to the Third Party Services that it integrates with the Hosted Services.
6.8 The Customer warrants to Consent Kit that the transfer of Customer Data by Consent Kit to a provider of Third Party Services in accordance with this Clause 6 will not infringe any person’s legal or contractual rights and will not put Consent Kit in breach of any applicable laws.
6.10 Save to the extent that the parties expressly agree otherwise in writing and subject to Clause 15.1:
- (a) Consent Kit gives no warranties or representations in respect of any Third Party Services; and
- (b) Consent Kit shall not be liable to the Customer in respect of any loss or damage that may be caused by any Third Party Services or any provider of Third Party Services.
7. No assignment of Intellectual Property Rights
7.1 All Intellectual Property Rights in the Platform, the Documentation and the Services are owned by Consent Kit and its respective licensors. Subject to Clause 7.2, all inventions, developments and other new Intellectual Property Rights created pursuant to the Services shall vest in Consent Kit.
7.2 All data generated by the Platform as a result of the use of the Hosted Services by the Customer (but excluding analytics data relating to the use of the Platform and server log files) shall vest in, and be owned by, the Customer. To the extent that Consent Kit is the original owner of such Customer Data, Consent Kit hereby assigns the Intellectual Property Rights in the Customer Data to the Customer. The Customer acknowledges that such assignment shall not prevent Consent Kit from using anonymised and aggregated data relating to the Customer Data.
7.3 Except as stated in Clause 7.2 above, nothing in this Agreement shall operate to assign or transfer any Intellectual Property Rights from Consent Kit to the Customer, or from the Customer to Consent Kit.
8.1 The Customer shall ensure that all instructions given by the Customer in relation to the matters contemplated in this Agreement will be given by a Customer representative to Consent Kit, and Consent Kit:
- (a) may treat all such instructions as the fully authorised instructions of the Customer; and
- (b) may decline to comply with any other instructions in relation to that subject matter.
9. Billing, plan modifications and payments
9.1 Unless otherwise indicated in an Order referencing this Agreement and subject to Clause 9.2, all charges associated with Your access to and use of the Service (“Subscription Charges”) are due in full upon commencement of Your Subscription Term. If You fail to pay Your Subscription Charges or charges for other services indicated in any Order referencing this Agreement within five (5) business days of Our notice to You that payment is due or delinquent, or if You do not update payment information upon Our request, in addition to Our other remedies, We may suspend or terminate access to and use of the Service by You, Users and End-Users.
9.2 If You choose to upgrade Your Service Plan or increase the number of authorised Users during Your Subscription Term (a “Subscription Upgrade”), any incremental Subscription Charges associated with such Subscription Upgrade will be prorated over the remaining period of Your then-current Subscription Term, charged to Your Account and due and payable upon implementation of such Subscription Upgrade. In any future Subscription Term, Your Subscription Charges will reflect any such Subscription Upgrades.
9.3 No refunds or credits for Subscription Charges or other fees or payments will be provided to You if You elect to downgrade Your Service Plan. Downgrading Your Service Plan may cause loss of content, features, or capacity of the Service as available to You under Your Account, and Consent Kit does not accept any liability for such loss. Consent Kit reserves the right to contact You about special pricing if You maintain an exceptionally high number of Users, End-Users or other excessive stress on the Service.
9.4 Unless otherwise stated, Our charges do not include any taxes, levies, duties or similar governmental assessments, including value-added, sales, use or withholding taxes assessable by any local, state, provincial or foreign jurisdiction (collectively “Taxes”). You are responsible for paying Taxes except those assessable against Consent Kit based on its income. We will invoice You for such Taxes if We believe We have a legal obligation to do so and You agree to pay such Taxes if so invoiced.
9.5 If You pay by credit card, the Service provides an interface for the account owner to change credit card information (e.g. upon card renewal). The Account owner will receive a receipt upon each receipt of payment by Consent Kit, or they may obtain a receipt from within the Service to track subscription status. You hereby authorise Consent Kit to bill Your credit card or another payment instrument in advance on a periodic basis in accordance with the terms of the Service Plan until you terminate your Subscription, and you further agree to pay any Subscription Charges so incurred. Consent Kit uses a third-party intermediary to manage credit card processing and this intermediary is not permitted to store, retain or use Your billing information except to process Your credit card information for Consent Kit.
