Terms and Conditions
  1. INTRODUCTION
    1. This page sets out the general customer terms (General Terms) which apply to any Service (as defined below) which Complyfirst (as defined below) licences or provides to any Customer (as defined below), unless Customer has entered into a separate written contract with Complyfirst signed by both parties in respect of the Services.  
    2. The parties’ agreement for the licensing, use and/or provision of the Services is made up of (i) these General Terms; (ii) the Proposal; and (iii) any other written document either issued by Complyfirst (and expressly referring to and incorporating itself into the agreement) or any amendments or supplements to the agreement signed and agreed in writing between the parties. Together the above documents shall constitute and be known as the Agreement and apply to the contract between the parties to the exclusion of any other terms that Customer may seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing. 
    3. When construing the meaning of the Agreement, the documents listed in clause 1.2 shall be interpreted in a reverse order of priority in the event of any inconsistency or conflict, with documents appearing later in the list taking priority over documents appearing earlier in the list. 
    4. Any order placed by Customer shall only be deemed to be accepted upon Complyfirst’s signature of, or email agreement to, the Proposal, at which point and on which date the Agreement shall come into existence.
    5. These General Terms are published on Complyfirst’s website. Customer should print or save a copy of these General Terms for its records.  Complyfirst may amend these General Terms from time to time during the Term and will endeavour to provide Customer with thirty (30) days’ notice before making the change effective when it does so.  Every time Customer agrees a new Proposal with Complyfirst it should check these General Terms to ensure that it understands the terms which will apply to the Agreement at that time. This version two of these General Terms was most recently updated on 5 December 2023. Historic versions may be obtained by contacting Complyfirst. 
    6. Any Proposal issued by Complyfirst shall be valid for a period of 30 days (or such longer period specified on the Proposal) from the date of issue, if not agreed by Customer, at which point the offer outlined in the Proposal shall lapse. 
  2. INTERPRETATION
    1. In the Agreement the following definitions and rules of interpretation shall apply:

      Affiliate means in relation to a party, any entity that directly or indirectly controls, is controlled by, or is under common control with that party from time to time;

      Agreement has the meaning given to it in clause 1.2; 

      Authorised Users means those employees and agents of, and independent contractors providing services to, the Customer only (excluding its Affiliates), who are authorised by the Customer to use the Subscription Services and their ancillary documentation, who are accessing the Subscription Services for the lawful business purposes of the Customer only (excluding its Affiliates); 

      Beta Services means any Subscription Service identified as a beta, preview or similar. These may be offered as Free Services;  

      Business Day means any day which is not a Saturday, Sunday, bank or public holiday in Ireland, England or the jurisdiction in which Customer is incorporated; 

      Commencement Date means the date specified in the Proposal; 

      Complyfirst means Complyfirst Limited, a company incorporated in the Republic of Ireland under registered company number 725307 with registered office address at 12 Lower Hatch Street, Dublin 2, Dublin, D02 R682, Ireland; 

      Confidential Information means in relation to either party, any or all information of a confidential nature (whether in oral, written or electronic form) including trade secrets and information (whether or not of commercial value) known and belonging to that party and concerning its business, suppliers, customers, products or services (including without limitation, in Complyfirst’s case, the Subscription Services and their ancillary documentation, any product or feature plans, and the pricing offered by Complyfirst), and in Customer’s case, all Customer Data, and any other information which the recipient knows or is notified or has reason to believe is confidential to the disclosing party;

      Controller, Processor, Data Subject, Personal Data, Personal Data Breach, processing and appropriate technical and organisational measures each have the meaning given to them in relevant UK Data Protection Law; 

      Consumer Prices Index means the (all-items) index of that name published by the UK Office of National Statistics, or such successor body or successor index as shall apply from time to time in future (so as to most closely mirror that index);

      Charges means the applicable charges for the Services from time to time, including the Professional Services Charges and the Subscription Charges; 

      Credits means credits payable for Professional Services, which may be purchased in advance by Customer (and shall be specified in the Proposal), and can be redeemed against the purchase of outside-scope Professional Services during the Term as contemplated and subject to the provisions outlined in clause 9.11 (and where applicable in the relevant Proposal);  

      Customer means the organisation which has purchased access to the Subscription Services from Complyfirst, as specified in the Proposal;

      Customer Data means the data, content and images inputted by the Authorised Users or (if applicable) Complyfirst on Customer’s behalf for the purpose of facilitating Customer’s or its Authorised Users’ use of the Software. All Customer Data shall be deemed to be the Confidential Information of the Customer by default; 

      Customer Equipment means a functioning hardware system and software facilitating access to the following modern and high usage web browsers, namely:  Chrome or Safari, for the current and previous version of each such browser, and internet access, or such other relevant software and/or hardware reasonably notified to Customer by Complyfirst from time to time, although the Subscription Services are optimised on Chrome; 

      Data Protection Law means all applicable data protection and privacy legislation in force from time to time in the UK or Ireland, including, to the extent applicable, the UK or EU General Data Protection Regulation (GDPR); 

      FCA means the UK financial conduct authority, or such successor body as may assume its functions from time to time in future; 

      Free Service means any Service that is provided without a charge;

      Feedback means any ideas, know-how, algorithms, code contributions, suggestions, enhancement requests, recommendations or any other feedback on Complyfirst products or services;

      General Terms has the meaning given to it in clause 1.1;

      Implementation Services means the implementation services and/or deliverables to be provided in respect of the Subscription Services, as described in the applicable Proposal; 

      Information Security Policy or ISP means Complyfirst’s information security policy setting out how it will safeguard the Customer Data stored via the Subscription Services from time to time available at https://www.Complyfirst.co/information-security-policy;   

      Initial Subscription Term means the initial subscription term specified in the Proposal, which shall be 12 months unless otherwise specified; 

      Licence Restrictions means the licence restrictions specified or referred to in the Proposal or elsewhere in the Agreement;

      Payment Terms means the payment terms set out in the Proposal. If none are specified the default payment terms shall require payment of any Subscription Charges in full in advance of the Initial Subscription Term or any subsequent Renewal Term, on demand, and payment for any Professional Services (other than Implementation Services, which are invoiced and payable in full in advance) monthly in arrears, on 30-day payment terms; 

      Purpose means accessing and using the Subscription Services as a tool to assist with the streamlining and automation of regulatory reporting to the FCA (or other regulatory authority to whom the Subscription Services may assist in reporting from time to time), including to (a) prepare reports (b) submit reports, and (c) view any stored reports, and otherwise making use of any of the functionality offered by the Software (including that contemplated within the Proposal) for its functionally contemplated purposes only; 

      Premium Features means any substantially new or enhanced features of the Software which Complyfirst may offer from time to time, other than the core Software functionality described in the Proposal, which may be marketed to customers generally as premium features and locked behind a paywall;  

      Privacy Policy means Complyfirst’s privacy and cookies notice and policy, available at: https://www.Complyfirst.co/privacy;  

      Professional Services means any bespoke professional services to be provided by Complyfirst to Customer (as agreed from time to time or set out in the Proposal), other than the Subscription Services or basic Support, including for example, installation and technical assistance services on Customer site, on-request upgrades etc;

      Professional Services Charges means the service charges detailed in the Proposal for any Professional Services, or which Complyfirst confirms to the Customer from time to time in respect of any further agreed Professional Services; 

      Proposal means the written quotation for, among other things, licensing and provision of the Services, provided by Complyfirst to Customer. There may be multiple live Proposals for additional Services, Premium Features or otherwise, and where this is the case, the Proposals shall collectively form part of the Agreement; 

      Renewal Period means rolling terms of the same duration as the Initial Subscription Term (or such other period as Complyfirst may agree in writing with Customer in the Proposal); 

      Retail Prices Index means the (all-items) index of that name published by the UK Office of National Statistics, or such successor body or successor index as shall apply from time to time in future (so as to most closely mirror that index); 

      Sensitive Information means (a) credit or debit card numbers; personal financial account information; national insurance or social security numbers or equivalents; passport numbers; driver’s licence numbers or similar identifiers; passwords; details of racial or ethnic origin; physical or mental health condition or information; or other employment, financial or health information, including any information defined under the UK Data Protection Legislation as ‘Sensitive Personal Data’ (or any analogous term which may apply from time to time), or any information subject to the US Health Insurance Portability and Accountability Act, the Payment Card Industry Data Security Standards, and other regulations, laws or industry standards designed to protect similar information as amended or applicable worldwide from time to time; 

      Services means both the Subscription Services and the Professional Services; 

      Site(s) means the physical sites specified within the Proposal;  

      Software means Complyfirst’s end-to-end regulatory reporting software application, Complyfirst®, which provides Authorised Users access to the Complyfirst® portal and which includes any general upgrades of the standard Complyfirst® platform released to all customers to which Customer is otherwise entitled under the terms of the Agreement, and which is accessed via the Subscription Services (but excluding Premium Features unless expressly stated otherwise in the Proposal); 

