Congratulations! You’re one step closer to accessing OneHub | Recognition! We’re excited to get underway with building your brand-new platform, but before we do, let’s get the legal side sorted.

Below you will find the details of our Master Contract. Please let your Benefex contact know if you have any questions at all.

Agreement Dated: 2020

1. Definitions and Interpretation

1.1 In these Clauses, unless the context otherwise requires, the following words shall have the following meanings:

Additional Subscription the additional Subscription (if any) calculated in accordance with clauses 7.5 and 7.7; 
Agreement the Commercial Terms, these terms and conditions and the Appendices
Agreement Date the date of this Agreement as shown in the Commercial Terms
Audit Agents (a)    the Customer’s internal and external auditors.                 (b)    the Customer’s statutory or regulatory auditors. (c)    any party formally appointed by the Customer to carry out audit or similar review functions who shall not be a competitor to Benefex.
Benefex Laws (a)    any law, statute, regulation or subordinate legislation in force from time to time; the common law and laws of equity from time to time; any binding court order, judgment or decree; any industry code, policy or standard; in each case, which is applicable in the United Kingdom of Great Britain and Northern Ireland and to which Benefex is subject and which relates to the delivery of the Services or the operation of Benefex’s business in the United Kingdom; and (b)    any applicable direction, policy, rule or order that is binding on Benefex and that is made or given by any regulatory body having jurisdiction over Benefex or any of Benefex’s assets, resources or business in the United Kingdom;
Bribery Act Bribery Act 2010;
Business Day a day (other than a Saturday, Sunday or bank or public holiday) in England;
Business Hours 8.30am to 5.30pm (local UK time) on a Business Day;
Charges   the Implementation Fee, the Annual Subscription and the Voucher Fee each as set out in the Commercial Terms (as amended from time to time in accordance with this Agreement) and Expenses;
Complaint a complaint or request relating to either party’s obligations under Data Protection Laws relevant to this Agreement, including any compensation claim from a Data Subject or any notice, investigation or other action from a Supervisory Authority;
Confidential Information information in any form or medium whether disclosed orally or in writing before or after the date of this Agreement (together with any reproductions of such information) relating to the business affairs, finances, systems, processes, methods of operation, plans, products, developments, trade secrets, know how, Customers or suppliers of a party or any member of its Group;
Customer Data   the data inputted by the Customer or Employees, for the purpose of using the Product or facilitating the Customer’s or Employees’ use of the Product;
Customer Laws (a)  any law, statute, regulation or subordinate legislation in force from time to time; the common law and laws of equity from time to time; any binding court order, judgment or decree; any industry code, policy or standard; in each case, which is applicable in any jurisdiction and to which the Customer is subject and which relates to the receipt of the Services or the operation of the Customer’s business; and (b)    any applicable direction, policy, rule or order that is binding on the Customer and that is made or given by any regulatory body having jurisdiction over the Customer or any of the Customer’s assets, resources or business in any jurisdiction;
Customer's Name the name, brand, logo and trademarks of the Customer and members of its Group;
Data Controller has the meaning set out in the Data Protection Laws;
Data Processor has the meaning given to that term (or to the term ‘processor’) in the Data Protection Laws;
Data Protection Laws (a)    all applicable data protection and privacy legislation in force from time to time in the UK, including:        i)       the General Data Protection Regulation (EU 2016/679 (GDPR);       ii)       the Data Protection Act 2018;      iii)       Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) (ePrivacy Directive); and      iv)       Privacy and Electronic Communications Regulations (SI 2003/2426) as amended. (b)    in member states of the European Union the GDPR and the ePrivacy Directive, and all relevant member state laws or regulations giving effect to or corresponding with any of them; and (c)    any judicial or administrative interpretation of any of the above, any guidance, guidelines, codes of practice, approved codes of conduct or approved certification mechanisms issued by any relevant Supervisory Authority
Data Subject has the meaning set out in the Data Protection Laws;
Data Subject Request means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;
Documents the online help Centre at https://help.onehub.global/hc/en-gb  and product released notes issued by Benefex from time to time;
Employees those employees, agents and independent contractors of the Customer and of members of the Customer’s Group who are authorised by the Customer from time to time to use the Product and / or who have administrative permissions in respect of the Product;
Expenses (a) travel and subsistence (incurred in accordance with the relevant Benefex policy as amended from time to time); and (b) all third party costs and all fulfilment costs agreed between the parties from time to time; and (c) all other expenses agreed between the parties in writing from time to time
Force Majeure Event any event or circumstances or cause outside the reasonable control of a party (which does not arise from its fault or negligence) including Act of God, riot, civil disturbance, act of terrorism, fire, explosion, flood, or unusually severe weather.  A Force Majeure Event does not include (a) strikes or other industrial action by employees of the affected party or any of its sub-contractors; or (b) any failure by a subcontractor unless such failure also results from a Force Majeure Event; 
Group in relation to a company, that company's subsidiaries and holding companies and subsidiaries of such holding companies;
Implementation Plan the plan setting out the activities and dates for implementation of the Product, agreed between Benefex and the Customer;
Index the Retail Prices Index as published by the Office for National Statistics from time to time or, failing such publication, such other index as replaces the Retail Prices Index or most closely resembles it;
Index Figure the monthly figure given by the Index;
Intellectual Property Rights all patents, copyrights, design rights, trademarks, service marks, trade secrets, , database rights and other rights in the nature of intellectual property rights (whether registered or not) and all applications for the same which may now, or in the future, subsist anywhere in the world, including the right to sue for and recover damages for past infringements;
Losses losses, damages, liabilities (including any liability to taxation), claims, costs and expenses including fines, penalties, reasonable legal and other professional fees and expenses;
Permitted Use use by Benefex of Employees’ nominated email addresses in order to: (a)    respond to queries, questions and communications from Employees; (b)    issue communications to Employees in order to provide the Services; and, (c)    enable password resets.
Personal Data has the meaning given to that term in the Data Protection Laws and relates only to personal data, or any part of such personal data, in respect of which the Customer is the Data Controller and in relation to which Benefex is providing services under this Agreement;
Personal Data Breach a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Personal Data;
process has the meaning given to that term in the Data Protection Laws and “processed” and “processing” shall be constituted accordingly;
Product Reward and/ or Recognition as the context requires;
Quarter each successive period of three months starting on the Subscription Start Date and Quarterly shall be construed accordingly;
Relevant Requirements all applicable laws, statutes, and regulations relating to anti-bribery and anti-corruption, including the Bribery Act,
Services the services to be provided by Benefex in accordance with the Implementation Plan and the  maintenance of the Product;
Supervisory Authority any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws;
Software all software used by Benefex in the creation of the Products, the online software applications provided by Benefex as part of the Services (including, without limitation, software programs proprietary to Benefex, open source software and third party software);
Sub-Processor a Processor of the Personal Data (or any of it) appointed by Benefex as asset out in Appendix 4, and amended from time to time in accordance with this Agreement
Tools all know-how, development tools, processes, methodologies and technologies, documents, data and other material and the  software, created prior to or outside the scope of this Agreement, the Intellectual Property Rights  which are vested in or licensed to Benefex, and which are used by Benefex in performing the Services and any tools (including software) and know-how developed, and methods invented, by Benefex, in the course of or as a result of carrying out the Services, whether or not developed or invented specifically or used exclusively to carry out the Services;
User Subscriptions the subscriptions for use of the Product purchased by the Customer pursuant to clause 7.1 which entitle Employees to access and use the Services in accordance with this Agreement;
Virus any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices;
Year each period of 12 months from the Start Date or anniversary of the Start Date.

