1.1 The following definitions and rules of interpretation apply in the Contract:
Applicable Law means all applicable laws, statutes and regulations from time to time in force;
Authorised Users means those employees, agents and independent contractors of the Client who are authorised by the Client to use the Services and the Documentation;
Business Day means a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business;
Business Hours means 9.00 am to 5.00 pm UK time on a Business Day;
Charges means the Subscription Fees, Overage Charges, RFA Service Charges and any other fees or charges payable under this Contract;
Client Data means the data inputted by the Client or Authorised Users for the purpose of using the Services, excluding any RFA Data, Derived Materials, aggregated data, anonymised data, or data independently obtained, generated, or derived by RFA;
Client Materials means any graphics, information, text, software coding and other materials provided by or behalf of the Client to RFA for the purpose of receiving RFA Services;
Commencement Date means the date the Contract is entered into as stated in the relevant Order Form;
Conditions means these terms and conditions set out in clause 1 (Definitions) to clause 17 (General);
Contract means, in relation to any SaaS Services or RFA Services, the Conditions and the relevant Order Form;
Controller, processor, personal data and processing have the meanings set out in the Data Protection Legislation.
Data Protection Legislation means all applicable data protection and privacy legislation in force from time to time in the UK including the UK GDPR, the Data Protection Act 2018 (and regulations made thereunder), the Data (Use and Access) Act 2025, the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended from time to time and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of personal data (including, without limitation, the privacy of electronic communications);
Deliverable means any and all sets of RFA Data, data analysis, report or other output, product or service, as required to be delivered by RFA to the Client, as specified in the Order Form and/or these Conditions;
Derived Materials means any dataset, analysis, report or other output which the Client produces using one or more Deliverables or any RFA Data, and / or other data or material within a Deliverable;
Documentation means the document(s) and other materials made available to the Client by RFA online via the Software or such other web address notified by RFA to the Client from time to time which sets out a description of the SaaS Services and the user instructions for the SaaS Services;
Go-Live Date means the date on which the SaaS Services are to commence as set out in the relevant Order Form;
ID&V Data means personal data provided by the Client to RFA in relation to the ID&V Service;
ID&V Service means any identity and verification services provided by RFA as part of the SaaS Services, involving the processing of ID&V Data to verify the identity of individuals on behalf of the Client;
Initial Term means the initial term of the SaaS Services as set out in the relevant Order Form;
Intellectual Property Rights means patents, utility models, rights to inventions, copyright and neighbouring and related rights, moral rights, trade marks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing off or unfair competition, rights in designs, rights in computer software, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how and trade secrets) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;
Order Form means each order form entered into between the parties in relation to SaaS Services (including orders for additional User Subscriptions), or, in relation to RFA Services, as set out in clause 2.2;
Overage Charges means payments charged by RFA if the Client exceeds any Usage Limit set out in the relevant Order Form;
Quality Assurance Process means the current quality assurance process applied by RFA (which includes any relevant audit requirement as specified within the Terms and Conditions) at the time at which the Deliverables are produced and provided to the Client;
Renewal Term means the period described in clause 2.1;
RFA Data means all data, information, records and materials collected, generated, processed, derived and/or stored by RFA independently of this Contract or through the provision of Services, including but not limited to business records, financial information, proprietary algorithms, intellectual property, trade secrets, RFA Personal Data, employee information, operational data, aggregated data, analytical results, and any other confidential or sensitive information in any format (electronic, paper, or otherwise);
RFA Personal Data means any personal data which is collected, generated, processed, derived and/or stored by RFA independently of this Contract or through the provision of Services;
RFA Service Charges means the charges for any RFA Services, as set out in the relevant Order Form;
RFA Services means, as set out in an Order Form any additional services to be provided by RFA to the Client during the Term, including development, white-labelling and consultancy services, and the provision of documents, reports, software, applications, specifications, projects, programming packages or software development tools, including any application programming interfaces, libraries or sample code provided by RFA to the Client for the development of applications or extensions that operate with or connect to the Software, as agreed between the parties;
SaaS Services means the subscription services to the Software and associated services provided by RFA to the Client from the Go-Live Date, as more particularly described in the relevant Order Form and including the Documentation and RFA's standard Client support services provided during Business Hours in accordance with clause 3.9;
Services means the SaaS Services and any RFA Services;
Software means the online software applications provided by RFA as part of the Services;
Specification means the description of the types and particulars of the RFA Services and the Deliverables, as well as any other applicable conditions, provided in writing by RFA to the Client;
Subscription Fees means the subscription fees payable by the Client to RFA for the User Subscriptions, as set out in an Order Form;
Support Services Policy means RFA's policy for providing support in relation to the Services during Business Hours as made available at such website address as may be notified to the Client from time to time, with additional support services available for purchase;
Term has the meaning given in clause 15.1 (being the Initial Term together with any subsequent Renewal Terms);
UK GDPR has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018;
Usage Limits means the limits on the Client's use of the Services as set out in the Order Form, including but not limited to limits on API calls, searches, reports, and any other usage parameters;
User Subscriptions means the user subscriptions purchased by the Client pursuant to clause 3.1 which entitle Authorised Users to access and use the SaaS Services and the Documentation in accordance with the Contract;
Virus means any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices; and
Vulnerability means a weakness in the computational logic (for example, code) found in software and hardware components that when exploited, results in a negative impact to the confidentiality, integrity, or availability the Services, and the term Vulnerabilities shall be interpreted accordingly.
1.2 Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular and a reference to one gender shall include a reference to the other genders.
1.3 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of the Contract and shall include all subordinate legislation made as at the date of the Contract under that statute or statutory provision.
1.4 A reference to writing or written includes email but not fax.
1.5 If there is any conflict or ambiguity between the Order Form and the Conditions, the Order Form shall have priority over the Conditions.