      SLA means Complyfirst’s service level agreement (where the Proposal states that it is applicable to the Customer) available at https://www.Complyfirst.co/sla; 

      Subscription Charges means the total amounts specified in the Proposal from time to time or otherwise payable in accordance with the terms of the Agreement, to be paid in accordance with the timeframes and other stipulations set out in the Agreement; 

      Subscription Services means hosting of the Software (including any Premium Features purchased by the Customer from time to time) and making it available for access on a software as a service basis to Authorised Users using Customer Equipment via https://www.Complyfirst.co/ or such other URL as Complyfirst may make available from time to time; 

      Subscription Term means the term beginning on the Commencement Date, and continuing for the Initial Subscription Term, and any Renewal Periods (subject to clause 14.3), unless and until the Agreement is terminated in accordance with its terms; 

      Support means the support services to be provided by Complyfirst in relation to each Authorised User, for the relevant Subscription Term, and made available, unless otherwise specified, during Complyfirst’s standard business hours (9am to 5.00pm UK time on Business Days) via email or telephone;  

      Tariff means Complyfirst’s published tariff of outside scope Services, available within your Proposal and as amended from time to time; 

      Term means the term of the Agreement as defined in clause 17.1; and 

      Unused Portion means, in respect of any period of the Subscription Term for which Customer has made a payment in advance, the proportion which the number of days following termination of the Agreement until the end of such remaining Subscription Term bears to the total number of days in that period. 

    2. Clause headings shall not affect the interpretation of the Agreement. References to clauses are to the clauses of these General Terms.
    3. Words in the singular shall include the plural and vice versa.
    4. A reference to a statute or statutory provision is a reference to it as it is in force for the time being, taking account of any amendment, extension, or re-enactment and includes any subordinate legislation for the time being in force made under it.
    5. Any words following the terms including, include, in particular, for example or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms.
  3. ACCESS TO THE SUBSCRIPTION SERVICES
    1. Customer warrants and represents that any information provided to Complyfirst is complete, accurate and not misleading (including information providing as part of the Agreement setup process), that it will inform Complyfirst if at any time that information changes whilst Customer or its Authorised Users continue to use the Subscription Services and acknowledges that Complyfirst may rely on such information and not seek to establish its reliability. 
    2. Customer acknowledges that subject to certain limitations, and any limitations set by any Customer accounts with specific privileges, Authorised Users have administrative control over their accounts and the Customer Data stored on the central Customer account, and also for populating relevant information within the Subscription Services and Customer shall have sole responsibility for supervision and observation of the actions of its Authorised Users. 
    3. Subject to payment and the other restrictions set out in the Agreement, Complyfirst hereby grants to Customer, subject to the Licence Restrictions a non-exclusive, non-transferable right to permit the Authorised Users to use the Subscription Services during the Subscription Term for the Purpose.
    4. The rights provided under clause 3.3 are granted to Customer only and shall not be considered granted to any subsidiary or holding company of Customer.
    5. In relation to the Authorised Users, Customer undertakes that: (a) it shall be responsible for compliance by Authorised Users with the applicable terms of the Agreement, and that relevant restrictions on Customer set out within the Agreement shall, unless the context requires otherwise, equally apply to any such persons; (b) the Customer will not allow or suffer any one Authorised User’s account to be used by more than one individual unless it has been reassigned in its entirety to another individual, in which case the prior individual shall no longer have any right to access or use the Subscription Services and/or their documentation; (c) each Authorised User shall keep a secure password for their use of the Subscription Services and its documentation, and that each Authorised User shall keep his password confidential; (d) it shall permit Complyfirst to audit the Subscription Services in order to establish Customer’s compliance with the Agreement; (e) if any of the audits referred to in clause 3.5(d) reveal that Customer has underpaid Subscription Charges to Complyfirst, then without prejudice to any other right to which it may be entitled, Customer shall pay to Complyfirst an amount equal to such underpayment (as calculated by reference to the additional Subscription Charges that would ordinarily be payable for any out of scope use) within 10 Business Days of the date of the relevant audit; (f) if any of the audits referred to in clause 3.5(d) reveal that any password has been provided to any individual who is not an Authorised User, then without prejudice to Complyfirst’s other rights, Customer shall promptly disable such passwords and Complyfirst shall not issue any new passwords to any such individual; and (g) all Authorised Users shall meet the relevant definition of Authorised User under these General Terms at all times, including that they are accessing the Subscription Services only for the Customer’s lawful business purposes, including subject to any Licence Restrictions, and it shall promptly disable the login details for any Authorised User who has ceased to meet the relevant definition. 
    6. The Customer may issue an unlimited number of Users Licences to Authorised Users via the Subscription Services as long as it acts reasonably. All Authorised Users must be using the Subscription Services for purposes associated with the Customer’s lawful business. Customer should note that it will be responsible for its Authorised Users’ data usage and any relevant overages as specified below. 
    7. Customer must not permit any of its Authorised Users to (a) be under the legal age to use the Subscription Services in the country the Authorised User resides in (or whose laws apply to them); (b) share with or permit access to any Authorised User’s account by multiple people; or (c) operate a service or automated account, where there is not a single human individual responsible for that account.  If Complyfirst determines that there has been a breach of this clause, in addition to its other rights, it reserves the right to suspend or terminate the affected Authorised User accounts, or the Agreement, as noted below. 
    8. Customer shall not access, store, distribute or transmit any viruses, or any material during the course of its use of the Subscription Services that: (a) is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive; (b) facilitates illegal activity; (c) depicts sexually explicit images; (d) promotes unlawful violence; (e) is discriminatory based on race, gender, colour, religious belief, sexual orientation, disability, or any other illegal activity; or (f) causes damage or injury to any person or property; and Complyfirst reserves the right, without liability to Customer, to disable Customer’s access to any material that breaches the provisions of this clause.
    9. Customer shall not: (a) other than as permitted by law, attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software made available via the Subscription Services and/or its documentation (as applicable) in any form or media or by any means; nor attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software; or (b) access all or any part of the Subscription Services in order to build a product or service which competes with the Subscription Services; or (c) use the Subscription Services to provide services to third parties; or (d) license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services available to any third party except the Authorised Users; or (e) attempt to obtain, or assist third parties in obtaining, access to the Subscription Services, other than as provided under this clause; or (f) interfere with or disrupt the integrity or performance of the Subscription Services or third party data contained therein; or (g) attempt to gain unauthorised access to the Subscription Services or their related systems or networks, including with a view to making alterations to, or modifications of, the whole or any part of the Software, or permitting the Software or any part of it to be combined with, or become incorporated in, any other programs.   
    10. CUSTOMER AGREES NOT TO USE THE SUBSCRIPTION SERVICES TO COLLECT, MANAGE OR PROCESS SENSITIVE INFORMATION. COMPLYFIRST WILL NOT HAVE ANY LIABILITY THAT MAY RESULT FROM CUSTOMER’S USE OF THE SUBSCRIPTION SERVICES TO COLLECT OR MANAGE SENSITIVE INFORMATION.
    11. Customer shall use best endeavours to prevent any unauthorised access to, or use of, the Subscription Services and/or their documentation and, in the event of any such unauthorised access or use, promptly notify Complyfirst.
  4. PROFESSIONAL SERVICES
    1. Complyfirst shall supply, during the Subscription Term, the Support, the Subscription Services and any agreed Professional Services to Customer on and subject to the terms of the Agreement.
    2. Complyfirst shall provide the agreed Implementation Services set out in the Proposal to assist in configuring the Subscription Services for the Customer’s specific use. Customer acknowledges that third-party integrations, import files or data streams required to integrate with the Subscription Services via API must be configured through the Implementation Services, and identified in advance by Customer and documented in the Proposal, and by default the Subscription Services do not offer these integrations.  
    3. Complyfirst’s approach to Implementation Services is based on shared project responsibility, resulting in a cooperative, hands-on project that is jointly managed by Complyfirst and Customer. In addition to the assumptions and requirements set forth elsewhere in the Agreement, Customer acknowledges and agrees that the above approach, Charges, commitment to delivery of agreed Implementation Services (and Subscription Services going forward) and agreed timelines set out in Proposal are based on the following assumptions (as applicable), or any other assumptions identified in the Proposal:
      1. Customer will accurately complete all applicable questionnaires, templates, and other documents and requests for data as reasonably required for Complyfirst to fulfil its implementation roles and responsibilities, to the best of Customer’s knowledge and with timely assistance from Complyfirst where any such requests are unclear, each in the manner reasonably prescribed by Complyfirst by the agreed upon timelines;
      2. Customer will, where applicable, provide reasonable access to Customer’s personnel with the appropriate knowledge of Customer’s systems and their configuration; 
      3. Any configuration or test environment (including all data) will be decommissioned after a period of sixty (60) days from the completion of the Implementation Services; 
      4. Customer will appoint both a named technical product expert and a regulatory compliance expert who Complyfirst can work with in the delivery Implementation Services, who will be available for the duration of the implementation phase (save for illness, absence, leave or departure from the Customer’s employment), so as to help ensure a consistent and efficient rollout of the Subscription Services; 
      5. Customer will confirm acceptance for all Implementation Services in a reasonably timely fashion and per any project schedule;
      6. Customer will complete training activities as outlined in any training curriculum provided by Complyfirst from time to time and per the project schedule, following the instructions contained in the training materials; and
      7. Customer will identify any required third-party integrations, import files or data streams prior to project kick-off, and these shall be documented up-front (whether in the Proposal or otherwise) and any required configuration for the Subscription Services shall form part of the Implementation Services. Any additional file(s) or data streams identified thereafter may result in additional Charges and potential delay in completion of the Implementation Services; 
      8. If, during the course of the delivery of the Implementation Services, it transpires that any third party integration or API cannot provide the Software solution with some or all of the required data, this is outside Complyfirst’s control and there will be no reimbursement of any Implementation Services Charges, or re-negotiation of the terms of the Agreement; and 
      9. Any material changes to scope described in the Proposal will be addressed through a change request, if these have a material impact on costs. 
    4. The provision of the Subscription Services shall be subject to ongoing provision by Complyfirst’s hosting services provider from time to time, but also to the commitments made by Complyfirst in the SLA. Complyfirst shall use reasonable endeavours to inform Customer in advance of any planned service interruption to the Subscription Services.
    5. Complyfirst will, as part of the Services and at no additional cost to Customer other than the Subscription Charges, provide Customer with Support in accordance with Complyfirst’s support services policy (if any) in effect at the time that the Services are provided, subject to fair usage of the Support by Customer. Complyfirst is a UK based company and typically deals with Support tickets between 9 am and 5 pm GMT on Business Days. Customer’s representatives must be available to interact with Complyfirst’s support team where they have any queries regarding a particular request. For clarity, subject to fair usage, there are no limitations on the number of Support tickets or requests that may be raised by the Customer. Customer shall procure that its Authorised Users provide access to Complyfirst to their accounts where required in order to provide remote support. Complyfirst may also provide online support resources for Authorised Users. All Support shall be delivered remotely. Any support Services outside the above, including any on-Site support required by the Customer, or any support with specific advice on regulatory reporting requirements shall be outside of scope and shall, if agreed between the parties, be chargeable at Complyfirst’s then prevailing standard daily or hourly rates as a Professional Service, as specified in Complyfirst’s then published Tariff, together with any applicable expenses which shall be agreed in advance and separately chargeable. If Customer requires such assistance, its Authorised User will be notified when raising a Support ticket that the requested Support is outside scope. 
    6. If the Customer wishes to request that a particular feature of the Subscription Services be improved or added at any time, it may request this, and this may be agreed and undertaken as a Professional Service, subject to agreement between the parties as to the nature of the request, timing and the charges for facilitating this request. 
    7. The Subscription Services are generally subject to fair data usage limits including any data storage limits published in Complyfirst’s Tariff from time to time. Any excess use shall be chargeable at the rates specified in the Tariff. 
    8. The Subscription Services are also only intended for the usage permitted by the Licence Restrictions set out in the Proposal, including any usage restrictions associated with the kind of licence held by the Customer and specified in those Licence Restrictions, for example, a payments or e-money licence, and may not be used for any other kind of regulatory reporting. If Customer exceeds those Licence Restrictions it shall be liable to pay Complyfirst’s charges for such excessive usage, calculated at Complyfirst’s reasonable discretion and payable upon demand. 
    9. Where Customer wishes to purchase access to Premium Features as part of the Subscription Services and use of the Software, these must be specified and agreed in a Proposal, but are not included by default. 
    10. To the extent Customer uses any Free Services, it acknowledges and agrees that its entitlement to access and use such Free Services constitutes reasonable and sufficient consideration in return for which it is willing to adhere to the terms of the Agreement. 
  5. WARRANTIES AND COMPLYFIRST'S OBLIGATIONS
    1. Each party represents and warrants to the other that it has the legal power and authority to enter into the Agreement (in the case of an individual representing a Customer, on that organisation or entity’s behalf), and that the Agreement and each Proposal is entered into by an employee or agent of such party with all necessary authority to bind such party to the terms and conditions of the Agreement, and that the Agreement or Proposal is accordingly binding upon each party and enforceable per its terms. Any person representing the Customer also warrants and represents that they are authorised to perform or permit the performance of all actions taken by Customer or its Authorised Users via the Subscription Services, including uploading any Customer Data to Customer’s account (including making it available to other Authorised Users, or publicly available to third parties). 
    2. Complyfirst undertakes that the Services will be performed with reasonable skill and care expected of a suitably skilled person engaged in the same type of business as Complyfirst, and that it shall use reasonable endeavours to ensure that the Subscription Services will perform substantially in accordance with and subject to any limitations outlined in the Proposal and the SLA (where applicable). Otherwise, Complyfirst gives no warranties concerning the Subscription Services.
    3. The undertaking at clause 5.2 shall not apply to the extent of any non-conformance which is caused by (as applicable): (a) use of the Services contrary to Complyfirst’s instructions or otherwise than as permitted by the Agreement, (b) modification or alteration of the Software or Services (or the deliverables of the Services) by any party other than Complyfirst or Complyfirst’s duly authorised contractors or agents, (c) issues with Customer Equipment; (d) interaction of the Subscription Services (or their integration) with other software programmes or plugins (where those are not covered by the Proposal); (e) use of the Software in an application, or with any software, hardware or materials for which it was not intended; or (f) acts or omissions otherwise attributable to Customer and/or outside Complyfirst’s reasonable control. If the Services do not conform with the foregoing undertakings, Complyfirst will, at its expense, use all reasonable commercial endeavours to correct any such non-conformance within a reasonable timeframe, or provide Customer with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes Customer's sole and exclusive remedy for any breach of the undertakings set out in clause 5.2. Notwithstanding the foregoing, Complyfirst does not warrant that Customer's use of the Subscription Services will be uninterrupted or error-free, nor that the Services and/or their documentation will meet Customer's requirements.
    4. Customer acknowledges that it has assessed the suitability of the Services for its requirements. Complyfirst does not warrant that the Software, the Services and/or their documentation will be suitable for such requirements or that any use will be uninterrupted or error free.     
    5. The Agreement shall not prevent Complyfirst from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to those provided under the Agreement.
    6. Timing for performance of Complyfirst’s obligations under the Agreement shall not be of the essence.
    7. Complyfirst warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under the Agreement.
  6. CUSTOMER'S OBLIGATIONS