 1.2 In this Agreement (except where the context otherwise requires):

1.2.1 any reference to a clause, sub-clause, schedule, appendix or party is to a clause, sub-clause, schedule, appendix of or party to this Agreement;

1.2.2 save where otherwise specified reference to a clause is to a clause in the same Appendix;

1.2.3 the Appendices form part of this agreement and shall have effect as if set out in full in the body of this agreement. Any reference to this agreement includes the Appendices;

1.2.4 headings are included for convenience only and do not affect the interpretation of this Agreement;

1.2.5 use of the singular includes the plural and vice versa;

1.2.6 use of any gender includes the other genders;

1.2.7 any reference to a person includes natural persons, firms, partnerships, companies, corporations, associations, organisations;

1.2.8 any reference to a person includes that person’s legal personal representatives, successors and assignees;

1.2.9 subsidiary and holding company have the meanings given to them by section 1159 Companies Act 2006;

1.2.10 all references to a statute shall be construed as including references to:

(a) any statutory modification, consolidation or re-enactment (whether before or after the date of this Agreement) for the time being in force;

(b) all statutory instruments or orders made pursuant to that statute;

(c) any statutory provisions of which it is a consolidation, re-enactment or modification;

1.2.11 any phrase introduced by the terms “including”, “include”, “in particular” or any similar expression is illustrative only and does not limit the sense of the words preceding those terms.

1.2.12 Any summary in the Commercial Terms of provisions contained in these clauses does not limit the sense or extent of such clauses.

2. Access to the Services

2.1 Subject to the restrictions set out in this clause 2 and the other terms and clauses of this Agreement, Benefex hereby grants to the Customer a non-exclusive, non-sublicensable, non-transferable right (without the right to grant sub-licences) to permit the Customer, members of the Customer's Group and the Employees to use the Products during the term of this Agreement.

2.2 In relation to the Employees, the Customer undertakes that it will not allow or suffer any User Subscription to be used by more than one individual Employee unless it has been reassigned in its entirety to another individual Employee, in which case the prior Employee shall no longer have any right to access or use the

2.3 Benefex does not warrant that the Customer’s use of the Product will be uninterrupted or error-free.

2.4 The Customer undertakes that each Employee shall keep a secure password for their use of the Product.

2.5 The Customer shall not access, store, distribute or transmit any Viruses, or any material during the course of its use of the Product that:

2.5.1 is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;

2.5.2 facilitates illegal activity;

2.5.3 depicts sexually explicit images;

2.5.4 promotes unlawful violence;

2.5.5 is discriminatory based on age, race, gender, colour, religious belief, sexual orientation, disability, or any other illegal activity; or

2.5.6 causes damage or injury to any person or property;

and Benefex reserves the right, without liability to the Customer, to disable the Customer’s access to any material that breaches the provisions of this clause.