2.1 The Contract for SaaS Services shall commence on the Commencement Date and shall continue for the Initial Term and unless otherwise terminated in accordance with clause 15 (Termination), the Contract shall be automatically renewed for successive periods of the same length each as the Initial Term (each a Renewal Term and the Initial Term and any Renewal Terms being the Term), unless either party gives to the other party written notice of termination at least 90 (ninety) days before the end of the Initial Term or any Renewal Term in which case the Contract shall terminate upon the expiry of the applicable Initial Term or Renewal Term.
2.2 The Client may request RFA to provide RFA Services during the Term. RFA will provide an Order Form to the Client setting out the details of RFA Services and the Charges, and the Client may agree such Order Form in writing. The term of any RFA Services will be from the date set out in that Order Form and continue throughout the rest of the Term, unless otherwise set out in the relevant Order Form.
3.1 RFA shall, from the Go-Live Date and during the Term, grant to the Client a non-exclusive, non-transferable right and licence, without the right to grant sublicences, to permit the Authorised Users (as may be increased by way of an additional Order Form for additional User Subscriptions, being effective from the date set out in that Order Form) to use the SaaS Services solely for the Client's internal business operations.
3.2 The rights provided under clause 3.1 are granted to the Client only, and shall not be considered granted to any subsidiary or holding company of the Client or to any other third party.
3.3 RFA shall use commercially reasonable endeavours to make the SaaS Services available 24 hours a day, seven days a week, except for:
3.3.1 planned maintenance carried out during the maintenance window of 10.00 pm to 2.00 am UK time;
3.3.2 unscheduled maintenance performed outside Business Hours, and RFA shall use reasonable endeavours to give the Client at least six (6) Business Hours' notice in advance of any unscheduled maintenance; and
3.3.3 any downtime caused by third party service providers or their systems which are beyond RFA's reasonable control.
3.4 RFA warrants that the SaaS Services will be performed in accordance with reasonable care and skill and in accordance with all Applicable Law. This warranty is in lieu of all other express or implied warranties or conditions, and all other warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by Applicable Law, excluded from the Contract including, but not limited to, implied warranties or conditions of satisfactory quality, fitness for a particular purpose, and non-infringement.
3.5 RFA does not warrant that:
3.5.1 the Client's use of the SaaS Services will be uninterrupted or error-free;
3.5.2 the SaaS Services and/or the information obtained by the Client through the SaaS Services will meet the Client's requirements; or
3.5.3 the Software or the SaaS Services will be free from Viruses.
3.6 RFA is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Client acknowledges that the SaaS Services may be subject to limitations, delays and other problems inherent in the use of such communications facilities.
3.7 The Contract shall not prevent RFA from entering into similar contracts with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to any of the Services.
3.8 RFA warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under the Contract.
3.9 RFA will, as part of the SaaS Services and at no additional cost to the Client, provide the Client with RFA's standard Client support services during Business Hours in accordance with RFA's Support Services Policy in effect at the time that the Services are provided. RFA may amend the Support Services Policy in its sole and absolute discretion from time to time upon 30 days' prior written notice to the Client, except that any such amendments shall not materially reduce the level of support services to the Client's detriment. The Client may purchase enhanced support services separately at RFA's then current rates.
4.1 Subject to the Client purchasing the User Subscriptions in accordance with clause 2.1 and clause 5.3, the restrictions set out in this clause 4 and the other terms and conditions of the Contract, RFA hereby grants to the Client a non-exclusive, non-transferable right and licence, without the right to grant sublicences, to permit the Authorised Users to access and use the Services and the Documentation during the Term solely for the Client's internal business operations.
4.2 In relation to the Authorised Users, the Client undertakes that:
4.2.1 the maximum number of Authorised Users that it authorises to access and use the Services and the Documentation shall not exceed the number of User Subscriptions it has purchased from time to time;
4.2.2 it will not allow or suffer any User Subscription to be used by more than one individual Authorised User unless it has been reassigned in its entirety to another individual Authorised User, in which case the prior Authorised User shall no longer have any right to access or use the Services and/or Documentation;
4.2.3 each Authorised User shall keep a secure password for their use of the Services and Documentation, that such password shall be changed regularly in accordance with RFA's instructions and that each Authorised User shall keep their password confidential;
4.2.4 it shall permit RFA or RFA's designated auditor to audit, upon 10 (ten) Business Days' written notice during Business Hours, its usage of the SaaS Services and compliance with the Contract, including but not limited to establishing the name and password of each Authorised User, reviewing the Client's data processing facilities, and examining relevant records. In cases of suspected material breach or unauthorised access, RFA may conduct such audit upon 24 hours' notice. The Client shall provide all reasonable assistance and access required for such audits;
4.2.5 if any of the audits referred to in clause 4.2.4 reveal that any password has been provided to any individual who is not an Authorised User, then without prejudice to RFA's other rights, the Client shall promptly disable such passwords and RFA shall not issue any new passwords to any such individual; and
4.2.6 if any of the audits referred to in clause 4.2.4 reveal that the Client has underpaid Subscription Fees to RFA, then without prejudice to RFA's other rights, the Client shall pay to RFA an amount equal to such underpayment as calculated in accordance with the prices set out in the Order Form within ten (10) Business Days of the date of the relevant audit. RFA's audit rights under clause 4.2.4 shall survive termination of the Contract for a period of two (2) years to enable RFA to identify any unauthorised use of the Services or RFA Data following termination. If any such audit reveals unauthorised use, the Client shall pay RFA the equivalent of one full year's Charges at the rates applicable immediately prior to termination.
4.3 The Client shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Services that:
4.3.1 is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;
4.3.2 facilitates illegal activity;
4.3.3 depicts sexually explicit images;
4.3.4 promotes unlawful violence;
4.3.5 is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability; or
4.3.6 is otherwise illegal or causes damage or injury to any person or property;
and RFA reserves the right, without liability or prejudice to its other rights to the Client, to disable the Client's access to any material that breaches the provisions of this clause.
