• GBG hosts the Supplier Data
• No Sub-processors used
The Supplier Data that GBG uses for the NCOA data is provided by Royal Mail. GBG is obliged under the terms of its agreement with Royal Mail to ensure that all End User’s agree to comply with the following provisions. These terms apply to all NCOA Update checks. Individual NCOA Update checks can be identified by the ID number on the Order Form.
1.1 In these Additional Terms, unless the context clearly indicates otherwise:
“Batch Processing” the use of the Service to carry out automated electronic processing of Customer Records in a Customer Database against Redirection Information in the NCOA ® Update Database for the purpose of identifying Matches;
“Confidential Information” any information of a confidential or proprietary nature (irrespective of the form, presentation or communication including computer software and data, physical objects and samples and, in the case of Royal Mail, the Redirection Information, whether before or after it is incorporated into a Customer Database) relating to the business, operations, customers, processes, budgets, product information, know-how and/or strategies of either party;
“Customer Database” an electronic compilation of Customer Records;
“Customer Record” the name and address of a current or lapsed customer or prospective customer of the End User which have been lawfully and fairly obtained by the End User solely for the purposes of marketing, commercial communications or customer administration;
“Data Protection Requirements” the Data Protection Act 2018, the General Data Protection Regulation (GDPR) (EU) 2016/679, the Electronic Communications Data Protection Directive 2002/58/EC and the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation and/or regulations implementing them or made in pursuance of them including where applicable the guidance codes of practice issued by the Information Commissioner;
“Decryption Process” the codes, methodology and/or medium to be deployed to decrypt, use or activate the Product.
“EEA” means the European Economic Area comprising, for the time being, the EU member states, Norway, Iceland and Liechtenstein.
“End User” means the individual, company or other legal entity which is the owner or licensor of the Customer Database
“Enquirer” means an individual or a company who or which has enquired with the End User about a service or product of the End User and/or has responded to an offer or invitation from the Licensee regarding information relating to such service or product;
“Individual Look Up” the use of the Product to carry out electronic processing of an individual Customer Record against Redirection Information in the NCOA® Update Database for the purpose of identifying a Match;
“Intellectual Property Rights” all intellectual property rights including copyright and related rights, database rights, trade marks and trade names, patents, topography rights, design rights, trade secrets, know-how, and all rights of a similar nature or having similar effect which subsist anywhere in the world, whether or not any of them are registered and applications for registrations, extensions and renewals of any of them;
“Licensee” the individual, company or other legal entity which may include the End User hereby entering into a Licensee Contract with GBG.
“Licensee Contract” means the agreement between GBG and the Licensee which incorporates these Additional Terms.
“Match” a tracking match where through Processing, a name and address contained in the Customer Database is matched to the Old Address in the Redirection Information;
“NCOA ® Update Database” a database containing Redirection Information selected, arranged and compiled by Royal Mail using data from the Redirection Forms completed by Redirection Customers and stored on electronic media and including any updates to it;
“New Address” the address specified by a Redirection Customer as that to which mail should be redirected, as subsequently amended by Royal Mail, if necessary, to ensure that the address information is correct for Royal Mail’s postal purposes and in respect of which permission is granted by the Redirection Customer for Royal Mail to use such information for the purposes of updating address information;
“Old Address” the address specified by a Redirection Customer as that from which mail should be redirected, as subsequently amended by Royal Mail, if necessary, to ensure that the address information is correct for Royal Mail’s postal purposes;
“Permitted Purpose” carrying out Processing and in relation to any Match, updating the Customer Record by either: (i) replacing the Old Address of the existing customer or Enquirer of the Licensee which forms part of the relevant Customer Record with the relevant New Address; or (ii) appending the relevant New Address to that Old Address in the Customer Record;
“Processing” Batch Processing and/or Individual Look Ups in accordance with the Agreement.
“Product” the product, service or solution which is modified or enhanced by, incorporate with, created using, derived from, or involves the supply or making available of the Redirection Information.
“Public Body” any department, office or agency of Her Majesty’s Government or any local government authority or agency or any other public authority.
“Redirection Customer” a customer of the Redirection Service whose post is, at the relevant time, being redirected by Royal Mail from the relevant Old Address to the relevant New Address pursuant to such service;
“Redirection Form” the application form for individuals who wish to use the Redirection Service;
“Redirection Information” in relation to each Redirection Customer, their name, Old Address and New Address extracted from the relevant Redirection Form;
“Redirection Service” the Supplier’s service for the redirection of mail provided to members of the public who have requested such service whereby mail which has been addressed to their Old Address is redirected to and delivered at their New Address.