    Customer shall: (a) at its cost, provide Complyfirst with all necessary co-operation in relation to the Agreement, and all necessary data and access to information as may be required by Complyfirst, its agents or contractors, in order to render the Services, including but not limited to applicable specifications, data management decisions, approvals, security access information and configuration services; (b) comply with all applicable laws and regulations with respect to its activities under the Agreement; (c) carry out all other Customer responsibilities set out in the Agreement in a timely and efficient manner. In the event of any delays, Complyfirst may adjust any agreed timetable or delivery schedule as reasonably necessary; (d) ensure that the Authorised Users use the Services in accordance with the terms and conditions of the Agreement and shall be responsible for any breach of the Agreement by either; (e) obtain and shall maintain all necessary licences, consents, and permissions necessary for Complyfirst, its contractors and agents to perform their obligations under the Agreement, including without limitation the Services; (f) ensure that its network and systems comply with the relevant specifications provided by Complyfirst from time to time; (g) be solely responsible for procuring and maintaining its network connections and telecommunications links, and maintaining appropriate Customer Equipment; (h) provide a single main point of contact who can address questions or issues relating to the Services, provide timely feedback and review any changes to the Services; (i) be solely responsible at its own cost for generating Customer Data, content and data required to utilise the services and uploading all such content and data to the site provided to Customer using the Services. In the event that Customer requires any assistance from Complyfirst in this regard, Complyfirst may provide such assistance as it deems appropriate at its then prevailing charges as a Professional Service, and ensure that it implements appropriate information security controls having regards to the sensitivity of any Customer Data it uploads; and (j) comply and procure the compliance of its Authorised Users with any reasonable directions given to it by Complyfirst from time to time. 

  7. USAGE RESTRICTION

    This clause sets out the restrictions and requirements with which Authorised Users must comply when using the Subscription Services, for whose adherence to which Customer shall be liable and responsible. 