4.4 The Client shall not:
4.4.1 except as may be allowed by any Applicable Law which is incapable of exclusion by agreement between the parties and except to the extent expressly permitted under this Agreement:
a) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software, the Services, Documentation and/or Derived Materials (as applicable) in any form or media or by any means; or
b) attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software or the Services; or
4.4.2 access all or any part of the Services and Documentation in order to build a product or service which competes with the Services and/or the Documentation; or
4.4.3 use the Services and/or Documentation to provide services to third parties; or
4.4.4 subject to clause 18.8.1, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party except the Authorised Users, or
4.4.5 attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as provided under this clause 3; or
4.4.6 introduce or permit the introduction of, any Virus or Vulnerability into the Services or RFA's network and information systems.
4.5 The Client shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify RFA.
4.6 RFA reserves the right, without liability to the Client or without prejudice to RFA's other rights and remedies, to disable the Client's or any Authorised Users access to or use of the SaaS Services or the Software where such usage is in breach of clause 4.3 or otherwise materially breaches the Contract.
4.7 The rights provided under this clause 3 are granted to the Client only, and shall not be considered granted to any subsidiary or holding company of the Client.
5.1 Subject to clause 5.2 and clause 5.3, the Client may, from time to time during any Term, purchase additional User Subscriptions in excess of the number set out in the Order Form and RFA shall grant access to the Services and the Documentation to such additional Authorised Users in accordance with the provisions of this Agreement.
5.2 If the Client wishes to purchase additional User Subscriptions, the Client shall notify RFA in writing. RFA shall evaluate such request for additional User Subscriptions and respond to the Client with approval or rejection of the request. Where RFA approves the request, RFA shall activate the additional User Subscriptions within five (5) Business Days of its approval of the Client's request.
5.3 If RFA approves the Client's request to purchase additional User Subscriptions, the Client shall, within 30 (thirty) days of the date of RFA's invoice, pay to RFA the relevant fees for such additional User Subscriptions as set out in the Order Form and, if such additional User Subscriptions are purchased by the Client part way through the Initial Term or any Renewal Term (as applicable), such fees shall be pro-rated from the date of activation by RFA for the remainder of the Initial Term or then current Renewal Term (as applicable).
6.1 RFA shall use all commercially reasonable endeavours to meet any performance dates specified in an Order Form in relation to RFA Services and the supply of Deliverables, but any such dates shall be estimates only and time for performance by RFA shall not be of the essence of the Contract.
6.2 RFA warrants that:
6.2.1 it shall perform the RFA Services materially in accordance with any agreed Specification;
6.2.2 it will perform the RFA Services in accordance with generally accepted good industry practice; and
6.2.3 its performance of the RFA Services will be in compliance with all Applicable Law.
6.3 The warranties set out in clause 6.2 are in lieu of all other express or implied warranties or conditions, including implied warranties or conditions of satisfactory quality and fitness for a particular purpose.
6.4 RFA shall provide all Deliverables to the Client in the format and in accordance with the Specification set out in the Order Form. RFA reserves the right, at its sole discretion, to amend the Specification and/or provide data in RFA's standard format if such changes are deemed necessary as a result of any Quality Assurance Process or for technical, operational, or legal compliance reasons.
6.5 RFA shall notify the Client as soon as is reasonably practical of any decision taken to amend the Specification or format of any Deliverables as a result of the Quality Assurance Process.
6.6 It is the Client's obligation to ensure that the Deliverables are fully described within the Order Form and are appropriate and sufficient to meet its requirements. There will be no refund, credit, replacement, or other remedy available to the Client if any component or part of the Deliverables does not meet the Client's expectations, needs, or intended use, or if the Client does not use any of the data, materials, or services included in the Deliverables, provided that the Deliverables have been provided substantially in accordance with the Order Form. The Client acknowledges that it has had the opportunity to review and approve the Specification before entry into the Contract.
7.1 The Client shall:
7.1.1 provide RFA with all necessary co-operation, including access to such information as may be required by RFA in order to provide the Services and evaluate the Client's compliance with the Contract, such information to include but not be limited to security access information and configuration information, and the Client shall ensure that any such information is complete, accurate and not misleading;
7.1.2 ensure that RFA and its sub-contractors and their respective staff, agents and representatives receive (for no charge) access to suitably knowledgeable or experienced personnel of the Client;
7.1.3 ensure that the specification for any RFA Services and the content of any Order Form is complete, accurate and not misleading;
7.1.4 without affecting its other obligations under the Contract, comply with all Applicable Law with respect to its activities under or in connection with the Contract;
7.1.5 use the Deliverables in accordance with all Applicable Law;
7.1.6 carry out all other Client responsibilities set out in an Order Form in a timely and efficient manner;
7.1.7 ensure that Authorised Users access and use the Services in accordance with the Contract and shall be responsible for any Authorised User's breach of the Contract;
7.1.8 keep and maintain all materials, equipment, documents and other property of RFA (if any) from time to time in safe custody and in good condition until returned to RFA;
7.1.9 obtain and maintain all necessary licences, consents, and permissions necessary for RFA to perform the Services and make SaaS Services available to its Authorised Users;
7.1.10 ensure that its network and systems comply with the relevant specifications and system requirements provided by RFA from time to time; and
7.1.11 be solely responsible for procuring, maintaining and securing its network connections and telecommunications links from its systems to RFA's data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Client's network connections or telecommunications links or caused by the internet.
7.2 Any failure by the Client to comply with its obligations set out in the Contract including but not limited to those at clause 7.1 may result in a delay in the delivery of Services, a lack of availability or functionality of SaaS Services or an increase in Charges. RFA shall notify the Client in advance of any such delay, lack of availability or increase.
8.1 The Client acknowledges that the Services are subject to the Usage Limits set out in the Order Form. The Client agrees not to exceed such Usage Limits and to use the Services in a manner that does not:
8.1.1 generate, store, or transmit unusually large volumes of data that could degrade the performance of the Services for other users;
8.1.2 involve automated scraping, bulk data extraction, or systematic downloading of data beyond normal business use;
8.1.3 use automated tools, scripts, or bots to extract data from the Services; or
8.1.4 otherwise adversely impact the availability or performance of the Services for RFA or other users.