2.6 The Customer shall not:

2.6.1  except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties:

(a) and except to the extent expressly permitted under this Agreement, attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software and/or the Products (as applicable) in any form or media or by any means; or

(b) attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software and/or the Products; or

2.6.2 access or use all or any part of the Products in order to build a product or service which competes with the Products whether for its own use or use by third parties; or

2.6.3 access or use all or part of the Products to provide services to third parties (other than members of the Customer's Group and the Employees as permitted by this Agreement); or

2.6.4 licence, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make Recognition available to any third party other than members of the Customer's Group and the Employees as permitted by this Agreement; or

2.6.5 attempt to obtain, or assist third parties in obtaining, access to the Products other than as provided under this clause 2.

2.7 Without limiting the terms of clause 6, the Customer shall not at any time or in any circumstances (including on the termination of this Agreement) permit access to or use of the Products by any third party (other than the Employees).

2.8 The Customer is responsible for the activity of the Employees in using the Product and the Employees’ compliance with this Agreement and shall promptly notify Benefex in writing if it becomes aware or suspects unauthorised access to or use of the Product.

2.9 Benefex shall be under no obligation to provide any services under the terms of this Agreement other than the Services.

 3 Benefex's Obligations

3.1 Benefex shall:

3.1.1 comply with all Benefex Laws;

3.1.2 carry out all Benefex responsibilities set out in this Agreement in a timely and efficient manner;

3.1.3 comply with its obligations under this Agreement;

3.1.4 undertake the Services with reasonable skill and care;

3.2 Benefex warrants that;

3.2.1 it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this Agreement;

3.2.2 the Product will perform materially in accordance with the Documents;

3.2.3 it will not materially decrease the functionality of the Product during the term of this Agreement.

3.3 Except as set out in this Agreement, all warranties, clauses and other terms implied by statute or common law are, to the fullest extent permitted by law, excluded from the Agreement.

3.4 Benefex shall not be responsible for any Losses caused by use of the Product contrary to Benefex's instructions or this Agreement, or modification or alteration of the Product by any party other than Benefex or Benefex's duly authorised contractors or agents.

3.5 Benefex shall ensure that its information security is audited and accredited to ISO 27001. In the event that this accreditation is withdrawn, replaced or superseded, Benefex will assess whether the replacement accreditation is applicable to Benefex’s business and will use reasonable endeavours to obtain replacement accreditation.

3.6 Benefex shall, without additional charges to the Customer:

3.6.1 implement patches and fixes to the Product; and

3.6.2 implement new versions of the Product

as Benefex, in its absolute discretion, may from time to time decide (provided that such patches, fixes, and new versions do not entail a material diminution in performance, availability, capacity or functionality of the Product).

3.7 Benefex shall not be required to provide any reports relating to activity within the Product to the Customer at any time.

3.8 This Agreement shall not prevent Benefex from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services that are similar to those provided under this Agreement.

4. Customer's obligations

4.1 The Customer shall:

4.1.1 comply with all Customer Laws;

4.1.2 carry out all Customer responsibilities set out in this Agreement in a timely and efficient manner;

4.1.3 comply with its obligations under this Agreement;

4.1.4 comply with its obligations and the relevant timescales in the Implementation Plan; and

4.1.5 provide Benefex with all necessary access to such information as may be required by Benefex in order to provide the Products and the Services, including Customer Data.

4.2 Customer warrants that it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under this Agreement.

4.3 The Customer is responsible for storing, backing up and maintaining Customer Data.

5. Employee E-mail Addresses

5.1 If Benefex uses an e-mail address provided by the Customer or any member of the Customer's Group or any Employee in connection with the provision of the Products or the Services, without prejudice to Benefex's compliance with clause 15 (Confidentiality) and Appendix 2 (Data Protection), Benefex shall not be liable to the Customer for any Losses (including, for the avoidance of doubt, loss arising from loss of data or breach of confidentiality) arising from:

5.1.1 Benefex's Permitted Use of such e-mail address;

5.1.2 the provision to Benefex of an incorrect e-mail address.

 6. Internet and Browser

6.1 Each release of the Product is developed to operate on the then latest two versions of Google Chrome, Firefox, Safari and Microsoft Edge for desktop and the latest two versions of Google Chrome and the latest version of Safari on mobile, each on a rolling basis. The Customer acknowledges that if it does not use one of these versions of web browser that there may be a material diminution in the performance and / or functionality of the Product. The Product has also been developed to operate natively on iOS mobile devices, for iPhone 7 and above & iOS12 and above.  Benefex may from time to time notify the Customer of changes to the browsers and / or models or iOS levels which support the Product.

6.2 Benefex is not responsible for any delays, delivery failures, or any Losses resulting from the transfer of data over communications networks and facilities, including the internet, (other than those under Benefex's direct control) and the Customer acknowledges that the Services and the Product may be subject to limitations, delays and other problems inherent in the use of such communications facilities.

7. Charges and payment

7.1 The Customer shall pay the Charges to Benefex for the User Subscriptions in accordance with this clause 7 and the terms of this

7.2 The Customer shall provide any purchase order, reference number (or other documents or information required by the Customer before an invoice can be issued) in sufficient time for Benefex to be able to submit each invoice in accordance with this Agreement.

7.3 Implementation Fee – will be invoiced on the Agreement Date.

7.4 Annual Subscription - will be invoiced annually in advance on the Subscription Start Date and on each subsequent anniversary.