10. Confidentiality obligations
10.1 Consent Kit must:
- (a) keep the Customer Confidential Information strictly confidential;
- (b) not disclose the Customer Confidential Information to any person without the Customer’s prior written consent;
- (c) use the same degree of care to protect the confidentiality of the Customer Confidential Information as Consent Kit uses to protect Consent Kit’s own confidential information of a similar nature, being at least a reasonable degree of care; and
- (d) not use any of the Customer Confidential Information for any purpose other than the provision of Hosted Services.
10.2 The Customer must:
- (a) keep Consent Kit Confidential Information strictly confidential;
- (b) not disclose Consent Kit Confidential Information to any person without Consent Kit’s prior written consent, and then only under conditions of confidentiality approved in writing by Consent Kit;
- (c) use the same degree of care to protect the confidentiality of Consent Kit Confidential Information as the Customer uses to protect the Customer’s own confidential information of a similar nature, being at least a reasonable degree of care; and
- (d) not use any of Consent Kit Confidential Information for any purpose other than the use of Hosted Services.
10.3 Notwithstanding Clauses 10.1 and 10.2, a party’s Confidential Information may be disclosed by the other party to that other party’s officers, employees, professional advisers, insurers, agents and subcontractors who have a need to access the Confidential Information that is disclosed for the performance of their work with respect to this Agreement and who are bound by a written agreement or professional obligation to protect the confidentiality of the Confidential Information that is disclosed.
10.4 No obligations are imposed by this Clause 10 with respect to a party’s Confidential Information if that Confidential Information:
- (a) is known to the other party before disclosure under this Agreement and is not subject to any other obligation of confidentiality;
- (b) is or becomes publicly known through no act or default of the other party; or
- (c) is obtained by the other party from a third party in circumstances where the other party has no reason to believe that there has been a breach of an obligation of confidentiality.
10.5 The restrictions in this Clause 10 do not apply to the extent that any Confidential Information is required to be disclosed by any law or regulation, by any judicial or governmental order or request, or pursuant to disclosure requirements relating to the listing of the stock of either party on any recognised stock exchange, provided that, when permitted by the applicable law, the disclosing party is given as much prior written notice as possible of such request.
10.6 Upon the termination of this Agreement, each party must immediately cease to use the other party’s Confidential Information.
10.7 Following the termination of this Agreement, and within 5 Business Days following the date of receipt of a written request from the other party, the relevant party must destroy or return to the other party (at the other party’s option) all media containing the other party’s Confidential Information, and must irrevocably delete the other party’s Confidential Information from its computer systems (provided that it is permitted for either party to retain Confidential Information in its system back-ups, provided that it is not used for commercial purposes).
10.8 The provisions of this Clause 10 shall continue in force for a period of 5 years following the expiry or termination of this Agreement, at the end of which period they will cease to have effect.
11. Data protection
11.1 Each party shall comply with the Data Protection Laws with respect to the processing of the Customer Personal Data.
11.2 The Customer warrants to Consent Kit that it has the legal right to disclose all Personal Data that it does in fact disclose to Consent Kit under or in connection with this Agreement.
11.3 The Customer shall only supply to Consent Kit, and Consent Kit shall only process, in each case under or in relation to this Agreement:
- (a) the Personal Data of data subjects falling within the categories specified in the Data Subprocessors policy at https://consentkit.io/legal/subprocessors/ (as updated from time to time); and
- (b) Personal Data of the types specified in the Data Subprocessors policy, and as Consent Kit does not have any control over the Customer’s data protection notices, policies and terms & conditions, the Customer will indemnify and keep Consent Kit indemnified against all losses, costs, and liabilities and all expenses, including reasonable legal or other professional expenses, suffered or incurred by Consent Kit arising out of or in connection with any claim in respect of:
- (c) a breach of this Clause 11;
- (d) any liability arising whatsoever in relation to the capture, use and processing of Personal Data by the User); and
- (e) the consent of Data Subjects for the exportation of any Personal Data outside of the European Economic Area by Consent Kit under Clause 11.7.