8.2 RFA shall monitor usage of the Services and may use automated systems to detect breaches of Usage Limits, including data scraping and excessive usage. Upon detecting or reasonably suspecting such breaches, RFA may take the following actions:
8.2.1 notify the Client in writing of such breach and require remedial action within seven (7) Business Days;
8.2.2 charge additional fees for excess usage in accordance with the rates set out in the Order Form;
8.2.3 impose temporary restrictions on access to the Services;
8.2.4 immediately revoke access to the Software in cases of serious breaches including suspected data scraping; and/or
8.2.5 terminate the Contract in accordance with clause 15 (Term and termination).
8.3 The Client may roll over unused credits up to a maximum of 20% of their monthly allowance to the following month, provided that: (a) the Client is up to date with all payments under the Contract; and (b) the Client has at least 12 months remaining on the Initial Term or current Renewal Term. Credits may only be rolled over once and cannot be carried forward beyond the immediately following month.
8.4 Where the Client exceeds Usage Limits in any three (3) months within a rolling six-month period, RFA shall have the right to require an immediate renegotiation of the Contract terms. If the parties fail to reach agreement within thirty (30) days, RFA may terminate the Contract upon written notice.
8.5 Where the Client breaches Usage Limits or where RFA reasonably believes data scraping has occurred, RFA may: (a) for minor breaches, require the Client to reduce usage to conform to the contractual limits within seven (7) Business Days of written notice; (b) charge Overage Charges in accordance with the rates specified in the Order Form; (c) for serious breaches including suspected data scraping, immediately revoke system access without prior notice; or (d) terminate the Contract in accordance with clause 15 (Term and termination). If RFA chooses option (a) and the Client fails to comply within the specified timeframe, RFA may immediately revoke system access or terminate the Contract without further notice. RFA may conduct an audit of the Client's usage at the Client's cost upon at least 10 (ten) Business Days' written notice, and the Client shall provide all reasonable assistance and access required for such audit.
9.1 In consideration of the provision of the Services by RFA, the Client shall pay the Charges detailed in and on the basis and dates set out in the relevant Order Form(s).
9.2 Overage Charges shall be calculated after the end of each month and RFA shall notify the Client in writing of any Overage Charges payable and provide an invoice for such Overage Charges.
9.3 The Client shall pay each invoice submitted to it by RFA within 30 days of receipt to a bank account nominated in writing by RFA from time to time. Time of payment shall be of the essence of the Contract.
9.4 The Client may only dispute an invoice:
9.4.1 within the first 10 days of the due date for the invoice; and
9.4.2 only to the extent that the invoice is incorrectly calculated in respect of the Charges and/or the sum of VAT.
9.5 Without prejudice to any other right or remedy that it may have, if the Client fails to pay RFA any sum due under the Contract on the due date:
9.5.1 RFA may, without liability to the Client, disable the Client's passwords, accounts and access to all or part of the SaaS Services and RFA shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid; and
9.5.2 the Client shall pay interest on the overdue sum from the due date until payment of the overdue sum, whether before or after judgment. Interest under this clause 9.5.2 will accrue each day at 4% a year above the Bank of England's base rate from time to time, but at 4% a year for any period when that base rate is below 0%.
9.6 All amounts and fees stated or referred to in the Contract:
9.6.1 are exclusive of VAT, and the Client shall in addition pay an amount equal to any VAT chargeable on those sums on delivery of a VAT invoice; and
9.6.2 shall be paid in full without any set-off, counterclaim, deduction or withholding (other than any deduction or withholding of tax as required by law).
9.7 RFA shall be entitled to increase the Charges annually by the greater of (i) the percentage increase in the Consumer Price Index (CPI) over the preceding 12-month period plus 3%, or (ii) 6%, upon 30 days' written notice to the Client..
10.1 The Client acknowledges and agrees that:
10.1.1 RFA and/or its licensors shall retain ownership of all Intellectual Property Rights in the Services, Software, Documentation, RFA Data and Deliverables (the RFA IPRs) and except as expressly stated herein, the Contract does not grant the Client any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of the RFA IPRs;
10.1.2 the Client shall retain ownership of its Intellectual Property Rights in the Client Data and in any Client Materials (the Client IPRs); and
10.1.3 all new Intellectual Property Rights created in connection with the Services (other than the Client IPRs) shall be classified as RFA IPRs and belong to RFA and/or its licensors unless specifically agreed otherwise in an Order Form.
10.2 Subject to the Client's compliance with this Contract, RFA grants the Client a non-exclusive, non-transferable, revocable licence to use the RFA IPRs solely for the purpose of receiving and using the Services during the Term.
10.3 In relation to the Client IPR:
10.3.1 the Client and its licensors shall retain ownership of all Client IPR; and
10.3.2 the Client grants RFA a fully paid-up, non-exclusive, royalty-free, non-transferable licence to use, copy and modify the Client IPR for the Term for the purpose of providing the Services to the Client.
10.4 The Client shall not transmit, sell, licence, distribute, or otherwise make available any outputs derived from the Services or Deliverables to any third party, except: (a) to regulators who have lawfully requested access pursuant to their statutory powers; or (b) as expressly permitted elsewhere in this Contract.
10.5 The Client shall not, without RFA's prior written consent, use any Derived Materials for any purpose other than the Client's internal business operations, including but not limited to: (a) creating commercial products or services based on or incorporating Derived Materials; (b) licensing, selling, or otherwise commercialising Derived Materials or any analysis, insights, or conclusions derived therefrom; (c) combining Derived Materials with third-party data to create new datasets for commercial exploitation; or (d) using Derived Materials to compete with RFA or to develop competing services or products.
10.6 The Client acknowledges that any Derived Materials remain subject to RFA's underlying Intellectual Property Rights in the RFA Data and Services, and the Client's rights to use Derived Materials are limited to those expressly granted in this Contract.
10.7 RFA may audit the Client's use of Derived Materials upon 30 (thirty) Business Days' written notice to ensure compliance with the restrictions set out in this clause, and the Client shall provide all reasonable assistance and access required for such audits.