7.5 Additional Subscription - If at the end of a Quarter the average number of User Subscriptions in that Quarter is higher than the Contracted Number of Employees (stated in the Commercial Terms), Benefex reserves the right to raise an invoice for the Additional Subscription for that Quarter. The Additional Subscription will be calculated by multiplying the average number of Employees in that Quarter in excess of the Contracted Number by the Additional Subscription per Employee per month, as stated in the Commercial Terms.

7.6 Voucher Fee - Benefex will invoice the Voucher Fee each month for the Vouchers purchased by Employees in the previous month.

7.7 Benefex may adjust all or any of the Annual Subscription, the Additional Subscription and the Voucher Fee with effect from each anniversary of the Subscription Start Date (Review Date) by the higher of:

7.7.1 any percentage increase in the last published Index Figure preceding the relevant anniversary of the Subscription Start Date over the Index Figure published 12 months prior; and

7.7.2 five per cent

7.8 Benefex may, with effect from each anniversary of the Subscription Start Date (Review Date) increase the Annual Subscription, the Additional Subscription and the Voucher Fee in the same proportion as the increase in the Index Figure last published prior to the relevant anniversary of the Subscription Start Date over the Index Figure that was published immediately before the Subscription Start Date or previous Review Date (as the case may be).

7.9 Expenses – Benefex will invoice the Customer Quarterly for all Expenses incurred by Benefex in the previous Quarter.

7.10 Payment terms - The Customer shall pay all valid and undisputed Charges within the Payment Period, in full and in cleared funds to a bank account nominated in writing by Benefex.

7.11 Disputed items - If the Customer has a bona fide dispute in respect of the whole or any part of any invoice then the Customer shall notify Benefex of the nature of such dispute in writing within fourteen (14) days of the invoice date giving all relevant details. If the Customer notifies Benefex in writing that it disputes the whole or any part of sums payable under any invoice in accordance with this clause 11, the Customer shall be entitled to withhold payment of the amount in dispute, but shall pay the undisputed part in accordance with this Agreement.   On settlement of any dispute the Customer shall make the appropriate payment within 10 days of the settlement of such dispute.

7.12 Late payment - Without limiting any other right or remedy of Benefex, and subject to the Customer giving notice of any disputed amount pursuant to clause 11, if the Customer fails to make any payment due to Benefex under the Agreement by the due date for payment (Due Date), Benefex shall have the right to charge interest on the overdue amount at the rate of 2 per cent per annum above the then current HSBC base rate accruing on a daily basis, from the Due Date until the date of actual payment of the overdue amount, whether before or after judgment.  (In the event that the Customer gives notice of a disputed amount pursuant to clause 7.11 the Due Date for the disputed amount shall be 10 days from the settlement of such dispute.)

7.13 Save where the Customer has given notice of any disputed amount pursuant to clause 11, if Benefex has not received payment within 60 days of the invoice date, and without prejudice to any other rights and remedies of Benefex, Benefex may, subject to Benefex giving 30 days’ written notice to the Customer, without liability to the Customer, disable the Customer’s and each Employee’s password, account and access to all or part of the Product, and Benefex shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remain unpaid.

7.14 Taxes - All amounts payable by the Customer under this Agreement are exclusive of Value Added Tax which the Customer shall pay at the same time as the sums to which it relates.

7.15 Withholding - Save where the Customer has given notice of any disputed amount pursuant to clause 11 or to the extent that there is a reduction in the amount due by the Customer to Benefex as a result of the application of a Service Credit pursuant to clause 8, the Customer shall pay all amounts due under this Agreement in full without any deduction, withholding, set-off or counterclaim against Benefex.

8. Availability

8.1 The Supplier shall use reasonable efforts to make the Product available 24 hours a day 7 days a week except as set out in clause 2.

8.2 The Product will not be available at any time during:

8.2.1 scheduled maintenance carried out outside Business Hours, and scheduled maintenance is published from time to time at https://status.onehub.global/ (or at such other address as Benefex may notify from time to time) and the Customer agrees to sign up to such status page for these purposes and shall be deemed to have been notified accordingly; and

8.2.2 unscheduled maintenance performed outside Business Hours, provided that the Supplier has used reasonable endeavours to give the Customer at least 4 Business Hours' notice in advance; and

8.2.3 unscheduled maintenance in the case of emergency (including any steps or measures which are in Benefex’s reasonable opinion necessary or desirable in connection with any anticipated emergency); and

8.2.4 any unavailability due to a Force Majeure Event.

8.3 If the Product is unavailable for any reason Benefex will use reasonable efforts to minimise the period of unavailability.

9. Customer Data

9.1 As between the Customer and Benefex the Customer shall own all rights, title and interest in and to all of the Customer Data. The Customer grants Benefex a royalty free non exclusive licence to host and use the Customer Data to the extent necessary to provide the Services and the Product

9.2 Benefex shall be permitted to disclose all or any of the Customer Data to third parties to the extent strictly necessary for Benefex to perform its obligations under this Agreement and to perform all or any part of the Services.

9.3 Benefex shall have no responsibility for the legality, reliability, integrity, accuracy and quality of the Customer Data (save to the extent that Benefex incorrectly makes amendments to the Customer Data).

10. Proprietary rights

10.1 The Customer acknowledges and agrees that Benefex and/or its licensors own all Intellectual Property Rights in the Products, the Services, the Software and the Tools. Except as expressly stated herein, this Agreement does not grant the Customer any rights to, or in, in the Products or the Services or the Software or the Tools.