“Royal Mail” means Royal Mail Group Limited, a company registered in England and Wales under registered number 04138203 whose registered office if at 100 Victoria Embankment, London EC4Y 0HW who supplies the service to GBG for use by the Licensee.
2.1 In consideration of the Licensee complying with these Additional Terms, GBG grants to the Licensee a non-exclusive, non-transferable, revocable sub-licence in the EEA to access and use the Redirection Information accessed as part of its use of the Product for the Permitted Purpose only. The Licensee shall in no circumstances use or allow the use of the Redirection Information for the purpose of detecting fraud or money laundering.
2.2 Subject to clause 2.3, the Licensee shall be entitled to grant sub-licences in respect of the licence at clause 2.1 provided that the Licensee ensures that its sub-licensees and the End User are bound by these Additional Terms or terms equivalent to and no less onerous than these Additional Terms.
2.3 The Licensee shall not allow Public Bodies, debt collection agencies or credit referencing agencies to use the Redirection Information.
2.4 The Licensee warrants and undertakes to ensure that any Customer Database (in respect of which Processing is being performed using the Product) is owned or licensed by the End User for the End User’s own use and comprises only Customer Records used for the purposes of marketing, commercial communications and routine administration. In each case, the address in each Customer Record will be complete to the best of the End User’s knowledge prior to Processing.
2.5 The Licensee must:
(a) Ensure that Redirection Information supplied by way of a Match is immediately integrated into the Customer Records;and
(b) Not try to access, extract, utilise or process Redirection Information except through Processing and not carry out any Individual Look Ups or any other means of looking up Redirection Information concerning a specific individual where this is not expressly permitted by Royal Mail for GBG which directly or indirectly grants or has granted the licence contained in the Licensee Contract.
2.6 The Licensee must pay GBG for all Matches it obtains through its use of the Product for or as part of services provided in respect of the Customer Database directly or indirectly for the benefit of the End User.
2.7 On entering into a Licensee Contract, the Licensee shall provide details to GBG of each individual, company or other legal entity (including the End User) to which it will provide, directly or indirectly, the updated Customer Database following the Licensee’s use of or access to the Product. The Licensee acknowledges and agrees that the identity of these parties shall be shared with Royal Mail and warrants that it has obtained all necessary consents or has otherwise established a lawful basis for doing so under the Data Protection Legislation.
2.8 The Licensee must not modify the Product at any time and must not pass the Product or copies thereof nor the Decryption Process to its sub-licensees or customers.
2.9 The Licensee agrees to indemnify and keep indemnified Royal Mail against all losses, costs, claims and damages suffered or incurred by Royal Mail directly or indirectly as a result of a breach of any provision of these Additional Terms by the Licensee.
2.10 At any time during the term of the Licensee Contract, on the provision of two Working Days’ notice from GBG, the Licensee shall give Royal Mail and its agents reasonable accompanied access during working hours to its premises, computer systems, accounts, documents and records for the purpose of verifying and monitoring the Licensee’s compliance with these Additional Terms.
2.11 The Licensee shall ensure the centralised allocation and storage of all material relevant to the Decryption Process. The Licensee shall, in addition ensure that all details and data concerning the Decryption Process are treated as Confidential Information and shall provide details of the Decryption Process to its own employees or sub-contractors only on a strictly ‘need to know’ basis for the purpose of performing its obligations under these Additional Terms.
2.12 In the case that the End User is a Public Body, the Licensee acknowledges that GBG shall not be entitled to allow the Product to provide Individual Look Ups
3. LIABILITY OF ROYAL MAIL
3.1 The Licensee acknowledges that Royal Mail does not warrant:
(a) The accuracy and/or completeness of the Redirection Information;
(b) That the NCOA ® Update Database contains the names and addresses of all Redirection Customers; not
(c) That the NCOA ® Update Database does not infringe the Intellectual Property Rights of any third party.
3.2 The Licensee agrees that Royal Mail will not be liable for any loss or damage (whether direct or indirect) however arising from the use by the Licensee of Redirection Information, with the exception of death or personal injury caused by Royal Mail’s negligence.
3.3 The Licensee acknowledges that Royal Mail will not be liable to the Licensee in respect of its use of the Product.
3.4 The Licensee acknowledges that Royal Mail will not be obliged in any circumstances to provide Redirection Information or related services directly to the Licensee.