11.4 Consent Kit shall only process the Customer Personal Data for the purposes specified in the Data Subprocessors policy.
11.5 Consent Kit shall only process the Customer Personal Data during the Term and for not more than 30 days following the end of the Term, subject to the other provisions of this Clause 11.
11.6 Consent Kit shall only process the Customer Personal Data on the documented instructions of the Customer (including with regard to transfers of the Customer Personal Data to any place outside the European Economic Area), as set out in this Agreement or any other document agreed by the parties in writing.
11.7 The Customer hereby authorises Consent Kit to make the following transfers of Customer Personal Data:
- (a) Consent Kit may transfer the Customer Personal Data internally to its own employees, offices and facilities in England and the European Union, providing that such transfers must be protected by appropriate safeguards, namely encrypted HTTPS traffic using TLS v1.2 and emails encrypted TLS;
- (b) Consent Kit may transfer the Customer Personal Data to its sub-processors in the jurisdictions identified in the Data Subprocessors policy, providing that such transfers must be protected by any appropriate safeguards identified therein; and
- (c) Consent Kit may transfer the Customer Personal Data to a country, a territory or sector to the extent that the European Commission has decided that the country, territory or sector ensures an adequate level of protection for Personal Data.
11.8 Consent Kit shall promptly inform the Customer if, in the opinion of Consent Kit, an instruction of the Customer relating to the processing of the Customer Personal Data infringes the Data Protection Laws.
11.9 Notwithstanding any other provision of this Agreement, Consent Kit may process the Customer Personal Data if and to the extent that Consent Kit is required to do so by applicable law. In such a case, Consent Kit shall inform the Customer of the legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
11.10 Consent Kit shall ensure that persons authorised to process the Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
11.11 Consent Kit and the Customer shall each implement appropriate technical and organisational measures to ensure an appropriate level of security for the Customer Personal Data, including those measures specified in the Data Subprocessors policy.
11.12 Consent Kit may engage any third party to process the Customer Personal Data without the prior specific or general written authorisation of the Customer, subject to the following provisions of this Clause 11.12. The Customer hereby provides a general written authorisation for Consent Kit to engage sub-processors on the basis that Consent Kit shall inform the Customer at least 14 days in advance of any intended changes concerning the addition or replacement of any third party processor, and if the Customer objects to any such changes before their implementation, then the Customer may terminate this Agreement on 7 days’ written notice to Consent Kit, providing that such notice must be given within the period of 7 days following the date that Consent Kit informed the Customer of the intended changes. Consent Kit shall ensure that each third party processor is subject to equivalent legal obligations as those imposed on Consent Kit by this Clause 11.
11.13 As at the Effective Date, Consent Kit is hereby authorised by the Customer to engage, as sub-processors with respect to Customer Personal Data, the third parties identified in the Data Subprocessors policy.
11.14 Consent Kit shall, insofar as possible and taking into account the nature of the processing, take appropriate technical and organisational measures to assist the Customer with the fulfilment of the Customer’s obligation to respond to requests exercising a data subject’s rights under the Data Protection Laws.
11.15 Consent Kit shall assist the Customer in ensuring compliance with the obligations relating to the security of processing of personal data, the notification of personal data breaches to the supervisory authority, the communication of personal data breaches to the data subject, data protection impact assessments and prior consultation in relation to high-risk processing under the Data Protection Laws. Consent Kit may charge the Customer for any work performed by Consent Kit at the request of the Customer pursuant to this Clause 11.15.
11.16 Consent Kit must notify the Customer of any Personal Data breach affecting the Customer Personal Data without undue delay and, in any case, not later than 48 hours after Consent Kit becomes aware of the breach.
11.17 Consent Kit shall make available to the Customer all information necessary to demonstrate the compliance of Consent Kit with its obligations under this Clause 11 and the Data Protection Laws. Consent Kit may charge the Customer for any work performed by Consent Kit at the request of the Customer pursuant to this Clause 11.17, providing that no such charges shall be levied with respect to the completion by Consent Kit (at the reasonable request of the Customer, not more than once per calendar year) of the standard information security questionnaire of the Customer.