    1. Customer and the Authorised Users must not use the Subscription Services:
      1. In any way that breaches any applicable local, national or international law or regulation, including any copyright or trademark laws, export control or sanctions laws. Customer is responsible for making sure that Customer and Authorised Users’ use of the Subscription Services complies with laws and any applicable regulations, including that Customer and/or Authorised Users are not prohibited from using or receiving the Subscription Services by any relevant laws in the UK or Ireland or which apply in the country in which the Customer and/or Authorised Users are resident or from which it proposes to use or access same;
      2. In any way that is unlawful or fraudulent, or has any illegal or fraudulent purpose or effect;
      3. In any way which interferes with the use of Complyfirst’s Subscription Services by other users, or attempts to harm them or their business;
      4. In any way that relates to link building purposes or for the primary promotion of other goods or services;
      5. To harm or attempt to harm others in any way, including to bully, insult, intimidate or humiliate any person;
      6. If Customer and/or the Authorised User is not able to form legally binding contracts or is under the legal age in the country in which it resides (or to whose laws Customer and/or Authorised Users are subject at any time);
      7. To attempt to, or access data not intended for Customer and/or the Authorised User; 
      8. To attempt to scan or test the security or configuration of the Subscription Services or to breach security or authentication measures without proper authorisation from Complyfirst; 
      9. To send, knowingly receive, upload, download, use or reuse any material which does not comply with Complyfirst’s content standards; or
      10. To transmit or procure any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam), or any other chain letters or promote any pyramid schemes.
    2. Customer and the Authorised Users must also:
      1. Not use any robot, spider, scraper or other automated means to harvest data from the Subscription Services in a way that might interfere with the operation of the Subscription Services without Complyfirst’s express written permission; 
      2. Not act illegally or maliciously against Complyfirst’s business interests or reputation, or that of other users; 
      3. Not, or attempt to, copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Subscription Services in any form or media or by any means; 
      4. Not, or attempt to, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Subscription Services (or their underlying software), access all or any part of the Subscription Services to build a product or service which competes with the Subscription Services; 
      5. Not, save as expressly permitted in these Terms of Service, licence, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Subscription Services available to any third party;
      6. Not access without authority, interfere with, damage or disrupt any part of the Subscription Services, or any underlying equipment;  
      7. Not knowingly to take any action that places excessive demand on the Subscription Services, or imposes, or may impose an unreasonable or disproportionately large load, or otherwise disable, overburden or impair (as determined in Complyfirst’s sole reasonable discretion), Complyfirst’s servers or other portion of Complyfirst’s infrastructure supporting the Subscription Services or any network on which the Subscription Services is stored, any software used in the provision of the Subscription Services or any equipment or network or software owned or operated by any third party; 
      8. Use the Subscription Services in compliance with any legal requirements that may apply; 
      9. Not misuse Complyfirst’s Site by knowingly introducing viruses, trojans, worms, logic bomb, or otherwise technologically harmful material; 
      10. Not attempt to gain unauthorised access to the server on which Complyfirst’s Site resides or any server, computer or database connected to Complyfirst’s Site or attack Complyfirst’s Site via a denial-of-service attack or a distributed denial-of-service attack; and 
      11. Only upload Customer Data that the Customer and/or Authorised Users have the right to upload and that fully comply with any third-party licences relating to Data the Customer and/or Authorised Users interact with or upload. 
    3. By breaching these provisions, Authorised Users may commit a criminal offence in the UK or elsewhere. We will report any criminal offence to the relevant authorities where we are required to do so by law and co-operate with those authorities to the extent required by law, by disclosing Customer’s or its relevant Authorised User’s identity to them (again where required to do so by law). 
    4. These standards (Standards) apply to any Customer Data that Authorised Users upload to the Subscription Services. The Standards must be complied with in spirit and to the letter and apply to each part of any Customer Data and its whole. Complyfirst will determine, at its sole reasonable discretion, whether any Customer Data breaches the Standards. Customer warrants that any Customer Data complies with the Standards set out in the Agreement. 
    5. Any Customer Data must not:
      1. Breach the law applicable in the UK, Ireland or in any country from which it is posted; 
      2. Promote sexually explicit material;
      3. Promote violence;
      4. Breach of any legal duty owed to a third party, such as a contractual duty or a duty of confidence;
      5. Promote any illegal activity;
      6. Be in contempt of court;
      7. Give the impression that it emanates from or relates to us or one of Complyfirst’s employees, unless genuine;
      8. Impersonate any person, or misrepresent the Customer or Authorised Users' identity or affiliation with any person;
      9. Advocate, promote, incite any party to commit, or assist any unlawful or criminal act such as (by way of example only) copyright infringement or computer misuse;
      10. Contain a statement which the Customer and/or Authorised Users know or believe, or has reasonable grounds for believing, that members of the public to whom the statement is, or is to be, published are likely to understand as a direct or indirect encouragement or other inducements to the commission, preparation or instigation of acts of terrorism;
      11. Contain viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware, or any other harmful programs or similar computer code designed to affect any computer software or hardware operation adversely; or 
      12. Knowingly infringe any copyright, database right, trademark or other intellectual property rights of any other person. 
  8. THIRD PARTY INTEGRATIONS
    1. Additionally, Customer may use or Complyfirst may facilitate the integration of standalone third party applications when accessing or using the Subscription Services, for example applications that integrate with or export data feeds to the Subscription Services or use the Subscription Services to authenticate or access another service. While the Agreement represents Complyfirst’s agreement with Customer, other parties’ terms govern their relationships. Whilst Complyfirst takes no responsibility for any Authorised User’s or Customer’s adherence to such terms or the actions taken by such third-parties, Customer warrants and represents that it will honour and adhere to such terms when using the Subscription Services and that Customer will not hold Complyfirst responsible for any interactions with such third parties or their terms, including for wrongful or negligent acts or omissions, or breaches of contract. 
    2. When importing third party data streams using the Subscription Services, the Customer warrants and represents that it shall ensure it use industry standard anti-virus technology and otherwise checks such data streams for any malicious code or content, including Customer Data which would breach the terms of the Agreement. 
    3. Complyfirst does not control the content, messages or information found in or on or accessible through any third party services accessible through or integrated with the Subscription Services. Complyfirst disclaims and will have no liability regarding such sites or services and any actions resulting from Customer’s or its Authorised Users’ use of the same. Such sites or services’ availability does not mean Complyfirst endorses, supports or warrants such sites or services.
    4. Complyfirst shall not be responsible for any issues with performance of any third party applications, and their integration within and functioning through the Subscription Services at all times is outside Complyfirst’s control and is not guaranteed. Complyfirst shall use all reasonable endeavours (subject to the caveats and assumptions set out in the Agreement, including clause 4.3 above and the terms of the Proposal) to facilitate third party integrations, but the third party integrations supported by the Subscription Services may change from time to time and Complyfirst cannot be held responsible for such changes during the Term. If Customer becomes aware that any third party whose solutions integrate with the Subscription Services is likely to make changes to their API, API documentation or data structures during the Term, or this is likely to happen with respect to Customer’s own APIs, etc, Customer will notify Complyfirst in advance of such changes, and if Complyfirst is required to make changes as a result of such changes the parties that this will be outside the scope of Complyfirst’s Support or other obligations under the Agreement, and any Professional Services requested by Customer to facilitate ongoing integration will be chargeable on the basis specific in Complyfirst’s published Tariff.
    5. Customer must have a valid account for any third party applications utilised by it to link to the Subscription Services via API at all times.  
  9. CHARGES AND PAYMENT
    1. Customer shall pay the Subscription Charges (and any Professional Service Charges, or other charges specified or agreed) to Complyfirst in accordance with the Payment Terms. 
    2. If Complyfirst has not received payment  for any Subscription Charges in advance, and any Professional Services Charges within 10 days after the due date, or notice of a bona fide dispute, without prejudice to any other rights and remedies of Complyfirst: (a) Complyfirst may, without liability to Customer, disable Customer’s and any Authorised Users’ passwords, accounts and access to all or part of the Services and Complyfirst shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid; and (b)  interest shall accrue on such due amounts at annual rate equal to 8% over the then current base lending rate of Bank of England at the date the relevant invoice was issued, compounded monthly, commencing on the due date and continuing until fully paid, whether before or after judgment, or the highest rate otherwise permitted by law. Customer shall reimburse Complyfirst for all costs incurred in collecting any overdue payments and related interest, including, without limitation, legal fees, legal costs, court costs and collection agency fees.
    3. If Complyfirst suspends Customer’s account for non-payment, Customer will be entitled to reopen or reinstate its account by: (i) paying all outstanding invoices; (ii) paying all late fees or charges associated with past due invoices; (iii) paying any fees Complyfirst may be charged for unsuccessful direct debit or credit card charge(s); and (iv) executing a direct debit authorisation form or credit card charge authorisation form expressly authorizing Complyfirst to debit its bank account or charge its credit card according to the payment terms set out in the relevant Proposal.
