GBG New Agreement Overview v4.0

GBG is becoming a data controller. As part of this change, we’ve taken the opportunity to transform our contracting process to make it quicker and easier for you to contract with us.

In addition to making the necessary changes to the privacy and data protection obligations to reflect our status as a data controller, we’ve listened to customer feedback and have made further improvements.  

We have changed the way our contracts are structured and have re-written our terms to use clear terminology that is consistent across our products. We have also avoided the repetition of phrases, so our clauses are shorter and easier to read.

Our new contract structure

We have separated out the General Terms which are consistent across our products and have included these in a standalone framework document linked within our Customer Registration Form. As a result, each time you purchase services from us, you will only need to sign up to the relevant Product Terms that sit alongside the General Terms and are linked within your Order Form. This has been designed to make it easier for you if you wish to purchase multiple services from us as you only need to sign the General Terms once.

The General Terms also establish the contractual framework for the supply of GBG products by any GBG group company to any customer group company. Therefore, once signed, the General Terms may be used by any other related company within a group structure, regardless of their relationship to each other.

Product Pages

As part of our update, we have introduced new Product Pages which contain, a clear description of the service and all the relevant product information and supporting documentation you may need in one place. The Product Pages have been designed for those responsible for purchasing our services such as financial, procurement or legal teams who may not be familiar with the service we offer.  

The information available on our product pages include:

  • A succinct product description
  • An overview of relevant customer use cases,
  • Links to relevant legal and product information, for example service level agreements and user guides, Additional Terms, Local Laws, and customer support details

Local Laws

As part of our update, we have introduced a new Local Laws page, which sets out the special terms and conditions relating to a particular jurisdiction, country, territory, or regulated sector that apply to an agreement where certain conditions are met.

These have been created to ensure that as a global company we have tailored our contracts to account for local laws, regulations and customer requirements within global markets and territories. This page may be updated periodically to reflect local changes as they occur.

Other changes

Additional Terms

The Additional Terms are the special terms and conditions relating to a particular dataset or aspect of the service. We have made the following changes to our Additional Terms:

  • We have re-written our Additional Terms to ensure the information we provide to you is clear and transparent.
  • All our Additional Terms now contain the customer use cases that the supplier data may be used for.
  • Any additional restrictions or requirements that may apply are clearly linked with the restrictions relating to customer use case.
  • The privacy and data protection information has been updated within our Additional Terms to reflect our position as a data controller where applicable.

Privacy and Data Protection Obligations

We’ve updated our privacy and data and protection clauses to ensure that the agreement we have in place with you accurately reflects our roles and responsibilities as independent data controllers.

Our Clauses relating to privacy and data protection obligations now include provisions to cover:

  • Controller to controller obligations setting out our respective roles and responsibilities in relation to transparency, security, data breach notifications and, general cooperation and assistance in relation to data subject rights and data protection impact assessments (DPIAs)
  • Customer use cases
  • Mutual audit rights.

These updated provisions can be found in Clause 9 of our General Terms.

Liability Levels

We have taken onboard customer feedback and have revised our liability position & introduced new caps on areas that were previously unlimited, specifically; data protection, confidentiality and intellectual property rights. We believe this change better reflects many of our customer’s internal policies making our terms easier for our customers to agree to. These can be found in clause 10 of our General Terms.

In addition to the contractual changes, as an independent data controller we will need to respond directly to individuals. To achieve this, we will need greater visibility of the data we have processed and who we have shared this with.  We have therefore created and will hold a GBG audit trail for a period of 12 months.  This is in addition to your own audit trail where applicable, which you control. Our audit trail will be retained so we can respond to an individual who is exercising their data subject rights with us.