11.18 Consent Kit shall, at the choice of the Customer, delete or return all of the Customer Personal Data to the Customer after the provision of services relating to the processing, and shall delete existing copies save to the extent that applicable law requires storage of the relevant Personal Data.
11.19 Consent Kit shall provide the Customer with any reasonably required information relating to the Customer Personal Data that is requested by the Customer from time to time. Consent Kit shall provide such information within a reasonable period following the request. No on-site rights of audit shall apply to this Agreement. Consent Kit may charge the Customer for any work performed by Consent Kit at the request of the Customer pursuant to this Clause 11.19, providing that no such charges shall be levied where the request to perform the work arises out of any breach by Consent Kit of this Agreement or any security breach affecting the systems of Consent Kit.
11.20 If any changes or prospective changes to the Data Protection Laws result or will result in one or both parties not complying with the Data Protection Laws in relation to processing of Personal Data carried out under this Agreement, then the parties shall use their best endeavours promptly to agree such variations to this Agreement as may be necessary to remedy such non-compliance.
12.1 Consent Kit warrants to the Customer that:
- (a) Consent Kit has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement;
- (b) Consent Kit will comply with all applicable legal and regulatory requirements applying to the exercise of Consent Kit’s rights and the fulfilment of Consent Kit’s obligations under this Agreement; and
- (c) Consent Kit has or has access to all necessary know-how, expertise and experience to perform its obligations under this Agreement.
12.2 Consent Kit warrants to the Customer that:
- (a) the Hosted Services will be free from Hosted Services Defects;
- (b) the application of Updates and Upgrades to the Platform by Consent Kit will not introduce any Hosted Services Defects into the Hosted Services; and
- (c) it has implemented reasonable security measures to the Platform to seek to prevent the transmission of viruses, worms, Trojan horses, ransomware, spyware, adware and other malicious software programs.
12.3 Consent Kit warrants to the Customer that the Hosted Services (excluding any Customer Data and Third Party Services), when used by the Customer in accordance with this Agreement, will not infringe the Intellectual Property Rights of any person in any jurisdiction and under any applicable law.
12.4 If Consent Kit reasonably determines, or any third party alleges, that the use of the Hosted Services by the Customer in accordance with this Agreement infringes any person’s Intellectual Property Rights, Consent Kit may at its own cost and expense:
- (a) modify the Hosted Services in such a way that they no longer infringe the relevant Intellectual Property Rights; or
- (b) procure for the Customer the right to use the Hosted Services in accordance with this Agreement.
12.5 The Customer warrants to Consent Kit that it has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement.
12.6 All of the parties’ warranties and representations in respect of the subject matter of this Agreement are expressly set out in this Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of this Agreement will be implied into this Agreement or any related contract.
13. Acknowledgements and warranty limitations
13.1 The Customer acknowledges that complex software is never wholly free from defects, errors and bugs; and subject to the other provisions of this Agreement, Consent Kit gives no warranty or representation that the Hosted Services will be wholly free from defects, errors and bugs.
13.2 The Customer acknowledges that complex software is never entirely free from security vulnerabilities; and subject to the other provisions of this Agreement, Consent Kit gives no warranty or representation that the Hosted Services will be entirely secure.
13.3 The Customer acknowledges that the Hosted Services are designed to be compatible only with the Supported Web Browsers; and Consent Kit does not warrant or represent that the Hosted Services will be compatible with any other software or systems.
13.4 The Customer acknowledges that Consent Kit will not provide any legal, financial, accountancy or taxation advice under this Agreement or in relation to the Hosted Services; and, except to the extent expressly provided otherwise in this Agreement, Consent Kit does not warrant or represent that the Hosted Services or the use of the Hosted Services by the Customer will not give rise to any legal liability on the part of the Customer or any other person.
14.1 The Customer shall indemnify and shall keep indemnified Consent Kit against any appropriate third party liabilities, damages, losses, costs and expenses (including legal expenses and amounts reasonably paid in settlement of legal claims) suffered or incurred by Consent Kit and arising directly or indirectly as a result of any breach by the Customer of this Agreement (a “Customer Indemnity Event”).