10.2 Benefex confirms that it has all the rights in relation to the Product that are necessary to grant all the rights it purports to grant under, and in accordance with, the terms of this Agreement.

10.3 The Intellectual Property Rights in the Software and the Tools are, and shall remain, the property of Benefex and Benefex reserves the right to grant a licence to use the Software and the Tools to any other party or parties.

10.4 Nothing in this Agreement, shall prevent Benefex from using the Software and the Tools in the course of its normal business to the extent that this use does not result in a disclosure of the Customer Data;

10.5 All Intellectual Property Rights in the Customer Name shall be the property of the Customer.

10.6 The Customer hereby grants Benefex a non-exclusive licence of the Intellectual Property Rights in the Customer Name for the purpose of the delivery of the Services.

11. Third party IPR

11.1 Subject to clauses 2, 14.2 and 14.3, Benefex shall indemnify the Customer against all Losses suffered or incurred by the Customer arising out of or in connection with any claim made against the Customer for actual or alleged infringement of a third party's Intellectual Property Rights, arising out of or in connection with the Customer’s use of the Product.

11.2 If any third party makes a claim, or notifies an intention to make a claim, against the Customer which may reasonably be considered likely to give rise to a liability under this indemnity (a Claim), the Customer shall:

11.2.1 as soon as reasonably practicable, give written notice of the Claim to Benefex, specifying the nature of the Claim in reasonable detail;

11.2.2 not make any admission of liability, agreement or compromise in relation to the Claim without the prior written consent of Benefex;

11.2.3 give Benefex reasonable assistance in connection with the defence of the Claim; and

11.2.4 take such action as Benefex may reasonably request, at the expense of Benefex, to avoid, dispute, compromise or defend the Claim.

11.3 In the event of a Claim, Benefex shall be entitled at its own expense and option either to:

11.3.1 procure the right for the Customer to continue using the Product; or

11.3.2 make such alterations, modifications or adjustments to the Product so that it becomes non-infringing, without incurring a material diminution in performance, capacity or functionality; or

11.3.4 replace the Product or the infringing part with a non-infringing substitute provided that such substitute does not entail a material diminution in performance, capacity or functionality of t he Product (and the provisions of this clause 11 shall apply equally to any such substitute) reimbursing the Customer its reasonable costs associated with such substitution.

11.4 Subject to clauses 5, 14.2 and 14.3, the Customer shall indemnify Benefex against all Losses suffered or incurred by Benefex arising out of or in connection with any claim made against Benefex for actual or alleged infringement of a third party's Intellectual Property Rights arising out of or in connection with use of the Customer's Name.

11.5 If any third party makes a claim, or notifies an intention to make a claim, against Benefex which may reasonably be considered likely to give rise to a liability under this indemnity (a Benefex Claim), Benefex shall:

11.5.1 as soon as reasonably practicable, give written notice of the Benefex Claim to the Customer, specifying the nature of the Benefex Claim in reasonable detail;

11.5.2 not make any admission of liability, agreement or compromise in relation to the Benefex Claim without the prior written consent of the Customer;

11.5.3 give the Customer reasonable assistance in connection with the defence of any Benefex Claim; and

11.5.4 take such action as the Customer may reasonably request, at the expense of the Customer, to avoid, dispute, compromise or defend the Benefex Claim.

11.6 In the event of a Benefex Claim, the Customer shall be entitled at its own expense and option either to:

11.6.1 procure the right for Benefex to continue using the Customer's Name; or

11.6.2 make such alterations, modifications or adjustments to the Customer's Name so that it becomes non-infringing without adversely affecting Benefex's ability to comply with its obligations under this Agreement; or

11.6.3 replace the Customer's Name (as the case may be) with non-infringing substitutes provided that such substitutes do not adversely affect Benefex's ability to comply with its obligations under this Agreement (and the provisions of this clause 11 shall apply equally to any such substitutes) reimbursing Benefex its reasonable costs associated with such substitution.

12. Term and Termination

12.1 This Agreement shall start on the Agreement Date. Unless terminated earlier in accordance with its terms, this Agreement shall continue for the Initial Period and  shall automatically extend for the Renewal Period at the end of the Initial term and at the end of each Renewal Period   Either party may give written notice to the other party of not less than the Notice Period  to terminate this agreement at the end of the initial Period or the relevant Renewal Period as the case may be.

12.2 The Initial Period shall start on the Subscription Start Date.

12.3 Without limiting its other rights or remedies, either party may terminate the Agreement with immediate effect by giving written notice to the other party if:

12.3.1 the other party commits a material breach of this Agreement and (if such a breach is remediable) fails to remedy that breach within 30 days of that party being notified in writing of full particulars of the breach and being required to remedy it;

12.3.2 an order is made or a resolution passed for the winding up of the other party or circumstances arise which entitle a court of competent jurisdiction to make a winding-up order of the other party;

12.3.3 an order is made for the appointment of an administrator to manage the affairs, business and property of the other party or documents are filed with a court of competent jurisdiction for the appointment of an administrator of the other party or notice of intention to appoint an administrator is given;

12.3.4 a person becomes entitled to appoint a receiver over any of the assets of the other party or a receiver is appointed over any of the assets of the other party;

12.3.5 the other party ceases to trade;

12.3.6 the other party suspends or threatens to suspend payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts within the meaning of section 123 Insolvency Act 1986;

12.3.7 the other party takes or suffers any similar or analogous action in any jurisdiction in consequence of debt.