10.8 The Client:
10.8.1 warrants that the receipt and use of the Client IPRs by RFA, its agents, subcontractors or consultants in accordance with clause 10.3.2 shall not infringe the rights, including any Intellectual Property Rights, of any third party; and
10.8.2 shall indemnify RFA in full against all liabilities, costs, expenses, damages and losses (including any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs (calculated on a full indemnity basis) and all other reasonable professional costs and expenses) suffered or incurred by RFA arising out of or in connection with the Client's use of the Services and/or any output of the Services, provided that:
a) the Client is given prompt notice of any such claim;
b) RFA provides reasonable co-operation to the Client in the defence and settlement of such claim, at the Client's expense; and
c) the Client is given sole authority to defend or settle the claim.
10.9 RFA shall defend the Client against any claim that the Client's use of the Services or their outputs (other than any which are provided by third parties) in accordance with the Contract infringe any Intellectual Property Rights of any third party, and shall indemnify the Client for any amounts awarded against the Client in judgment or settlement of such claims, provided that:
10.9.1 RFA is given prompt notice of any such claim;
10.9.2 the Client does not make any admission, or otherwise attempt to compromise or settle the claim and provides reasonable co-operation to RFA in the defence and settlement of such claim, at RFA's expense; and
10.9.3 RFA is given sole authority to defend or settle the claim.
10.10 In the defence or settlement of any claim, RFA may procure the right for the Client to continue using the Services, replace or modify the Services so that they become non-infringing or, if such remedies are not reasonably available, terminate the Contract on two Business Days' notice to the Client without any additional liability or obligation to pay liquidated damages or other additional costs to the Client.
10.11 In no event shall RFA, its employees, agents and sub-contractors be liable to the Client to the extent that the alleged infringement is based on:
10.11.1 a modification of the Services by anyone other than RFA; or
10.11.2 the Client's use of the Services in a manner contrary to the instructions given to the Client by RFA; or
10.11.3 the Client's use of the Services after notice of the alleged or actual infringement from RFA or any appropriate authority.
11.1 Each party shall comply with all the applicable requirements of the Data Protection Legislation. This clause 11 is in addition to, and does not relieve, remove or replace a party's obligations under the Data Protection Legislation.
11.2 The parties agree that:
11.2.1 the Client shall be the controller of the Client Data;
11.2.2 RFA shall be the controller of RFA Personal Data and any personal data processed in connection with the Services, except that RFA shall act as processor in relation to Client Data processed for the ID&V Service; and
11.2.3 Where RFA Personal Data is downloaded or exported by the Client to the Client's own systems for the Agreed Purposes, the Client shall act as an independent controller in respect of such downloaded or exported RFA Personal Data, provided that:
a) such use remains subject to the usage restrictions in clause 4 and clauses 10.4 to 10.6; and
b) the Client complies with all obligations under clause 11.5.
11.3 As controller of RFA Personal Data, RFA may make such data available to the Client for the purpose of providing the Services (the Agreed Purposes).
11.4 RFA agrees to, in relation to the RFA Personal Data:
11.4.1 comply with all the obligations imposed on a controller under the Data Protection Legislation;
11.4.2 ensure that it has all necessary notices and consents and lawful bases in place to enable lawful sharing of the RFA Personal Data with the Client for the Agreed Purposes; and
11.4.3 ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the RFA Personal Data and against accidental loss or destruction of, or damage to, the RFA Personal Data.
11.5 Where it receives or accesses RFA Personal Data, the Client shall in relation to its receipt and use of such RFA Personal Data:
11.5.1 comply with all applicable requirements of the Data Protection Legislation in relation to its use of RFA Personal Data;
11.5.2 ensure that it has all necessary lawful bases in place to enable lawful use of the RFA Personal Data for the Agreed Purposes;
11.5.3 ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of the RFA Personal Data and against accidental loss or destruction of, or damage to, the RFA Personal Data; and
11.5.4 not transfer any RFA Personal Data outside the UK or EEA unless the transfer is in accordance with the Data Protection Legislation.
12.1 Relationship of the parties: The Client and RFA agree and acknowledge that for the purpose of the Data Protection Legislation, in relation to ID&V Data only: (i) the Client is the controller and RFA is the processor; and (ii) each party will comply with its obligations under the Data Protection Legislation with respect to the processing of ID&V Data.
12.2 Details of processing: The Annex describes the subject matter, duration, nature and purpose of the processing and the personal data categories and data subject types in respect of which RFA may process the ID&V Data to perform its obligations under the Contract.
12.3 Compliance with instructions: RFA shall only process ID&V Data to the extent, and in such a manner, as is necessary for the ID&V Service in accordance with the Client's written instructions. RFA shall promptly notify the Client if, in its opinion, the Client's instructions do not comply with the Data Protection Legislation.
12.4 Confidentiality: RFA shall maintain the confidentiality of ID&V Data and will not disclose ID&V Data to third parties unless the Client specifically authorises the disclosure in writing, or as required by Applicable Law. If Applicable Law requires RFA to disclose ID&V Data to a third party, RFA must first inform the Client and give the Client an opportunity to object or challenge the requirement, unless Applicable Law prohibits the giving of such notice.
12.5 Assistance: RFA shall assist the Client, at the Client's reasonable cost, with meeting the Client's obligations under the Data Protection Legislation in relation to ID&V Data, taking into account the nature of RFA's processing of ID&V Data and the information available to RFA in relation to such ID&V Data.
12.6 Employees: RFA will ensure that all of its employees are informed of the confidential nature of ID&V Data and are bound by confidentiality obligations and use restrictions in respect of ID&V Data and are aware both of RFA's duties and their personal duties and obligations under the Data Protection Legislation and this Contract.
12.7 Termination: RFA shall on request by the Client provide a copy of all ID&V Data to the Client at the end of the Term.
12.8 Audit Rights: RFA shall maintain complete and accurate records and information to demonstrate its compliance with this clause 12 and, at the Client's reasonable expense allow for audits by the Client or the Client's designated auditor, at no more than 12 monthly intervals unless (a) there has been a breach of this clause 12 or (b) any audit has revealed a material non-compliance by RFA of its obligations under Data Protection Legislation where audits may be conducted as frequently as reasonably required by the Client to satisfy itself of RFA's compliance with this clause 12.