14.2 Consent Kit must:
- (a) upon becoming aware of an actual or potential Customer Indemnity Event, notify the Customer;
- (b) provide to the Customer all such assistance as may be reasonably requested by the Customer in relation to the Customer Indemnity Event;
- (c) allow the Customer the exclusive conduct of all disputes, proceedings, negotiations and settlements with third parties relating to the Customer Indemnity Event; and
- (d) not admit liability to any third party in connection with the Customer Indemnity Event or settle any disputes or proceedings involving a third party and relating to the Customer Indemnity Event without the prior written consent of the Customer, and the Customer’s obligation to indemnify Consent Kit under Clause 14.1 shall not apply unless Consent Kit complies with the requirements of this Clause 14.2.
14.3 The indemnity protection set out in this Clause 14 shall not be subject to the limitations and exclusions of liability set out in this Agreement.
14.4 For the avoidance of doubt, Consent Kit will not be entitled to duplicate any causes of action by enforcing the indemnity in clause 14.1 in addition to a breach of contract claim for the same losses.
15. Limitations and exclusions of liability
15.1 Nothing in this Agreement will) limit or exclude any liability for:
- (a death or personal injury resulting from negligence;
- (b) or fraudulent misrepresentation;
- (c) any liabilities arising under an indemnity clause in this Agreement; or
- (d) any liabilities that may not be excluded or limited under applicable law.
15.2 The limitations and exclusions of liability set out in this Clause 15 and elsewhere in this Agreement:
- (a) are subject to Clause 15.1; and
- (b) govern all liabilities arising under this Agreement or relating to the subject matter of this Agreement, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in this Agreement.
15.3 Neither party shall be liable to the other party in respect of any losses arising out of a Force Majeure Event.
15.4 Neither party shall be liable to the other party in respect of any loss of profits or anticipated savings.
15.5 Neither party shall be liable to the other party in respect of any loss of revenue or income.
15.6 Neither party shall be liable to the other party in respect of any loss of use or production.
15.7 Neither party shall be liable to the other party in respect of any loss of business, contracts or opportunities.
15.8 Neither party shall be liable to the other party in respect of any loss or corruption of any data, database or software.
15.9 Neither party shall be liable to the other party in respect of any special, indirect or consequential loss or damage.
15.10 The liability of each party to the other party under this Agreement in respect of any event or series of related events shall not exceed the greater of:
- (a) £100,000 GBP; and
- (b) the total amount paid and payable by the Customer to Consent Kit under this Agreement in the 12 month period preceding the commencement of the event or events.
16. Force Majeure Event
16.1 If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under this Agreement (other than any obligation to make a payment), that obligation will be suspended for the duration of the Force Majeure Event.
16.2 A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under this Agreement, must:
- (a) promptly notify the other party; and
- (b) inform the other party of the period for which it is estimated that such failure or delay will continue.
16.3 A party whose performance of its obligations under this Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
16.4 If a Force Majeure Event continues for a period of four weeks, the unaffected party may terminate this Agreement with immediate effect without liability upon providing written notice to the other party.
17. Cancellation and Termination
17.1 Either You or Consent Kit may elect to terminate Your Account and subscription to the Service as of the end of Your then-current Subscription Term by providing notice, in accordance with this Agreement, on or prior to the date thirty (30) days preceding the end of such Subscription Term. Unless Your Account and subscription to the Service is so terminated, Your subscription to the Service will automatically renew for a Subscription Term equivalent in length to the then expiring Subscription Term. PLEASE NOTE: we are not obligated to notify you of the Subscription Term renewal and we recommend that you diarise the renewal date in advance. Unless otherwise provided for in an Order, the Subscription Charges applicable to Your subscription to the Service for any such subsequent Subscription Term shall be Our standard Subscription Charges for the Service Plan to which You have subscribed as of the time such subsequent Subscription Term commences.
17.2 No refunds or credits for Subscription Charges or other fees or payments will be provided to You if You elect to terminate Your subscription to the Service or cancel Your Account prior to the end of Your then effective Subscription Term. Following the termination or cancellation of Your subscription to the Service and/or Account, We reserve the right to delete all Customer Data in the normal course of operation. Customer Data cannot be recovered once Your Account is cancelled.