4. PROPERTY RIGHTS IN REDIRECTION INFORMATION
4.1 The Intellectual Property Rights in Redirection Information supplied to the Licensee as part its use of the Product shall remain at all times the property of Royal Mail.
4.2 The Licensee will not do or permit the doing of anything within its control which will prejudice in any way whatsoever the name of Royal Mail or the rights of Royal Mail in the Redirection Information and will give immediate notice to Royal Mail upon the Licensee becoming aware of anything which may prejudice the name of Royal Mail or the rights of Royal Mail in the Redirection Information.
4.3 The Licensee undertakes to Royal Mail that it will give immediate notice to Royal Mail upon its becoming aware of any unauthorised use of the Redirection Information or any other of the Intellectual Property Rights of Royal Mail.
4.4 Royal Mail may bring any action for any such unauthorised use on behalf of itself and at its cost and the Licensee shall co-operate fully in any such action. The Licensee is not granted any separate right of action relating to Royal Mail’s Intellectual Property Rights in respect of any such unauthorised use and disclaims any such separate right that it may have insofar as such a disclaimer is permitted by Law.
4.5 Upon termination of the Licensee Contract, the licence in clause 2 shall continue in respect of Redirection Information that has been supplied to the Licensee through its use of the Product and incorporated into the Customer Database as at the date of termination provided that the Licensee continues to use, and ensure that its sub-licensees use, such Redirection Information only for the Permitted Purpose and in accordance with the limited on use of Redirection Information contained in these Additional Terms which shall continue to operate in respect of such Redirection Information after the termination of the Licensee Contract.
5. DATA PROTECTION
5.1 For the purposes of this clause 5 “data controller”, “data processor” “personal data” and “processing” (and “process” and “processes” shall be construed accordingly) shall have the meaning ascribed to them in the Data Protection Legislation.
5.2 The Parties’ attention is drawn to the Data Protection Legislation. The Parties’ acknowledge and agree that it is the factual arrangement between them which dictates the role and status of each party under Data Protection Legislation in respect of processing any personal data under the Licensee Contract.
5.3 The Licensee acknowledges and agrees that Royal Mail is the data controller in respect of any personal data contained in the Redirection Information
5.4 The Licensee acknowledges and agrees that in entering into the Licensee Contract, it processes data on behalf of the End User under the Data Protection Legislation The Licensee further acknowledges and agrees that the End User is the data controller in respect of the Customer Records under the Data Protection Legislation.
5.5 The Licensee acknowledges that these Additional Terms are structured in order to comply with the Data Protection Legislation. The Licensee undertakes that it will not do or omit to do any act which would place it or Royal Mail in breach of the Data Protection Legislation .
5.6 Each party undertakes to the other that it will duly observe all its obligations under the Data Protection Legislation which arise in connection with these Additional Terms.
5.7 The Licensee agrees to comply with the Data Protection Legislation as they apply to its use of Redirection Information (including compliance with any data protection notices and opt out/opt in wording on the Redirections Form as amended form time to time by Royal Mail) and to make any notification required under the Data Protection Legislation
6.1 The Licensee agrees that it shall, in relation to any Confidential Information:
(a) Keep it confidential and not disclose it to any other person other than to tis professional advisers, employees, agents and sub-contractors on a need to know basis;
(b) Not copy or reproduce any part of the Confidential Information except as permitted under these Additional Terms without the prior written approval of the other party;
(c) Apply to the Confidential Information no lesser security measures and degree of care than those which it takes in protecting its own confidential information and in any event no less than that which a reasonable person or business would take in protecting its own confidential information; and
(d) Use the Confidential Information only for the purpose of these Additional Terms.
7.1 GBG may terminate the Licensee Contract with immediate effect if the Licensee brings Royal Mail into disrepute or fails to comply with these Additional Terms. If the Agreement expires or is terminated for any reason, the Licensee Contract will automatically be terminated.
7.2 The Licensee acknowledges and agrees that these Additional Terms are given for the benefit of Royal Mail and that Royal Mail may enforce the benefits conferred on it under these Additional Terms as if it were a party to the Licensee Contract, in accordance with the Contracts (Rights of Third Parties) Act 1999. The Licensee further acknowledges and agrees that Royal Mail shall bring any action for any unauthorised use of its Intellectual Property Rights in the Redirection Information on its own behalf.
7.3 Except as set out at clause 7.1 above, a person who is not a party to the Licensee Contract may not enforce any of its provisions under the Contracts (Rights of Third Parties) Act 1999.
7.4 These Additional Terms may not be varied by the Licensee or GBG without prior written consent of Royal Mail.