12.4 For the purposes of clause 3.1, a breach shall be considered capable of remedy if the party in breach can comply with the provision in question in all respects other than as to the time of performance (provided that time of performance is not of the essence).

13. Consequences of termination

13.1 On termination of the Agreement for any reason:

13.1.1 the Customer shall immediately pay to Benefex all of Benefex's outstanding unpaid invoices and interest (including any invoice submitted pursuant to clause 1.2);

13.1.2 Benefex shall be entitled to submit an invoice in respect of any part of the Charges as yet not invoiced for the period from the date of the last invoice to the actual date of termination of the Agreement;

13.1.3 Benefex shall issue a credit note to the Customer for, and repay to the Customer (or deduct from any invoice rendered under clause 1.2) any part of the Charges already invoiced and paid by the Customer for the period after the actual date of termination of the Agreement;

13.1.4 the accrued rights, remedies, obligations and liabilities of the parties as at expiry or termination shall not be affected, including the right to claim damages in respect of any breach of the Agreement which existed at or before the date of termination or expiry; and

13.1.5 those clauses which expressly or by implication have effect after termination shall come into or continue in full force and effect.

14. Liability

14.1 Nothing in this Agreement shall limit or exclude either party's liability for:

14.1 death or personal injury caused by its negligence, or the negligence of its employees, agents or subcontractors; or

14.2 fraud or fraudulent misrepresentation

14.3 Losses suffered by the other arising under clause 11 (Third Party IPR)

14.4 any other liability which cannot be excluded or limited by applicable law.

14.2 Subject to clause 1 neither party shall in any circumstances whatever be liable to the other, whether in contract, tort (including negligence), breach of statutory duty, misrepresentation, restitution or otherwise, for:

14.2.1 loss of profit, loss of business, loss of enjoyment, depletion of goodwill, loss of reputation and/or similar losses, loss of anticipated savings, loss of goods, loss of contract, loss of use, in each case whether direct, indirect or consequential, or

14.2.2 any indirect or consequential loss arising under or in connection with this Agreement.

14.3 Subject to clauses 1 and 14.2 each party's aggregate liability in contract, tort (including negligence), breach of statutory duty, misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of this Agreement shall in no circumstances exceed £250,000.

14.4 Benefex shall take out and maintain:

14.4.1 employer's liability insurance in accordance with the Employer's Liability (Compulsory Insurance) Act 1969; and

14.4.2 professional indemnity insurance with an insurer of good repute on such terms and in such amounts as is reasonable, in connection with its provision of the Services.

and Benefex shall, at the request of the Customer, provide to the Customer evidence of such insurance once in each Year.

14.5 This clause 14 shall survive termination of the Agreement.

15. Confidentiality

15.1 Subject to clause 2 each party undertakes to the other to keep secret and strictly confidential all Confidential Information of the other party for the term of this Agreement and for a period of two years after its expiry or termination. Each party (the Receiving Party) undertakes to the other party (the Owner) only to use Confidential Information of the Owner to the extent necessary for the purpose of enabling it to enforce or perform (or cause to be enforced or performed or to facilitate the enforcement or performance of) any of its rights or obligations under this Agreement.

15.2 Each party shall be permitted to disclose Confidential Information of the other party to the extent that it is required to do so by law or by any public, governmental, supervisory or regulatory authority or by any legally binding order of any court or tribunal.

15.3 The obligations contained in clause 1 shall not apply to any Confidential Information of either party:

15.3.1 to the extent that the Receiving Party can demonstrate (to the reasonable satisfaction of the Owner) that such Confidential Information was lawfully in the possession of the Receiving Party at the time of the disclosure; or

15.3.2 to the extent that such Confidential Information becomes publicly available or generally known to the public at any time after such disclosure, except as a result of any breach by the Receiving Party of its obligations hereunder; or

15.3.3 to the extent that the Receiving Party acquires or has acquired such Confidential Information free from any obligation of confidentiality from a third party who is not in breach of any obligation of confidentiality to either party.

15.4 This clause 15 shall survive termination of the Agreement.

 16. Audit Rights

16.1 The Customer, acting by itself or through its Audit Agents, shall have the right during the Term to assess compliance by Benefex of Benefex’s obligations under this Agreement as follows:

16.1.1 to verify compliance by Benefex with Data Protection Laws and Appendix 3; and,

16.1.2 to identify or investigate actual or reasonably suspected fraud or impropriety and in these circumstances the Customer shall have no obligation to inform Benefex of the purpose or objective of its investigations;

16.1.3 in accordance with the written requirements of any regulatory authority which regulates the Customer’s business.

16.2 Except where an audit is imposed on the Customer by a regulatory authority n accordance with clause 1.3, or where the Customer has reasonable grounds for believing that Benefex has committed fraud, the Customer may not conduct an audit of Benefex more than once in any Year.

16.3 The Customer shall (and shall procure that each of its Audit Agents shall) during each audit comply with all security, sites, systems and facilities operating procedures of Benefex and ensure that the conduct of each audit does not unreasonably disrupt Benefex or delay the provision of the Services to any other customer of Benefex.