17.3 If You terminate Your subscription to the Service or cancel Your Account prior to the end of Your then effective Subscription Term or We effect such termination or cancellation pursuant to Clause 17.5(c) or 17.4, in addition to other amounts You may owe Consent Kit, You must immediately pay any then unpaid Subscription Charges associated with the remainder of such Subscription Term. This amount will not be payable by You in the event You terminate Your subscription to the Service or cancel Your Account as a result of a material breach of this Agreement by Consent Kit, provided that You provide advance notice of such breach to Consent Kit and afford Consent Kit not less than thirty (30) days to reasonably cure such breach.
17.4 Consent Kit reserves the right to modify, suspend or terminate the Service (or any part thereof), Your Account or Your and/or Users’ and/or End-Users’ rights to access and use the Service, and remove, disable and discard any of Customer Data if We believe that You, Users or End-Users have violated this Agreement. Unless legally prohibited from doing so, Consent Kit will use commercially reasonable efforts to contact You directly via email to notify You when taking any of the foregoing actions. Consent Kit shall not be liable to You, Users, End-Users or any other third party for any such modification, suspension or discontinuation of Your rights to access and use the Service. Any suspected fraudulent, abusive, or illegal activity by You, Users or End-Users may be referred to law enforcement authorities at Our sole discretion.
17.5 In addition to Our rights as set forth in this Agreement, Consent Kit reserves the right, in Consent Kit’s reasonable discretion, to temporarily suspend Your access to and use of the Service:
- (a) during planned downtime for upgrades and maintenance to the Service (of which Consent Kit will use commercially reasonable efforts to notify You in advance both through Our forum page and a notice to Your Account owner and Users) (“Planned Downtime”);
- (b) during any unavailability caused by circumstances beyond Our reasonable control, such as, but not limited to, Force Majeure Events, technical failures beyond Our reasonable control (including, without limitation, inability to access the Internet), or acts undertaken by third parties, including without limitation, distributed denial of service attacks; or
- (c) if We suspect or detect any Malicious Software connected to Your Account or use of the Service by You, Users or End-Users. We will use commercially reasonable efforts to schedule Planned Downtime for weekends (GMT/BST time zone) and other off-peak hours.
18. Effects of termination
18.1 Upon the termination of this Agreement, all of the provisions of this Agreement shall cease to have effect, save that the following provisions of this Agreement shall survive and continue to have effect (in accordance with their express terms or otherwise indefinitely): Clauses 1, 3.10, 6.11, 9.2, 9.4, 9.5, 11, 11.1, 11.3, 11.4, 11.5, 11.6, 11.7, 11.8, 11.9, 11.10, 11.11, 11.12, 11.13, 11.14, 11.15, 11.16, 11.17, 11.18, 11.19, 11.20, 15, 16, 18, 19, 22, 23, 24, 25, 26, 27, 28 and 29.All obligations in this Agreement which expressly, or by their nature, are intended to continue beyond the termination of this Agreement (including, without termination, provisions relating to confidentiality, liability, indemnification, data protection and governing law) will survive the termination of this Agreement.
18.2 Except to the extent that this Agreement expressly provides otherwise, the termination of this Agreement shall not affect the accrued rights of either party.
18.3 Within 30 days following the termination of this Agreement for any reason:
- (a) the Customer must pay to Consent Kit any Charges in respect of Services provided to the Customer before the termination of this Agreement; and
- (b) Only where this Agreement is terminated by Consent Kit for convenience or by the Customer for a proven breach of contract by Consent Kit following a court order, Consent Kit must refund to the Customer any Charges paid by the Customer to Consent Kit in respect of Services that were to be provided to the Customer after the termination of this Agreement, without prejudice to the parties’ other legal rights.
19. Non-solicitation of personnel
19.1 Either Party must not, without the prior written consent of the other Party, either during the Term or within the period of 6 months following the end of the Term, engage, employ or solicit for engagement or employment any employee or subcontractor of Consent Kit who has been involved in any way in the negotiation or performance of this Agreement (other than by way of general advertisement).