    4. If Customer is paying by credit card, direct debit or other online payment methods, it authorises Complyfirst to charge Customer’s credit card, bank account or other online payment methods for all fees payable during the Subscription Term. Customer further authorises Complyfirst to use a third party to process payments and consent to disclose Customer’s payment information to such a third party.
    5. All amounts and fees stated or referred to in the Agreement: (a) shall be payable in pounds sterling (unless another currency is denominated in the Proposal); (b) are, subject to clause  17.6, non-cancellable and non-refundable; (c) are exclusive of taxes or duties payable under the Agreement as specified below, which shall be added to Complyfirst’s invoice(s) at the appropriate rate; and (d) shall be paid by bank transfer in full and cleared funds to the account specified on Complyfirst’s invoice, or by such other payment method (which must be kept up to date and accurate) as Complyfirst may accept from time to time. 
    6. Customer is solely responsible for all taxes, fees, duties and governmental assessments (except for taxes based on Complyfirst’s net income or gross revenue) imposed or become due in connection with the provision of Services to Customer under the Agreement. If Customer is located in the UK, or another EU member state other than Ireland, current VAT rules at the date at which these General Terms were last updated permit Complyfirst to zero rate any invoice for VAT purposes, but Customer must fully comply with its own VAT reporting and payment obligations in its own domicile. Complyfirst will not issue refunds or credits for any VAT charged. 
    7. If Customer is required to deduct or withhold any tax it must pay the amount deducted or withheld as required by law and pay Complyfirst an additional amount so that Complyfirst receives payment in full as if there were no deduction or withholding. 
    8. If, at any time whilst using the Services, Customer exceeds the Licence Restrictions, Complyfirst shall charge Customer, and Customer shall pay, Complyfirst’s then prevailing charges for such excessive use.
    9. Customer must keep its contact information, billing information and credit card information (where applicable) up to date through its account.
    10. Complyfirst shall at the start of each Renewal Period, having given at least thirty (30)  days’ prior notice to Customer (including via email), be entitled to increase the Subscription Charges and the Subscription Charges set out in Proposal shall be deemed to have been amended accordingly for the duration of the Renewal Period (unless the Customer objects to such increase not less than 14 (fourteen) days prior to the commencement of that Renewal Period, in which case the Agreement may not renew into any Renewal Period unless the parties otherwise agree). If no notice is given, the Subscription Charges applicable for over each subsequent Renewal Period shall be increased (only) by a percentage increase in line with the annual increase in either (a) the Retail Prices Index, or (b) the Consumer Prices Index (whichever is higher) over such period
    11. Complyfirst may offer, via an agreed Proposal, a system allowing Customer to purchase pre-paid Credits, typically at a discounted rate, which can be redeemed for the future purchase of outside-scope Professional Services. Any Professional Services purchased will need to be agreed with Complyfirst via a separate Proposal. Credits expire at the end of the then current Initial Subscription Term or Renewal Period (a billing cycle) in which they are purchased, meaning that any Credits the Customer doesn’t use during the applicable billing cycle will not roll over into future billing cycles, other than in exceptional circumstances where Complyfirst may choose to facilitate this. If the Agreement is terminated or expires unused Credits will expire immediately. There will be no refund or payment for any unused Credits on termination or expiry. All Credits are non-refundable, non-cancellable, non-transferable and non-exchangeable, have no cash value and are not redeemable for cash or anything else.  The exact number and type of Professional Services required will dictate the number of Credits required. 
  10. PROPRIETARY RIGHTS AND DATA
    1. Customer acknowledges and agrees that Complyfirst and/or its licensors own all intellectual property rights in or arising from the Services, Software and their documentation. All content on the Complyfirst’s site and the Subscription Service is copyright © FDJ Ecommerce Ltd t/a Complyfirst (Complyfirst’s parent company). The Complyfirst® name and brand, and all associated logos, are each the registered or unregistered trademarks of Complyfirst or of FDJ Ecommerce Ltd. 
    2. Except as expressly stated herein, the Agreement does not grant Customer any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trademarks (whether registered or unregistered), or any other rights or licences in respect of the Services, Software and its documentation. This shall be without prejudice to Customer’s ownership of any background intellectual property rights owned by it separately from the Agreement and/or pre-dating the Agreement.
    3. Customer may not duplicate, copy, or reuse any portion of Complyfirst’s Software or Services or trademarks, without Complyfirst’s express permission, save that Customer may link to the Complyfirst’s website, provided it does so fairly and legally and in a way that does not damage Complyfirst’s reputation or take advantage of it. Customer must not establish a link in such a way as to suggest any form of association, approval or endorsement on Complyfirst’s part where none exists. Customer must not establish a link to Complyfirst’s Site on any website that Customer does not own unless Customer has relevant authorisations. Complyfirst reserves the right to withdraw linking permission without notice. The website in which Customer is linking must comply in all respects with the content standards set out in the Agreement. Complyfirst’s Site must not be framed on any other site. Complyfirst may withdraw this licence at any time on notice. If Customer wishes to link to or make any use of data on Complyfirst’s website other than that set out above, it must obtain Complyfirst’s prior written consent.
    4. Customer shall own all rights, title and interest in and to all of Customer Data and shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of Customer Data and the means by which it acquired such Customer Data, provided that Complyfirst shall have a lien over any Customer Data in the event of non-payment of any Charges by Customer hereunder, and reserves the right to disable all access to the Customer Data in the event of non-payment as contemplated herein. 
    5. Complyfirst shall use reasonable endeavours to maintain appropriate administrative, physical and technical safeguards for protection of the security, confidentiality and integrity of Customer Data, including in accordance with the Complyfirst’s ISP. However, Customer understands and acknowledges that use of the Subscription Services necessarily involves transmission of Customer Data over networks that are not owned, operated or controlled by Complyfirst, and that Complyfirst cannot be held responsible for any Customer Data lost, altered, intercepted or stored across such networks. Complyfirst does not guarantee that its security procedures will be error-free, that transmissions of Customer Data will always be secure or that unauthorised third parties will never be able to defeat Complyfirst’s security measures or those of Complyfirst’s third party service providers.
    6. Complyfirst shall not modify Customer Data, disclose Customer Data or access Customer Data except: (a) as required by law; (b) as expressly permitted by Customer; (c) to provide the Services; (d) to address technical problems or issues with the Services; or (e) at Customer’s request when providing Support. 
    7. Customer hereby grants to Complyfirst a license to use, reproduce, modify, create derivative works from, distribute, perform, transmit, anonymize, and display Customer Data as strictly necessary to provide the Services, including the right for Complyfirst to grant equivalent rights to its service providers that perform services that form part of or are otherwise used to perform the Services. Customer further grants to Complyfirst all necessary rights to perpetually and irrevocably use, on a sub-licensable, perpetual and royalty-free basis, reproduce, modify, create derivative works from, distribute, perform, transmit and display Customer Data in a strictly both anonymised and aggregated form that does not identify individual persons or organisations (such as, by way of example and not by way of limitation, numbers of verifications, complaints or instances of reported fraud) in order to compile statistics regarding use of the Services (or their underlying data) and/or to develop and improve the Services, including, for example, to offer Customer and other Complyfirst customers aggregated benchmarking data pertaining to numbers of complaints that might be typical in a particular industry and territory (or for a particular sub-category of licensee). 
    8. Neither Customer or any Authorised Users may access the Subscription Services where they are engaged as an employee or contractor with any business that competes with Complyfirst own or to attempt to gain access to Complyfirst’s Confidential Information with a view to building, creating or amending any software or service which competes with any element of the Subscription Service offered by Complyfirst. Further, during the Subscription Term, and for twelve (12) months thereafter, Customer shall not, or attempt to, build or develop any product or service that commercially competes with or is substantially similar to the Software, which it provides or intends to provide to third parties for payment (i.e., which is not solely intended for internal use). This obligation shall cease to apply only where there is no longer a commercial relationship between the parties, and Customer can demonstrate that (a) an independent third party has licensed or sold the Software (or something similar to it) to it on arms’ length terms, and (b) such competing solutions do not incorporate or contain, are not based upon, and do not rely in any way upon any Confidential Information made available by Complyfirst to the Customer, or to which the Customer otherwise gained access, under the Agreement or any previous contract between the parties. 
    9. If Customer (including its Authorised Users) gives Complyfirst any Feedback, it acknowledges and agrees by accepting the Agreement that Complyfirst will have a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable and perpetual licence to implement, use, modify, commercially exploit or incorporate the Feedback into Complyfirst’s products, services, and documentation.
    10. Customer acknowledges that it has no right to access the Software in source code form or unlocked coding or comments.
    11. Complyfirst will store report information created using the Subscription Services unless Customer has instructed Complyfirst to deactivate storage of data. Complyfirst shall use its reasonable commercial endeavours to back-up all Customer Data on a daily basis but otherwise backup of all Customer Data shall be the sole responsibility of Customer. In the event of any loss of or damage to Customer Data, Customer’s sole and exclusive remedy shall be for Complyfirst to use its reasonable commercial endeavours to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by Complyfirst. Customer should note that Complyfirst’s typical retention periods for Customer Data are as set out in its Privacy Policy. Complyfirst is not responsible for Customer’s compliance with its regulatory data retention requirements, and will only use reasonable endeavours to back-up / store finalised report information for a period of six years (on the basis outlined in this clause above), following which point it is automatically deleted, unless the Agreement has terminated earlier and the Customer Data been deleted as noted in clause 17.5 below. 
