• GBG hosts the Supplier Data
• No Sub-processors used
The Supplier Data that GBG uses for the NCOA ® Suppression data is provided by Royal Mail. GBG is obliged under the terms of its agreement with Royal Mail to ensure that all Licensees agree to comply with the following provisions:
1.1 In these Additional Terms, unless the context clearly indicates otherwise:
“Batch Processing” the use of the Service to carry out automated electronic processing of Customer Records in a Customer Database against Suppression Data in the NCOA® Suppress Database for the purpose of identifying Matches;
“Confidential Information” any information of a confidential or proprietary nature (irrespective of the form, presentation or communication including computer software and data, physical objects and samples and, in the case of Royal Mail, the Suppression Data, whether before or after it is incorporated into a Customer Database) relating to the business, operations, customers, processes, budgets, product information, know-how and/or strategies of either party;
“Customer Database” an electronic compilation of Customer Records;
“Customer Record” the name and address of a current or lapsed customer or prospective customer of the End User which have been lawfully and fairly obtained by the End User solely for the purposes of marketing, commercial communications or customer administration;
“Data Protection Requirements” the Data Protection Act 2018, the General Data Protection Regulation (GDPR) (EU) 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC and the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation and/or regulations implementing them or made in pursuance of them including where applicable the guidance codes of practice issued by the Information Commissioner;
“Decryption Process” the codes, methodology and/or medium to be deployed to decrypt, use or activate the Product.
“EEA” means the European Economic Area comprising, for the time being, the EU member states, Norway, Iceland and Liechtenstein.
“End User” means the individual, company or other legal entity which is the owner or licensor of the Customer Database
“Individual Look Up” the use of the Product to carry out electronic processing of an individual Customer Record against Suppression Data in the NCOA® Suppress Database for the purpose of identifying a Match;
“Intellectual Property Rights” all intellectual property rights including copyright and related rights, database rights, trade marks and trade names, patents, topography rights, design rights, trade secrets, know-how, and all rights of a similar nature or having similar effect which subsist anywhere in the world, whether or not any of them are registered and applications for registrations, extensions and renewals of any of them;
“Licensee” the individual, company or other legal entity (which may include the End User) hereby entering into a Licensee Contract with GBG.
“Licensee Contract” means the agreement between GBG and the Licensee which incorporates these Additional Terms.
“Match” each instance where through Processing, a name and address contained in the Customer Database is matched to the name and address contained in the NCOA® Suppress Database;
“NCOA ® Suppress Database” a database containing Suppression Data selected, arranged and compiled by Royal Mail using and stored on electronic media and including any updates to it;
“Old Address” the address specified by a Redirection Customer as that from which mail should be redirected, as subsequently amended by Royal Mail, if necessary, to ensure that the address information is correct for Royal Mail’s postal purposes;
“Permitted Purpose” carrying out Processing and in relation to any Match, (i) deleting the names and address records which appear in the Customer Records of the relevant existing customer or prospective customer to whom the Match relates, for the purpose of a one-off mailing campaign by the End User; or (ii) providing a permanent flag against the address of the relevant existing customer or prospective customer to whom the Match relates; (ii) for the avoidance of doubt, the Permitted Purpose shall not, in accordance with Data Protection Legislation, including sending any direct marketing to individuals
“Processing” Batch Processing and/or Individual Look Ups in accordance with the Agreement.
“Product” the product, service or solution which is modified or enhanced by, incorporate with, created using, derived from, or involves the supply or making available of the Suppression Data.
“Public Body” any department, office or agency of Her Majesty’s Government or any local government authority or agency or any other public authority.
“Redirection Customer” a customer of the Redirection Service whose post is, at the relevant time, being redirected by Royal Mail from the relevant Old Address to the relevant new address pursuant to such service;
“Redirection Form” the application form for individuals who wish to use the Redirection Service;
“Redirection Service” the Supplier’s service for the redirection of mail provided to members of the public who have requested such service whereby mail which has been addressed to their Old Address is redirected to and delivered at their new address.
“Royal Mail” means Royal Mail Group Limited, a company registered in England and Wales under registered number 04138203 whose registered office if at 100 Victoria Embankment, London EC4Y 0HW.
“Suppression Data” address data held by Royal Mail on the NCOA® Suppress Database and updated on a periodic basis which is derived from Old Address information provided by Redirection Customers on the Redirection Form.