16.4 Subject to clause 5, Benefex shall provide the Customer and the Audit Agents with all reasonable cooperation and assistance (and shall use reasonable endeavours to procure such co-operation and assistance from the Third-Party Providers) in relation to each audit, including:

16.4.1 all information reasonably requested by the Customer within the permitted scope of the audit;

16.4.2 reasonable access to any premises and to any equipment used (whether exclusively or non-exclusively) in the performance of the Services; and

16.4.3 access to Benefex personnel involved in the delivery of the Services.

16.5 Save as provided in clause 1.2, the Customer shall provide at least 20 Business Days’ written notice of its intention to conduct an audit.

16.6 The Customer shall ensure that each audit takes no longer than one Business Day unless the audit is required pursuant to clause 1.3 when such audit shall take no longer than two Business Days.

16.7 The Customer shall (and shall ensure its Audit Agents shall):

16.7.1 carry out the audit without access to any information or data unrelated to this Agreement (including data or information relating to other customers of Benefex); and

16.7.2 comply with its obligations of confidentiality under this Agreement.

16.8 The parties agree that they shall bear their own respective costs and expenses incurred in respect of compliance with their obligations under this clause unless the audit identifies a material breach of this Agreement by Benefex in which case Benefex shall reimburse the Customer for all the Customer’s reasonable costs incurred in connection with the audit.

16.9 If an audit identifies that Benefex has failed to perform any of those obligations under this Agreement to which clause1 applies, the provisions of clause 17 shall apply;

17. Remediation Plan Process

17.1 If Benefex has failed to perform any of those obligations under this Agreement to which clause 1 applies, the Customer may not terminate this Agreement without first operating the process set out in this clause 17. If Benefex commits such a default, the Customer shall give a written notice to Benefex which shall specify the default in outline and the actions Benefex needs to take with respect to remedying the default (Remediation Notice).

17.2 If Benefex does not accept that it has committed the default, the parties shall escalate any issues arising in accordance with clause 26 (Dispute Resolution).

17.3 If Benefex accepts that it has committed the default, Benefex shall submit a draft plan for the resolution of the default (Remediation Plan) within 20 Business Days of receipt of the Remediation Notice.

17.4 The Customer shall either approve the draft Remediation Plan within 20 Business Days of its receipt pursuant to clause 3, or it shall inform Benefex why it cannot accept the draft Remediation Plan in which event the parties shall escalate any issues arising in accordance with clause 26 (Dispute Resolution). If no such notice is given, Benefex’s draft Remediation Plan shall be deemed to be agreed.

17.5 If a Remediation Plan is agreed between the parties, but Benefex fails to implement or successfully complete the Remediation Plan by the required Remediation Plan completion date, the Customer may:

17.5.1 terminate this Agreement by serving a written notice of termination; or

17.5.2 give Benefex a further opportunity to resume full implementation of the Remediation Plan; or

17.5.3 escalate any issues arising out of the failure to implement the Remediation Plan under clause 26 (Dispute Resolution).

17.6 The Customer shall not be obliged to follow the Remediation Plan Process if there is a repetition of substantially the same default as had previously been addressed in a Remediation Plan within a period of twelve months following the conclusion of such previous Remediation Plan. In such event, the Customer may serve a notice to terminate the Agreement.

18. Anti-Bribery Compliance

18.1 Each party shall:

18.1.1 comply with the Relevant Requirements;

18.1.2 not engage in any activity, practice or conduct which would constitute an offence under sections 1, 2 or 6 of the Bribery Act if such activity, practice or conduct had been carried out in the UK;

18.1.3 have and maintain in place throughout the term of this agreement its own policies and procedures, including adequate procedures under the Bribery Act, to ensure compliance with the Relevant Requirements, and clause 1.2, and will enforce them where appropriate;

18.1.4 promptly report to the other party any request or demand for any undue financial or other advantage of any kind received by the first party in connection with the performance of this Agreement;

18.1.5 immediately notify the other party in writing if a foreign public official becomes an officer or employee of the first party or acquires a direct or indirect interest in the first party, and each party warrants that it has no foreign public officials as officers, employees or direct or indirect owners at the date of this Agreement.

18.2 For the purpose of clause 1:

18.2.1 the meaning of "adequate procedures" shall be determined in accordance with section 7(2) of the Bribery Act and any guidance issued under section 9 of that Act;

18.2.2 the meaning of "foreign public official" shall be determined in accordance with sections 6(5) and 6(6) of the Bribery Act.

19. Anti-slavery and Human Trafficking

19.1 Benefex represents and warrants that at the date of this agreement neither Benefex nor any of its officers or employees:

19.1.1 has been convicted of any offence involving slavery and human trafficking; or

19.1.2 has been or is the subject of any investigation, inquiry or enforcement proceedings by any governmental, administrative or regulatory body regarding any offence or alleged offence of or in connection with slavery and human trafficking.

19.2 Benefex shall implement due diligence procedures in respect of slavery and human trafficking for its Third Party Providers (which are reasonable in the context of the services provided by and location of each Third Party Provider).

19.3 Benefex shall notify the Customer as soon as it becomes aware of any actual or suspected slavery or human trafficking in a supply chain which has a connection with this Agreement.

20. Subcontracting

20.1 Benefex shall be entitled to use sub-contractors (i) to outsource functions related to the general operation of Benefex’s business and/or its infrastructure; or (ii) development or modification of the Tools or Software, or (iii) for incidental engagements by Benefex of individual experts or consultants as independent contractors without the prior consent of the Customer.