20.1 Any notice given under this Agreement must be in writing, whether or not described as “written notice” in this Agreement.
20.2 Any notice given by the Customer to Consent Kit under this Agreement must be:
- (a) delivered personally;
- (b) sent by courier;
- (c) sent by recorded signed-for post;
- (d) sent by email;
20.3 Any notice given by Consent Kit to the Customer under this Agreement must be:
- (a) delivered personally;
- (b) sent by courier;
- (c) sent by recorded signed-for post;
- (d) sent by email;
20.4 A party receiving from the other party a notice by email must acknowledge receipt by email promptly, and in any event within 2 Business Days following receipt of the notice.
20.5 A notice will be deemed to have been received at the relevant time set out below or, where such time is not within Business Hours, when Business Hours next begin after the relevant time set out below:
- (a) in the case of notices delivered personally, upon delivery;
- (b) in the case of notices sent by courier, upon delivery;
- (c) in the case of notices sent by post, 48 hours after posting;
- (d) at the time of the sending of the email (providing that the sending party retains written evidence that the email has been sent); and
- (e) in the case of notices submitted using an online contractual notification facility, upon the submission of the notice form.
21.1 Subject to any express restrictions elsewhere in this Agreement, Consent Kit may subcontract any of its obligations under this Agreement.
21.2 Consent Kit shall remain responsible to the Customer for the performance of any subcontracted obligations.
21.3 Notwithstanding the provisions of this Clause 21 but subject to any other provision of this Agreement, the Customer acknowledges and agrees that Consent Kit may subcontract to any reputable third party hosting business the hosting of the Platform and the provision of services in relation to the support and maintenance of elements of the Platform.
22.1 The Customer hereby agrees that Consent Kit may assign, transfer or otherwise deal with Consent Kit’s contractual rights and obligations under this Agreement.
22.2 Customer may assign, sub-contract, transfer or otherwise deal with the Customer’s contractual rights and obligations under this Agreement provided that it has obtained Consent Kit’s prior written consent.
23. No waivers
23.1 No breach of any provision of this Agreement will be waived except with the express written consent of the party not in breach.
23.2 No waiver of any breach of any provision of this Agreement shall be construed as a further or continuing waiver of any other breach of that provision or any breach of any other provision of this Agreement.
24.1 If a provision of this Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect.
24.2 If any unlawful and/or unenforceable provision of this Agreement would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.
25. Third party rights
25.1 This Agreement is for the benefit of the parties, and is not intended to benefit or be enforceable by any third party.
25.2 The exercise of the parties’ rights under this Agreement is not subject to the consent of any third party.
26.1 Consent Kit reserves the right at any time to modify this Agreement or the Services and to impose new or additional terms or conditions. If the User continues to use the Services after being notified of any such modification or additional terms, the User will be deemed to have accepted these changes and they will be incorporated into this Agreement.
26.2 Subject to Clause 26.1, this Agreement may not be varied except by means of a written document signed by or on behalf of each party.
27. Entire agreement
27.1 The main body of this Agreement and the Schedules shall constitute the entire agreement between the parties in relation to the subject matter of this Agreement, and shall supersede all previous agreements, arrangements and understandings between the parties in respect of that subject matter.
27.2 Neither party will have any remedy in respect of any misrepresentation (whether written or oral) made to it upon which it relied in entering into this Agreement.
27.3 The provisions of this Clause 27 are subject to Clause 27.1.
28. Law and jurisdiction
28.1 This Agreement shall be governed by and construed in accordance with English law.
28.2 Any disputes relating to this Agreement shall be subject to the exclusive jurisdiction of the courts of England and Wales.
29.1 In this Agreement, a reference to a statute or statutory provision includes a reference to:
- (a) that statute or statutory provision as modified, consolidated and/or re-enacted from time to time; and
- (b) any subordinate legislation made under that statute or statutory provision.
29.2 The Clause headings do not affect the interpretation of this Agreement.
29.3 References in this Agreement to “calendar months” are to the 12 named periods (January, February and so on) into which a year is divided.
29.4 In this Agreement, general words shall not be given a restrictive interpretation by reason of being preceded or followed by words indicating a particular class of acts, matters or things.