12.9 Security measures: RFA shall implement appropriate technical and organisational measures against unauthorised or unlawful processing, access, copying, modification, reproduction, display or distribution of ID&V Data, and against accidental or unlawful loss, destruction, alteration, disclosure or damage of ID&V Data, including as appropriate:
12.9.1 the pseudonymisation and encryption of ID&V Data;
12.9.2 the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
12.9.3 the ability to restore the availability and access to ID&V Data in a timely manner in the event of a physical or technical incident; and
12.9.4 a process for regularly testing, assessing and evaluating the effectiveness of the security measures.
12.10 Personal Data Breaches
12.10.1 Notification: If RFA becomes aware of a personal data breach in relation to ID&V Data, RFA will notify the Client without undue delay and in any event no later than 48 hours after becoming so aware. RFA will not inform any third party of any accidental, unauthorised or unlawful processing of all or part of ID&V Data and/or a personal data breach without first obtaining the Client's written consent, except when required to do so by Applicable Law.
12.10.2 Assistance: RFA will reasonably co-operate with the Client in the Client's handling of a personal data breach in relation to ID&V Data, including but not limited to taking reasonable steps to mitigate the effects and to minimise any damage resulting from the personal data breach.
12.10.3 Handling of the personal data breach: RFA agrees that the Client has the sole right to determine whether to provide notice of the accidental, unauthorised or unlawful processing and/or the personal data breach to any data subjects, regulators, law enforcement agencies or others, as required by Applicable Law or in the Client's discretion, including the contents and delivery method of the notice.
12.11 International transfers: RFA shall not transfer any ID&V Data outside of the UK without the Client's prior written authorisation unless the following conditions are fulfilled:
12.11.1 the transfer is to a territory which is subject to adequacy regulations under the Data Protection Legislation that the territory provides adequate protection for the privacy rights of data subjects and the territory has been identified in writing to the Client;
12.11.2 RFA participates in a valid cross-border transfer mechanism under the Data Protection Legislation, so that RFA and where appropriate the Client can ensure that appropriate safeguards are in place to ensure an adequate level of protection with respect to the privacy rights of data subjects, as required by the Data Protection Legislation; or
12.11.3 the transfer otherwise complies with the Data Protection Legislation for reasons set out in writing by RFA and agreed by the Client.
12.12 Permitted sub-processors: The Client provides its general written authorisation to RFA to authorise third party sub-processors to process ID&V Data. The sub-processors currently engaged by RFA are set out at the Annex. RFA shall inform the Client in writing of any sub-processors that it intends to engage and any intended changes concerning the addition or replacement of any sub-processors by updating the Annex and making the updated version available to the Client via the Software giving the Client the opportunity to object to such changes.
12.13 Sub-processor obligations:
12.13.1 Where RFA sub-contracts its processing of ID&V Data to a third party in accordance with paragraph 12.12 above, RFA shall:
a) ensure that any such third party is subject to the same or substantially the same data protection obligations as RFA as set out in this clause 12, including relevant audit rights;
b) obtain sufficient guarantees from any such third party that they will implement appropriate technical and organisational measures in such a manner that the processing of personal data by such third party will meet the requirements of Data Protection Legislation; and
c) remain liable to the Client for any processing of personal data by any such third party.
12.14 Data Subject rights:
12.14.1 Notification: RFA shall promptly notify the Client if it receives any complaint, notice or communication that relates directly or indirectly to the processing of ID&V Data or to either party's compliance with the Data Protection Legislation in relation to ID&V Data.
12.14.2 Assistance: RFA shall provide such assistance to the Client as the Client may reasonably require, to enable the Client to comply with the rights of data subjects under the Data Protection Legislation in relation to ID&V Data.
12.14.3 Return or deletion of ID&V Data: At the written direction of the Client, RFA shall delete or return (at the discretion of the Client) ID&V Data and copies thereof to the Client unless required by Applicable Law to store ID&V Data.
13.1 The Client acknowledges that the SaaS Services may enable or assist it to access the website content of, correspond with, and purchase products and services from, third parties via third-party websites and that it does so solely at its own risk. RFA makes no representation, warranty or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any such third-party website, or any transactions completed, and any contract entered into by the Client, with any such third party. Any contract entered into and any transaction completed via any third-party website is between the Client and the relevant third party, and not RFA. RFA recommends that the Client refers to the third party's website terms and conditions and privacy policy prior to using the relevant third-party website. RFA does not endorse or approve any third-party website nor the content of any of the third-party website made available via the Services.
13.2 Where the Services depend on or incorporate third party services, the Client acknowledges that such services may be subject to additional terms and conditions imposed by the third party providers. RFA shall provide reasonable notice to the Client of any material third party terms that directly affect the Client's use of the Services. The Client agrees to comply with all applicable third party terms to the extent they relate to the Client's use of the Services and are consistent with Applicable Law.
13.3 RFA shall use commercially reasonable endeavours to ensure that any third party terms applicable to services incorporated into the Services are compatible with RFA's obligations under this Contract. Where mandatory third party terms conflict with the provisions of this Contract, RFA shall notify the Client promptly and the parties shall negotiate in good faith to resolve such conflicts.
13.4 RFA shall notify the Client promptly of any changes to third party terms that may materially affect the Services and shall provide reasonable assistance to help the Client understand the impact of such changes.
13.5 Each party shall be responsible for compliance with applicable third party terms relating to their respective use of third party services. The Client shall indemnify RFA against any claims, losses, costs, expenses, damages or penalties arising from the Client's breach of applicable third party terms or the Client's use of the Services in a manner that violates third party terms, regardless of whether RFA provided notice of such terms. RFA's liability for any breach of third party terms shall be subject to the limitations set out in clause 14.