  11. DATA PROTECTION
    1. Both parties will comply with all applicable requirements of the Data Protection Law. This clause is in addition to, and does not relieve, remove or replace, a party’s obligations under the Data Protection Law.
    2. The parties acknowledge that for the purposes of the Data Protection Law, in relation to any Personal Data comprised within Customer Data (Customer Personal Data), Customer is the data controller and Complyfirst is the data processor. Such Personal Data shall only be processed by Complyfirst in accordance with any lawful instructions reasonably given by Customer from time to time in writing, as reasonably necessary to fulfil the Agreement (including as required by the underlying operating procedures for the Software) and exercise Complyfirst’s rights and obligations hereunder and as applicable in accordance with the terms of Complyfirst’s Privacy Policy. Complyfirst’s Privacy Policy provide detailed notice of Complyfirst’s privacy and data use practices concerning any personal data comprised in Customer Data. Complyfirst requires all authorised users and customers to adhere to the relevant provisions of the Privacy Policy. Customer shall be responsible and liable for its Authorised Users’ adherence to these requirements.
    3. As between the parties, where each party processes any Personal Data provided by or relating to the other party or its employees otherwise than Customer Personal Data, including employee names and email addresses of employees of Customer with whom Complyfirst interacts (for example), each party acknowledges that they shall act as a data controller in relation to such Personal Data and only process it for specified purposes in accordance with each party’s respective privacy policy for the purposes of contract administration or otherwise in its own legitimate interests, as permitted under Data Protection Law. 
    4. Without prejudice to the generality of clause 11.1, Customer must ensure that its use of the Subscription Services and all Customer Data is at all times compliant with the terms of the Agreement, all applicable laws and regulations including Data Protection Law (nationally and internationally) and Customer represents and warrants that: (a) it has obtained all necessary rights, releases and permissions to provide all Customer Data to Complyfirst for the purposes and duration of the Agreement and to grant the rights granted to Complyfirst in the Agreement; and (b) Customer Data and its transfer to and use by Complyfirst as authorised by Customer under the Agreement do not violate any laws (including without limitation those relating to export control, the principle of demonstrable “consent” under Data Protection Law, specifically Article 7 of the EU or UK GDPR) and electronic communications) or rights of any third party, or data subject, including without limitation any intellectual property rights, rights of privacy, or rights of publicity, and any use, collection and disclosure authorised herein is not inconsistent with the terms of any applicable privacy policies. Other than Complyfirst’s security obligations under clause 9.3, limited back-up obligations in clause 10.7, and legal obligations under Data Protection Law (as set out in this clause 11) and confidentiality obligations in clause 12, Complyfirst assumes no responsibility or liability for Customer Data, and Customer shall be solely responsible for Customer Data and the consequences of determining the purpose and manner in which Customer Data is to be processed, used, disclosed, stored, or transmitted.
    5. Without prejudice to the generality of clause 11.1, Complyfirst shall, in relation to any Customer Personal Data: (a) process that Customer Personal Data only on the written instructions of Customer unless Complyfirst is required by Data Protection Law to otherwise process that Customer Personal Data; (b) ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures; (c) ensure that all personnel who have access to and/or process Customer Personal Data are obliged to keep Customer Personal Data confidential; (d) not transfer any Customer Personal Data outside of the UK or the EEA unless the prior written consent of Customer has been obtained and the following conditions are fulfilled: (i) Customer or Complyfirst has provided appropriate safeguards in relation to the transfer; (ii) the data subject has enforceable rights and effective legal remedies; (iii) Complyfirst complies with its obligations under the Data Protection Law by providing an adequate level of protection to any Customer Personal Data that is transferred; and (iv) Complyfirst complies with reasonable instructions notified to it in advance by Customer with respect to the processing of Customer Personal Data; (e) assist Customer, at Customer’s cost, in responding to any request from a Data Subject and in ensuring compliance with its obligations under the Data Protection Law with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators; (f) notify Customer without undue delay on becoming aware of a Personal Data breach; (g) at the written direction of Customer, delete or return Customer Personal Data and copies thereof to Customer on termination of the agreement unless required by Applicable Law to store Customer Personal Data (subject always to Customer having paid Complyfirst any then outstanding charges owing under the Agreement); and (h) maintain complete and accurate records and information to demonstrate its compliance with this clause.
    6. Customer consents to Complyfirst appointing the categories of sub-processor listed in the Privacy Policy or otherwise notified to Customer from time to time by Complyfirst, as third-party processors of any Personal Data processed by Complyfirst under the Agreement. Complyfirst confirms that it has entered or (as the case may be) will enter with such third-party processors into a written agreement substantially on those third party’s standard terms of business (which shall at a minimum require such sub-processors to treat any Customer Data as confidential and process any Customer Personal Data in compliance with Data Protection Law). As between Customer and Complyfirst, Complyfirst shall remain fully liable for all acts or omissions of any third-party processor appointed by it pursuant to this clause.
    7. If Complyfirst is deemed to process any personal data on Customer’s behalf when performing its obligations under the Agreement, the parties record their intention that the Agreement would represent the data processing agreement envisaged by Article 28 of the EU GDPR (and the equivalent provision under UK GDPR), together with the relevant provisions of Complyfirst’s Privacy Policy, which sets out the categories of personal data and data subjects, where Customer is the data controller and Complyfirst is a data processor. 
    8. Customer hereby consents to Complyfirst conducting credit investigations, from time to time, including such requests for and exchange of information to and from consumer reporting agencies or credit grantors as it may require to approve and maintain any funding arrangements to be granted by Complyfirst in relation to the Services, and to provide payment history information to such agencies.
  12. CONFIDENTIALITY
    1. Neither party will use the other’s Confidential Information except as permitted under the Agreement. Each party agrees to maintain in confidence and protect the other party’s Confidential Information using at least the same degree of care as it uses for its information of a confidential and proprietary nature but in any event at least a reasonable degree of care. Each party agrees to take all reasonable precautions to prevent any unauthorised disclosure of the other party’s Confidential Information, including, without limitation, disclosing such Confidential Information strictly only to those of its employees, representatives, consultants, contractors or agents (together Representatives) who need to know such information, are subject to restrictions around the use of such Confidential Information substantially similar to those set out in this clause. Each party shall be liable and responsible for its Representatives adherence to such terms. The preceding obligations will not restrict either party from disclosing Confidential Information of the other party under the order or requirement of a court, administrative agency, or other governmental body, provided that the party required to make such a disclosure gives reasonable notice to the other party to enable such party to contest such order or requirement (to the extent permitted by law). 
    2. For the avoidance of doubt, Complyfirst considers Customer Data not publicly disclosed by Customer to be Customer’s Confidential Information and will protect and keep confidential such Confidential Information per (this) clause 12. Complyfirst may access and use such Confidential Information under the following circumstances (a) with Customer’s consent and knowledge, for support reasons; (b) if it have reason to believe such Confidential Information violates the law or of the Agreement (including in respect of a specific Authorised User’s usage), in which case it reserves the right to access, review, and remove them; (c) where it is compelled by law to disclose Customer’s Confidential Information; or (d) when access is required for operational or security reasons, including when access is required to maintain ongoing confidentiality, integrity, availability and resilience of Complyfirst’s Subscription Services (in which case access will be limited to specifically authorised personnel and only exercised to the extent necessary to facilitate such purposes). 
    3. Customer is responsible for managing access to its account and Customer Data stored thereon, including invitations, administrative control, and access. Complyfirst is not responsible for the actions of any of Customer’s Authorised Users in this regard. Nor is Complyfirst responsible for any third party’s or Authorised User’s adherence to any terms imposed by Customer as a pre-requisite for access to its Customer Data. During the Term Customer can, via the Subscription Services, access (either manually or via API) and control (including delete) Customer Data. 
    4. In accessing the Subscription Services, Customer and its Authorised Users may also gain access to information relating to Beta Services which Complyfirst considers being Confidential Information, and Customer agrees on behalf of itself and its Authorised Users to protect and keep strictly confidential such Confidential Information per this clause 12. 
  13. NON-SOLICITION
    1. During the Term and for 12 months thereafter, neither party, directly or indirectly, will solicit for employment or for engagement as an independent contractor, or encourage leaving its employment or engagement, any employee or independent contractor of the other party known to the soliciting party solely through the Agreement. For the avoidance of doubt, general public advertisements for employment or engagement and any individual’s response thereto will not be deemed a violation of this clause. 
  14. INDEMNITY – CUSTOMER’S ATTENTION IS PARTICULARLY DRAWN TO THIS CLAUSE