2.1 In consideration of the Licensee complying with these Additional Terms, GBG grants to the Licensee a non-exclusive, non-transferable, revocable sub-licence in the EEA to access and use the Suppression Data accessed as part of its use of the Product for the Permitted Purpose only. The Licensee shall in no circumstances use or allow the use of the Suppression Data for the purpose of detecting fraud or money laundering.
2.2 Subject to clause 2.3, the Licensee shall be entitled to grant sub-licences in respect of the licence at clause 2.1 provided that the Licensee ensures that its sub-licensees and the End User are bound by these Additional Terms or terms equivalent to and no less onerous than these Additional Terms.
2.3 The Licensee shall not allow Public Bodies, debt collection agencies or credit referencing agencies to use the Suppression Data .
2.4 The Licensee warrants and undertakes to ensure that any Customer Database (in respect of which Processing is being performed using the Product) is owned or licensed by the End User for the End User’s own use and comprises only Customer Records used for the purposes of marketing, commercial communications and routine administration. In each case, the address in each Customer Record will be complete to the best of the End User’s knowledge prior to Processing.
2.5 The Licensee must:
(a) Ensure that Suppression Data supplied by way of a Match is immediately integrated into the Customer Records;and
(b) Not try to access, extract, utilise or process Suppression Data except through Processing and not carry out any Individual Look Ups or any other means of looking up Suppression Data concerning a specific individual where this is not expressly permitted by Royal Mail for GBG which directly or indirectly grants or has granted the licence contained in the Licensee Contract.
2.6 The Licensee must pay GBG for all Matches it obtains through its use of the Product for or as part of services provided in respect of the Customer Database directly or indirectly for the benefit of the End User.
2.7 On entering into a Licensee Contract, the Licensee shall provide details to GBG of each individual, company or other legal entity (including the End User) to which it will provide, directly or indirectly, the updated Customer Database following the Licensee’s use of or access to the Product. The Licensee acknowledges and agrees that the identity of these parties shall be shared with Royal Mail and warrants that it has obtained all necessary consents or has otherwise established a lawful basis for doing so under the Data Protection Legislation.
2.8 The Licensee must not modify the Product at any time and must not pass the Product or copies thereof nor the Decryption Process to its sub-licensees or customers.
2.9 The Licensee agrees to indemnify and keep indemnified Royal Mail against all losses, costs, claims and damages suffered or incurred by Royal Mail directly or indirectly as a result of a breach of any provision of these Additional Terms by the Licensee.
2.10 At any time during the term of the Licensee Contract, on the provision of two Working Days’ notice from GBG, the Licensee shall give Royal Mail and its agents reasonable accompanied access during working hours to its premises, computer systems, accounts, documents and records for the purpose of verifying and monitoring the Licensee’s compliance with these Additional Terms.
2.11 The Licensee shall ensure the centralised allocation and storage of all material relevant to the Decryption Process. The Licensee shall, in addition ensure that all details and data concerning the Decryption Process are treated as Confidential Information and shall provide details of the Decryption Process to its own employees or sub-contractors only on a strictly ‘need to know’ basis for the purpose of performing its obligations under these Additional Terms.
3. LIABILITY OF ROYAL MAIL
3.1 The Licensee acknowledges that Royal Mail does not warrant:
(a) The accuracy and/or completeness of the Suppression Data;
(b) That the NCOA ® Suppress Database contains the names and addresses of all Redirection Customers; not
(c) That the NCOA ® Suppress Database does not infringe the Intellectual Property Rights of any third party.
3.2 The Licensee agrees that Royal Mail will not be liable for any loss or damage (whether direct or indirect) however arising from the use by the Licensee of Suppression Data, with the exception of death or personal injury caused by Royal Mail’s negligence.
3.3 The Licensee acknowledges that Royal Mail will not be liable to the Licensee in respect of its use of the Product.
3.4 The Licensee acknowledges that Royal Mail will not be obliged in any circumstances to provide Suppression Data or related services directly to the Licensee.
4. PROPERTY RIGHTS IN SUPPRESSION DATA
4.1 The Intellectual Property Rights in Suppression Data supplied to the Licensee as part its use of the Product shall remain at all times the property of Royal Mail.