14.1 Except as expressly and specifically provided in the Contract:
14.1.1 the Client assumes sole responsibility for results obtained from the use of the Services and the Documentation by the Client, and for conclusions drawn from such use. RFA shall have no liability for any damage caused by errors or omissions in any information, instructions or scripts provided to RFA by the Client in connection with the Services, or any actions taken by RFA at the Client's direction;
14.1.2 where RFA Data is downloaded or exported by the Client to the Client's own systems for the Agreed Purposes in accordance with clause 11.2.3: (a) RFA shall have no liability for the Client's subsequent processing of such downloaded or exported RFA Data; and (b) the Client shall indemnify RFA against any claims, losses, or penalties arising from the Client's processing of such RFA Data in breach of the Data Protection Legislation or the usage restrictions set out in this Contract;
14.1.3 where Services involve the usage or incorporation by RFA of a service or deliverable provided by a third party, the use of and access to the Services and Software is subject to RFA continuing to have access to such third party service, and RFA shall have no liability of any kind for any failure, fault, delay or unavailability of any third party service;
14.1.4 all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by Applicable Law, excluded from the Contract; and
14.1.5 the Services and the Documentation are provided to the Client on an "as is" basis.
14.2 Nothing in the Contract excludes or limits the liability of either party for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; or (c) any other matter in relation to which liability cannot by law be excluded or limited.
14.3 Subject to clause 14.1 and clause 14.2:
14.3.1 RFA shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under the Contract; and
14.3.2 RFA's total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the Contract:
a) for damage to tangible property caused by the negligence of its employees and agents in connection with the Contract shall not exceed £5,000,000 for any one event or series of connected events;
b) for loss arising from RFA's failure to comply with clause 10 (Intellectual Property Rights), its data processing obligations under clause 12 (ID&V Service), and clause 18.2 (Confidentiality) shall not exceed £5,000,000 in aggregate; and
c) for all other loss or damage which does not fall within subclause (a) or (b) shall not exceed an amount equal to one hundred percent (100%) of the total Charges paid under the Contract during the 12 months preceding the date of claim.
14.4 Nothing in the Contract excludes the liability of the Client for any breach, infringement or misappropriation of the RFA IPRs.
14.5 Subject to clause 14.2 and 14.4, the Client's total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the Contract:
14.5.1 for loss arising from a failure to comply with clause 11 (Data Protection) shall not exceed £5,000,000 in aggregate; and
14.5.2 for all other loss or damage which does not fall within clause 14.5.1 shall not exceed an amount equal to one hundred percent (100%) of the total Charges paid under the Contract during the 12 months preceding the date of claim.
14.6 Where Services or Deliverables involve the usage or incorporation by RFA of a service or deliverable provided by a third party, the use of and access to the Services and Software is subject to RFA continuing to have access to such third party service. RFA shall have no liability of any kind for any failure, fault, delay, unavailability, or change in terms of any third party service, including but not limited to changes in pricing, functionality, or discontinuation of such services. RFA will use reasonable endeavours to provide advance notice of any known third party service disruptions that may materially affect the Services.
15.1 Without affecting any other right or remedy available to it, either party may terminate the Contract with immediate effect by giving written notice to the other party if:
15.1.1 the other party fails to pay any amount due under the Contract on the due date for payment and remains in default not less than seven days after being notified in writing to make such payment;
15.1.2 the other party commits a material breach of any other term of the Contract and (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified in writing to do so;
15.1.3 the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986 (IA 1986) as if the words "it is proved to the satisfaction of the court" did not appear in sections 123(1)(e) or 123(2) of the IA 1986;
15.1.4 the other party commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with its creditors other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
15.1.5 the other party applies to court for, or obtains, a moratorium under Part A1 of the Insolvency Act 1986;
15.1.6 a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of that other party other than for the sole purpose of a scheme for a solvent amalgamation of that other party with one or more other companies or the solvent reconstruction of that other party;
15.1.7 an application is made to court, or an order is made, for the appointment of an administrator, or if a notice of intention to appoint an administrator is given or if an administrator is appointed, over the other party (being a company, partnership or limited liability partnership);
15.1.8 the holder of a qualifying floating charge over the assets of that other party (being a company or limited liability partnership) has become entitled to appoint or has appointed an administrative receiver;
15.1.9 a person becomes entitled to appoint a receiver over the assets of the other party or a receiver is appointed over the assets of the other party;
15.1.10 a creditor or encumbrancer of the other party attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of the other party's assets and such attachment or process is not discharged within 14 days;
15.1.11 any event occurs, or proceeding is taken, with respect to the other party in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in clauses clause 15.1.3 to 15.1.10 (inclusive);
15.1.12 the other party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business; or
15.1.13 the other party's financial position deteriorates so far as to reasonably justify the opinion that its ability to give effect to the terms of the Contract is in jeopardy.
15.2 On termination of the Contract for any reason:
15.2.1 all licences granted under the Contract shall immediately terminate and the Client shall immediately cease all use of the Services and/or the Documentation;
15.2.2 each party shall return and make no further use of any equipment, property, documentation, data and other items (and all copies of them) belonging to the other party;
15.2.3 the Client shall provide RFA with written notice prior to the date of termination confirming if Client Data should be returned or destroyed upon termination of the Contract. If no such notice is provided, RFA shall destroy all Client Data within 30 (thirty) days of termination of the Contract, except where retention is required by Applicable Law. The Client shall pay all reasonable expenses incurred by RFA in returning Client Data; and
15.2.4 any rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of any breach of the Contract which existed at or before the date of termination shall not be affected or prejudiced.
15.2.5 RFA reserves the right to audit the Client's systems and data storage to verify that all RFA Data and outputs from the Services have been deleted following termination. If the Client continues to use any RFA Data or outputs from the Services after termination without entering into a new agreement, such use shall constitute a material breach and the Client shall be liable for damages equivalent to the fees that would have been payable under a new agreement for such continued use.