    1. Customer shall defend, indemnify and hold harmless Complyfirst against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with its and/or the Authorised Users’ use of the Subscription Services including, without limitation, for any liability, damages, costs or claims incurred by Complyfirst due to Customer’s use of the Subscription Services for any purpose outside of the Purpose or any claim relating to Customer Data, including, without limitation, any claim brought by a third party alleging that Customer Data, or Customer’s use of the Subscription Services in breach of the Agreement infringes or misappropriates the intellectual property rights of a third party or violates applicable law, save to the extent directly attributable to Complyfirst’s breach of the Agreement.
    2. Complyfirst shall, subject to the other provisions of this clause 14 and the limitations in clause 15, defend Customer against any claim that the Subscription Services infringe any copyright, trade mark, patent or right of confidentiality and shall indemnify Customer for any amounts awarded by a court of competent jurisdiction against Customer in judgment or settlement of such claims, or agreed to by Complyfirst, provided that: (a) Complyfirst is given prompt notice of any such claim, together with all relevant details of the claim; (b) Customer provides reasonable co-operation to Complyfirst in the defence and settlement of such claim, at Complyfirst’s expense; and (c) Complyfirst is given sole authority to defend or settle the claim, and Customer does not compromise, settle or admit liability with respect to any claim without Complyfirst’s prior written consent (not to be unreasonably withheld). 
    3. In the defence or settlement of any claim, Complyfirst may procure the right for Customer to continue using the Subscription Services, replace or modify the Subscription Services so that they become non-infringing or, if such remedies are not reasonably available, terminate the Agreement without any additional liability or obligation to pay liquidated damages or other additional costs to the Customer. 
    4. In no event shall Complyfirst, its employees, agents and sub-contractors be liable to Customer to the extent that the alleged infringement is based on: (a) a modification of the Software or Subscription Services by anyone other than Complyfirst or Complyfirst’s authorised contractors or agents or (b) Customer's use of the Services in a manner contrary to the instructions given to Customer by Complyfirst or Complyfirst’s authorised contractors or agents; (c) Customer's use of the Subscription Services after notice of the alleged or actual infringement from Complyfirst or any appropriate authority; or (d) any element of the Software (or the Customer Data’s integration with same) not attributable to the Complyfirst (for example, Customer databases, or bespoke upgrades to the Software undertaken at the Customer’s direction incorporating content provided by the Customer).  
    5. The foregoing provisions of clause 14 state Customer's sole and exclusive rights and remedies, and Complyfirst’s (including Complyfirst’s employees’, agents’ and sub-contractors’) entire obligations and liability, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.
  15. LIMITATION OF LIABILITY – CUSTOMER’S ATTENTION IS PARTICULARLY DRAWN TO THIS CLAUSE
    1. This clause 15 sets out the entire financial liability of Complyfirst (including any liability for the acts or omissions of its employees, agents and sub-contractors) to the other in respect of: (a) any breach of the Agreement (including without limitation, any claim under clause 14.1 or clause 14.3); (b) any use made by Customer of the Software, Support or any part of them; and (c) any representation, statement or tortious act or omission (including negligence) arising under or in connection with this Agreement.
    2. Except as expressly and specifically provided in the Agreement: (a) all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from the Agreement, including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement; (b) the Services and all other services provided, procured and/or sub-contracted by Complyfirst under the Agreement, are provided to Customer on an “as is” and “as available” basis; and (c) Customer assumes sole responsibility for the use of the Services and their associated documentation by Customer and Authorised Users, and for conclusions drawn from such use, including any decisions made as a result of the Customer’s use of the Subscription Services or any reliance placed thereon. Complyfirst shall have no liability for any damage caused by errors or omissions in any information, instructions or data provided to Complyfirst by Customer in connection with the Services, or any actions taken by Complyfirst at Customer’s direction.
    3. Complyfirst does not warrant that the Subscription Services will meet Customer’s requirements; that the Subscription Services will be uninterrupted, timely, secure, or error-free; that the information provided through the Subscription Services is accurate, reliable or correct; that any defects or errors will be corrected; that the Subscription Services will be available at any particular time or location (and in particular, Customer should note that the Subscription Services will only permit regulatory reporting during timeframes approved by the FCA or other relevant regulatory authority from time to time); or that the Subscription Services is free of viruses or other harmful components. Complyfirst will not be responsible for any risk of loss resulting from Customer’s downloading or using files, information, Data or other material obtained from the Subscription Service.
    4. Complyfirst may, from time to time at its discretion, generally upgrade and improve the Subscription Services as it sees fit, and Customer acknowledges that such upgrades and improvements may affect its use of the Subscription Services. 
    5. Nothing in the Agreement excludes the liability of either party: (a) for death or personal injury caused by such party’s negligence; or (b) for fraud or fraudulent misrepresentation or (c) any other liability which cannot strictly be excluded or limited by relevant law.
    6. Subject to the foregoing: a) Complyfirst shall not be liable whether in tort (including for negligence or breach of statutory duty), contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under the Agreement; and (b) Complyfirst’s total aggregate liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of the Agreement shall be limited to an amount equal the annual Subscription Charges paid for the 12 month period in which the claim arose.
    7. Customer acknowledges and accepts that Complyfirst does not and cannot warrant or represent that the Services are compliant with all regulatory or legal requirements to which Customer may be subject, or which may be relevant to the purposes for the Services may be used, subject to any terms of the Proposal and that Complyfirst only provides a digital tool to assisting the Customer’s in fulfilling its own regulatory reporting obligations, but cannot assume responsibility for final compliance. Customer acknowledges that the preparation and submission of accurate and timely reports to the FCA or other applicable regulatory body is its responsibility. Customer acknowledges and agrees that Complyfirst shall not be responsible or liable to Customer in any way (including in relation to damages or regulatory fines or penalties arising from use of the Subscription Services) regarding Customer’s regulatory compliance obligations and that results and outcomes cannot be in any guaranteed. In particular, Complyfirst cannot be held responsible or liable for ensuring that all relevant measures or referenced through or via the Subscription Services to facilitate regulatory reporting are undertaken or followed and Comply first is not responsible for human error and negligent or fraudulent data entry or provision in relation to compliance with or adherence to such measures. It is the sole responsibility of the Customer to monitor and audit its Authorised Users’ use of the Subscription Services and to ensure that the relevant measures are adhered to, and its regulatory obligations satisfied. Additionally, Customer acknowledges that use and interpretation of the Subscription Services requires specialist skill and knowledge, and that the Customer has that skill and knowledge and undertake that it and its Authorised Users will exercise same, and appropriate judgment, when using the Subscription Services. 
  16. FREE SERVICES AND BETA SERVICES
    1. Customer acknowledges that all Free Services (including in this section any Beta Services (i.e., preview or early access Services)) may be subject to change at any time without notice. Customer uses Free Services entirely at its own risk. Complyfirst gives no warranties whatsoever, and to the extent permitted by law, accept no liabilities whatsoever regarding the Free Services and their use by Customer or any Authorised Users.  
    2. Access to the Free Services and Beta Services (which have not been paid for) is permitted temporarily, and Complyfirst may suspend, withdraw, discontinue or change all or any part of the Free Services, either generally or to Customer specifically, at any time, for any reason, with or without notice. Complyfirst will not be liable to Customer if, for any reason, the Free Services are unavailable at any time or for any period.
    3. Customer acknowledges and agrees that access and use of any applicable Free Services or Beta Services Complyfirst offers constitutes reasonable and sufficient consideration. In return for that access, Customer is willing to adhere to the terms of the Agreement.  
    4. As a Beta Services user, Customer may get access to information that isn't yet publicly available about new products and features that Complyfirst plans to offer. Given the nature of this information, it is important that Customer keeps it confidential. Customer agrees that any Beta Service information that isn't yet in the public domain, for example, information about a preview for a new Beta Service, is Complyfirst’s Confidential Information, whether or not expressly labelled as such. Customer agrees only to use such Confidential Information to test and evaluate the Beta Service (the Purpose), not for any other purpose. Customer also agrees not to disclose, publish, or share any Confidential Information with or to any third party unless it has set up the Beta Service in such a way that expressly encourages this (for example, where Customer is part of a forum Complyfirst has organised to trial or discuss a new Beta Service). 
    5. Complyfirst’s Confidential Information relating to Beta Services does not include information that is: (a) (or becomes) publicly available without breach of the Agreement through no act or inaction on Customer’s part (for example, where a previously private Beta Service is rolled out as a regular Service by us); (b) independently developed by Customer without breach of any confidentiality obligation to Complyfirst or any third party; or (c) disclosed with Customer’s express written permission from Complyfirst. If Customer is required to disclose Confidential Information according to any order by a court or regulatory authority with jurisdiction over Complyfirst, it may do so provided that Complyfirst has been given reasonable advance written notice to object (unless prohibited by law) and the disclosure is limited to the maximum extent possible to comply with such an order of law. 
  17. TERM AND TERMINATION
    1. This Agreement shall commence on the Commencement Date, or the date the Proposal is agreed or signed by both parties, whichever is earlier, and shall (unless terminated earlier in accordance with these terms) continue in full force and effect until the end of the Subscription Term. 