4.2 The Licensee will not do or permit the doing of anything within its control which will prejudice in any way whatsoever the name of Royal Mail or the rights of Royal Mail in the Suppression Data and will give immediate notice to Royal Mail upon the Licensee becoming aware of anything which may prejudice the name of Royal Mail or the rights of Royal Mail in the Suppression Data .
4.3 The Licensee undertakes to Royal Mail that it will give immediate notice to Royal Mail upon its becoming aware of any unauthorised use of the Suppression Data or any other of the Intellectual Property Rights of Royal Mail.
4.4 Royal Mail may bring any action for any such unauthorised use on behalf of itself and at its cost and the Licensee shall co-operate fully in any such action. The Licensee is not granted any separate right of action relating to Royal Mail’s Intellectual Property Rights in respect of any such unauthorised use and disclaims any such separate right that it may have insofar as such a disclaimer is permitted by Law.
4.5 Upon termination of the Licensee Contract, the licence in clause 2 shall continue in respect of Suppression Data that has been supplied to the Licensee through its use of the Product and incorporated into the Customer Database as at the date of termination provided that the Licensee continues to use, and ensure that its sub-licensees use, such Suppression Data only for the Permitted Purpose and in accordance with the limited on use of Suppression Data contained in these Additional Terms which shall continue to operate in respect of such Suppression Data after the termination of the Licensee Contract.
5. DATA PROTECTION
5.1 For the purposes of this clause 5 “data controller”, “data processor” “personal data” and “processing” (and “process” and “processes” shall be construed accordingly) shall have the meaning ascribed to them in the Data Protection Legislation.
5.2 The Parties’ attention is drawn to the Data Protection Legislation. The Parties’ acknowledge and agree that it is the factual arrangement between them which dictates the role and status of each party under Data Protection Legislation in respect of processing any personal data under the Licensee Contract.
5.3 The Licensee acknowledges and agrees that Royal Mail is the data controller in respect of any personal data contained in the Suppression Data
5.4 The Licensee acknowledges and agrees that in entering into the Licensee Contract, it processes data on behalf of the End User under the Data Protection Legislation The Licensee further acknowledges and agrees that the End User is the data controller in respect of the Customer Records under the Data Protection Legislation.
5.5 The Licensee acknowledges that these Additional Terms are structured in order to comply with the Data Protection Legislation. The Licensee undertakes that it will not do or omit to do any act which would place it or Royal Mail in breach of the Data Protection Legislation .
5.6 Each party undertakes to the other that it will duly observe all its obligations under the Data Protection Legislation which arise in connection with these Additional Terms.
5.7 The Licensee agrees to comply with the Data Protection Legislation as they apply to its use of Suppression Data (including compliance with any data protection notices and opt out/opt in wording on the Redirections Form as amended form time to time by Royal Mail) and to make any notification required under the Data Protection Legislation
5.8 GBG does not use Sub-processors to provide this element of the Service as the Supplier Data is hosted by GBG
6.1 The Licensee agrees that it shall, in relation to any Confidential Information:
(a) Keep it confidential and not disclose it to any other person other than to tis professional advisers, employees, agents and sub-contractors on a need to know basis;
(b) Not copy or reproduce any part of the Confidential Information except as permitted under these Additional Terms without the prior written approval of the other party;
(c) Apply to the Confidential Information no lesser security measures and degree of care than those which it takes in protecting its own confidential information and in any event no less than that which a reasonable person or business would take in protecting its own confidential information; and
(d) Use the Confidential Information only for the purpose of these Additional Terms.
7.1 GBG may terminate the Licensee Contract with immediate effect if the Licensee brings Royal Mail into disrepute or fails to comply with these Additional Terms. If the Agreement expires or is terminated for any reason, the Licensee Contract will automatically be terminated.
7.2 The Licensee acknowledges and agrees that these Additional Terms are given for the benefit of Royal Mail and that Royal Mail may enforce the benefits conferred on it under these Additional Terms as if it were a party to the Licensee Contract, in accordance with the Contracts (Rights of Third Parties) Act 1999. The Licensee further acknowledges and agrees that Royal Mail shall bring any action for any unauthorised use of its Intellectual Property Rights in the Suppression Data on its own behalf.
7.3 Except as set out at clause 7.1 above, a person who is not a party to the Licensee Contract may not enforce any of its provisions under the Contracts (Rights of Third Parties) Act 1999.
7.4 These Additional Terms may not be varied by the Licensee without prior written consent of Royal Mail.