16.1 If a dispute arises out of or in connection with the Contract or the performance, validity or enforceability of it (Dispute) then the parties shall follow the procedure set out in this clause:
16.1.1 either party shall give to the other written notice of the Dispute (Dispute Notice). On service of the Dispute Notice, the representatives of each party shall attempt to resolve the Dispute;
16.1.2 if the representatives of each party are for any reason unable to resolve the Dispute within 30 (thirty) days of service of the Dispute Notice, the Dispute shall be referred to a director or senior manager who shall attempt to resolve it; and
16.1.3 if the directors or senior managers of each party are for any reason unable to resolve the Dispute within 30 (thirty) days of it being referred to them, the parties will attempt to settle it by mediation in accordance with the CEDR Model Mediation Procedure. Unless otherwise agreed between the parties, the mediator shall be nominated by CEDR. To initiate the mediation, a party must serve notice in writing (ADR notice) to the other party to the Dispute, requesting a mediation. A copy of the ADR notice should be sent to CEDR. The mediation will start not later than 60 (sixty) days after the date of the ADR notice.
16.2 The commencement of mediation shall not prevent the parties commencing or continuing court proceedings in relation to the Dispute under clause 18.13 which clause shall apply at all times.
17.1 The Client agrees that during the term of this Contract and for a period of 12 months after its termination, it shall not directly or indirectly solicit or attempt to solicit any employee or contractor of RFA who was involved in the provision of the Services, without RFA's prior written consent. For each breach of this clause, the Client shall pay to RFA a sum equal to 50% of the annual salary or fees of the person solicited as liquidated damages.
18.1 Force majeure. Neither party shall be in breach of the Contract nor liable for delay in performing, or failure to perform, any of its obligations under the Contract if such delay or failure result from events, circumstances or causes beyond its reasonable control, including but not limited to acts of God, natural disasters, war, terrorism, cyber attacks, government actions, labour disputes, or failures of third-party service providers essential to the Services. The time for performance of such obligations shall be extended accordingly. If the period of delay or non-performance continues for six (6) months the party not affected may terminate the Contract by giving ten (10) Business Days' written notice to the affected party.
18.2 Confidentiality:
18.2.1 Each party undertakes that it shall not at any time during the Contract, and for a period of five (5) years after termination or expiry of the Contract, disclose to any person any confidential information concerning the business, affairs, customers, clients or suppliers of the other party or of any member of the group of companies to which the other party belongs, except as permitted by clause 18.2.2.
18.2.2 Each party may disclose the other party's confidential information:
a) to its employees, officers, representatives, contractors, subcontractors or advisers who need to know such information for the purposes of carrying out the party's obligations under the Contract. Each party shall ensure that its employees, officers, representatives, subcontractors or advisers to whom it discloses the other party's confidential information comply with this clause 18.2; and
b) as may be required by law, a court of competent jurisdiction or any governmental or regulatory authority.
18.2.3 Neither party shall use the other party's confidential information for any purpose other than to perform its obligations under the Contract.
18.3 Variation. No variation of the Contract shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
18.4 Waiver. A waiver of any right or remedy is only effective if given in writing and shall not be deemed a waiver of any subsequent right or remedy. A delay or failure to exercise, or the single or partial exercise of, any right or remedy shall not waive that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy.
18.5 Rights and remedies. Except as expressly provided in the Contract, the rights and remedies provided under the Contract are in addition to, and not exclusive of, any rights or remedies provided by law.
18.6 Severance. If any provision or part-provision of the Contract is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of the Contract. If any provision or part-provision of the Contract is deemed deleted under this clause 18.6 the parties shall negotiate in good faith to agree a replacement provision that, to the greatest extent possible, achieves the intended commercial result of the original provision.
18.7 Entire agreement. The Contract constitutes the entire agreement between the parties and supersedes and extinguishes all previous and contemporaneous agreements, promises, assurances and understandings between them, whether written or oral, relating to its subject matter. Each party acknowledges that in entering into the Contract it does not rely on any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in the Contract.
18.8 Assignment:
18.8.1 The Client shall not, without the prior written consent of RFA, assign, novate, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under the Contract.
18.8.2 RFA may at any time assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under the Contract.
18.9 No partnership or agency. Nothing in the Contract is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
18.10 Third party rights. The Contract does not confer any rights on any person or party (other than the parties to the Contract and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.
18.11 Notices:
18.11.1 Any notice given to a party under or in connection with the Contract shall be in writing and shall be:
a) delivered by hand or by pre-paid first-class post or other next working day delivery service at its registered office (if a company) or its principal place of business (in any other case); or
b) sent by email to the address set out for that party in the Order Form.
18.11.2 Any notice shall be deemed to have been received:
a) if delivered by hand, at the time the notice is left at the proper address;
b) if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second Business Day after posting; or
c) if sent by email, at the time of transmission, or, if this time falls outside Business Hours in the place of receipt, when Business Hours next resume.
18.11.3 This clause does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.
18.12 Governing law. The Contract and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and interpreted in accordance with the law of England and Wales.
18.13 Jurisdiction. Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with the Contract or its subject matter or formation (including non-contractual disputes or claims)
The subject matter of the data processing under the Contract is the provision of the ID&V Services.
RFA will process ID&V Data for the duration of the Contract, after which it will be archived for a further seven (7) years. During the archival period, the data will be accessible to the Client and RFA as necessary for legal compliance, dispute resolution, and regulatory requirements, unless otherwise agreed in writing or required by Applicable Law.
3.1 Processing of ID&V Data as necessary to provide the ID&V Services in accordance with the Contract;
3.2 Processing initiated by Client in its use of the Service; and
3.3 Archiving of data on behalf of the Client.
Personal data contained within the ID&V Data, including but not limited to identification documents, verification data, and associated metadata necessary for the provision of ID&V Services.
The Client and Authorised Users may submit personal data to the Service, the extent of which is determined and controlled by Client subject to the terms of this Contract and Applicable Law, and which may include, but is not limited to personal data relating to the following categories of data subjects:
5.1 Authorised Users;
5.2 Prospects, customers, business partners and vendors of the Client; and
5.3 Employees or contact persons of the Client's prospects, customers, business partners and vendors.
Last updated - 23rd October 2025