    2. Without prejudice to any other rights or remedies to which the parties may be entitled, either party may terminate the Agreement without liability to the other if: (a) the other party commits a material breach of any of the terms of the Agreement and (if such a breach is remediable) fails to remedy that breach within 30 days of that party being notified in writing of the breach; or (b)  an order is made or a resolution is passed for the winding up of the other party or if an order is made for the appointment of an administrator to manage the affairs, business and property of the other party, or if such an administrator is appointed or if documents are filed with the court for the appointment of an administrator or if notice of intention to appoint an administrator is given by the other party or its directors or by a qualifying charge holder, or if a receiver is appointed of any of the other party’s assets or undertaking or if circumstances arise which entitle the court or a creditor to appoint a receiver or manager or which entitle the court to make a winding-up order or if the other party takes or suffers any similar or analogous action in consequence of debt; (c) the other party ceases, or threatens to cease, to trade. Complyfirst may also terminate the Agreement for cause on thirty (30) days’ notice if Complyfirst determines that Customer is acting, or has acted, in a way that has or may negatively reflect on or affect Complyfirst, Complyfirst’s prospects, or Complyfirst’s customers, or the Customer undergoes a change in control (as defined in section 1124 of the Corporation Tax Act 2010) which means that it is acquired by a Complyfirst competitor. The Agreement may not otherwise be terminated prior to the end of the Subscription Term. 
    3. Complyfirst may suspend any Authorised User’s access to any or all Subscription Services without notice for: (i) use of the Subscription Services in a way that violates applicable laws or regulations or the terms of the Agreement, (ii) posting or uploading material that infringes or is alleged to infringe on the intellectual property rights of any person or relevant law, or (iii) to protect the integrity, operability, and security of the Subscription Services. Complyfirst may, without notice, review, edit and delete any Customer Data that Complyfirst has reason to determine in good faith violates the Agreement, provided that the parties acknowledge and agree that Complyfirst has no duty to, and shall not, pre-screen, control, monitor or edit Customer Data. Complyfirst will, in its discretion and using good faith, tailor any suspension as needed to preserve the integrity, operability, and security of the Subscription Services, and endeavour to give notice as soon as reasonably possible either before or after such suspension.
    4. The Subscription Term shall automatically renew over each Renewal Period unless and until either party gives notice to the other in writing (including by email) that it does not wish the Agreement to continue beyond the Initial Subscription Term or the then current Renewal Period, such notice to expire no later than 30 days prior to the end of the Initial Subscription Term or then current Renewal Period. 
    5. On expiry or termination of the Agreement for any reason: (a) all licences granted under the Agreement shall immediately terminate, even if no expiration date is specified in the Proposal provided by Complyfirst; (b) each party shall return and make no further use of any Confidential Information belonging to the other party; and (c) the accrued rights of the parties as at expiry or termination, or the continuation after expiry or termination of any provision expressly stated to survive (including, without limitation, clauses 1, 2, 9, 10, 11, 12, 13, 14.1, 15, 17.5, 17.6 and 18) or implicitly surviving termination, shall not be affected or prejudiced; and (d) [subject to payment of a fee where applicable, Complyfirst will make reasonable efforts to provide Customer with a copy of its lawful, non-infringing Customer Data held in its or its Authorised Users’ accounts upon request, provided that Customer makes this request within 90 days of termination. Otherwise, Complyfirst will retain and use Customer Data as necessary to comply with its legal obligations, resolve disputes, and enforce Complyfirst’s agreements (and as further set out in Complyfirst’s Privacy Policy), but barring legal requirements, Complyfirst will delete all Customer Data within its control within the periods specified and subject to any limitations set out within the Complyfirst’s Privacy Policy. Complyfirst does not guarantee that any Customer Data can be recovered once this Agreement is terminated and any Authorised User Accounts closed.
    6. Where Customer validly and lawfully terminates in accordance with clause 17.2(a) Complyfirst shall within 20 Business Days reimburse to Customer the Unused Portion of any Subscription Charges or other charges paid by Customer.  
  18. GENERAL
    1. Complyfirst shall have no liability to Customer under the Agreement if it is prevented from or delayed in performing its obligations under the Agreement, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control, including, without limitation, strikes, lock-outs or other industrial disputes (whether involving the workforce of Complyfirst or any other party), failure of a utility service or transport or telecommunications network, act of God, war, riot, civil commotion, malicious damage, compliance with any law or governmental order, rule, regulation or direction, accident, breakdown of plant or machinery, fire, flood, storm or default of suppliers or sub-contractors, provided that Customer is notified of such an event and its expected duration. Complyfirst shall not be responsible for the failure of any third party systems or platforms with which the Subscription Services interact. 
    2. A waiver of any right under the Agreement is only effective if it is in writing and it applies only to the party to whom the waiver is addressed and to the circumstances for which it is given.
    3. Unless specifically provided otherwise, rights arising under the Agreement are cumulative and do not exclude rights provided by law.
    4. If any provision (or part of a provision) of the Agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force. If any invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.
    5. The Agreement, and any documents referred to in it, constitute the whole agreement between the parties and supersede any previous arrangement, understanding or agreement between them relating to their subject matter. Complyfirst’s obligations are not contingent on the delivery of any future functionality or features of the Subscription Services or dependent on any oral or written public comments made by Complyfirst regarding the Subscription Services’ future functionality or features. 
    6. Customer hereby authorises Complyfirst to reference and/or include Customer’s name or logo as part of Complyfirst’s marketing and advertising efforts without further review or advance approval, including to: (i) list Customer as a Complyfirst customer on social media sites, including Twitter, LinkedIn, Facebook, Complyfirst’s website, blog, or any other social media site; (ii) list Customer in Complyfirst marketing materials including corporate marketing collateral, website, social media sites, and other advertising campaigns. Complyfirst shall comply with any brand guidelines shared by Customer in the use of Customer’s name and logo in accordance with this clause, and shall not use Customer’s name or logo in such a way as to imply that Customer endorses Complyfirst or its products or services (other than to the extent they are noted as a Complyfirst customer). 
    7. Customer shall not, without the prior written consent of Complyfirst (such consent not to be unreasonably withheld), assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under the Agreement. Complyfirst shall be free to assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under the Agreement without the consent of Customer but providing notice of any assignment or transfer. Complyfirst may also appoint a suitably qualified sub-contractor to perform or provide certain Services on its behalf. Customer will continue to be liable to pay Complyfirst any fees due under the Agreement and shall not be liable directly for any of the subcontractor’s fees or expenses. Complyfirst shall remain responsible for the performance by its sub-contractor of any sub-contracted Services and shall not sub-contract the Subscription Services in their entirety. 
    8. Nothing in the Agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).
    9. Notwithstanding any other provisions of the Agreement, nothing in the Agreement confers or purports to confer any right to enforce any of its terms on any person who is not a party to it.
    10. Any notice required or permitted to be given under the Agreement shall be in writing and shall be delivered or transmitted to the intended recipient's address as specified in the Agreement or such other address as either party may notify in writing to the other from time to time for this purpose. It may also, in the case of notice by Complyfirst only, be generally notified to Customers via their account, or notified by way of email to the email address Complyfirst has on account for a given Customer.  Any notice shall be treated as having been served on delivery if delivered by hand, 4 Business Days after posting if sent by pre-paid first class post. In the case of notice served by posting on the Customer’s account or by email, the notice shall be deemed given at the time such upload goes live onto the website or at the time of transmission of the email (respectively).  
    11. The construction, validity and performance of the Agreement shall be governed by the laws of England, and the parties submit any dispute regarding the construction, validity performance of the Agreement, or its subject matter, or any non-contractual disputes, to the exclusive jurisdiction of the courts of England.
    12. The Proposal may be executed in any number of counterparts, each of which will be considered an original, but all of which together will constitute the same agreement. The exchange of a fully executed valid Proposal (in counterparts or otherwise) by facsimile or electronic transmission, or its signature via DocuSign or other EIDAS compliant signature platform, or the Customer’s confirmation by email of its agreement to the terms of a valid Proposal, shall be sufficient to bind the parties to the terms and conditions of the Agreement. 
    13. All Professional Services and Support, the Agreement and any correspondence between the parties regarding the Agreement’s subject matter shall be exclusively in the English language. 
    14. Complyfirst might make versions of the Agreement available in languages other than English. If Complyfirst does, the English version of the Agreement will govern Complyfirst’s relationship. The translated version is provided for convenience only and will not be interpreted to modify the English version of this Agreement. 
    15. Unless otherwise stated in these General Terms, no amendment or variation of the Agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives). The above notwithstanding, Complyfirst may, acting in its sole discretion, amend these General Terms from time to time and will endeavour to provide Customer with thirty (30) days’ notice before making the change effective when it does so. If Customer objects to any change the change shall not take effect (in relation to that Customer only) until the expiry of the then current Initial Subscription Term or Renewal Period (prior to which the Customer will have had an option under clause 9.10 to elect not to renew the Agreement into such subsequent term), and the version of the General Terms applicable to Customer until that point shall be the version applicable immediately prior to the latest update. Every time Complyfirst enters into a new Proposal with any Customer, the terms applying to the Agreement between the Parties shall be as outlined in the relevant version of these General Terms in force at the time of the signing of the relevant Proposal.