20.2 Benefex is solely responsible for all acts and omissions of its subcontractors as if such acts and omissions were its own.

21. Force Majeure

21.1 Neither party shall be in breach of this Agreement nor liable for delay in performing, or failure to perform, any of its obligations under this Agreement if such delay or failure results from a Force Majeure Event (save that no Force Majeure Event shall excuse failure or delay in making any payment due under this Agreement. In such circumstances the time for performance shall be extended by a period equivalent to the period during which performance of the obligation has been delayed or failed to be performed. 

21.2 If the event a Force Majeure Event causes a party to be unable to perform all of its obligations under this Agreement for a continuous period of 90 days, the party not affected may terminate this Agreement by not less than 28 days written notice to the affected party.

22. General

22.1 The Agreement constitutes the entire agreement between the parties. The Customer acknowledges that it has not relied on any statement, promise or representation made or given by or on behalf of Benefex which is not set out in the Agreement.

22.2 The terms of this Agreement operate to the exclusion of any other terms that the Customer seeks to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.

22.3 The failure to exercise or delay in exercising a right or remedy provided by this Agreement or by law does not constitute a waiver of the right or remedy or a waiver of other rights or remedies. A waiver of a breach of any of the terms of, or of a default under, this Agreement shall not affect the other terms of this Agreement and will not prevent a party from subsequently requiring compliance with the waived obligation.  The rights and remedies provided by this Agreement are cumulative and (subject as otherwise provided in this Agreement) are not exclusive of any rights or remedies provided by law.

22.4 Partnership - Nothing in this Agreement constitutes a partnership between the parties nor constitutes any party the agent of the other party.

22.5 Assignment - Subject to clause 20 neither party shall, without the prior written consent of the other party, assign, transfer, charge or deal in any other manner with this Agreement or any of its rights under it or sub-contract any or all of its obligations under this Agreement or purport to do any of the same.

22.6 Either party may, after having given prior written notice to the other party, assign all of its rights and obligations under this agreement to a member of its Group for so long as that company remains a member of its Group. A party who assigns its rights under this agreement to a member of its Group shall procure that such company assigns such rights back to it immediately before that company ceases to be a member of its Group.

22.7 Execution - Each party to this Agreement shall, at the request and cost of the other or any of them, do or procure to be done all such further acts and things and execute or procure the execution of all such other documents as are necessary to give effect to the terms of this Agreement.

22.8 Costs - Each party shall pay its own costs and expenses relating to the negotiation, preparation, execution and implementation by it of this Agreement.

22.9 Variations - No variation of this Agreement shall be valid unless made in writing and signed by an authorised representative on behalf of each of the parties.

22.10 If any provision of this Agreement shall be found by any court or administrative body of competent jurisdiction to be invalid or unenforceable, such invalidity or unenforceability shall not affect the other provisions of this Agreement which shall remain in full force and effect.

23. Third Party Rights

23.1 For the purposes of the Contracts (Rights of Third Parties) Act 1999 the parties do not intend any person other than a party to this Agreement to be able to enforce any term of this Agreement.

23.2 The Customer shall be entitled to enforce any provision of this Agreement for and on behalf of the members of the Customer’s Group (who shall not bring any action, claim or proceeding against the Supplier in their own names) and any Losses suffered by a member of the Customer’s Group shall be deemed to be suffered by the Customer.

 24. Notices

24.1 Any notice given under or pursuant to this Agreement shall be in writing and signed by or on behalf of the party giving it and shall be served by delivering it personally or sending it by pre-paid first class or recorded delivery or registered post to the address set out at the head of this Agreement and for the attention of the Chief Executive (or as otherwise notified by that party in accordance with this clause 24). Any such notice shall be deemed to have been received:

24.1.1 if delivered personally, at the time of delivery;

24.1.2 in the case of pre-paid first-class post or pre-paid recorded delivery or registered post, 48 hours from the date of posting.

24.2 In proving service

24.2.1 by delivery by hand it shall be necessary only to produce a receipt for the communication signed by or on behalf of the addressee;

24.2.2 by post it shall be necessary only to prove that the communication was contained in an envelope which was duly addressed and posted in accordance with this clause.

24.3 For the avoidance of doubt, notice given under this Agreement shall not be validly served if sent by e-mail.

 25. Counterparts

25.1 This Agreement may be executed in any number of counterpart, each of which when executed and delivered shall constitute a duplicate original, but all the counterparts shall together constitute one agreement.

25.2 Transmission of an executed counterpart of this Agreement (but for the avoidance of doubt not just a signature page) by email (in PDF, JPEG or other agreed format) shall take effect as delivery of an executed counterpart of this Agreement. Without prejudice to the validity of the Agreement thus made, each party shall provide the others with the original of such counterpart as soon as reasonable possible thereafter.

26. Dispute Resolution

26.1 In the event of any dispute or difference arising in connection with the Agreement (including any question regarding its existence, validity or termination or the legal relationships established by this Agreement), The Chief Executive or Finance Director (or equivalent officer) of each party will, within 14 days of a written request from one party to the other, meet in a good faith effort to resolve the dispute or difference. If the dispute or difference is not resolved at that meeting, or if such meeting does not take place, either party may refer the dispute to the courts in accordance with clause 2.

27. Governing Law And Jurisdiction

27.1 Notwithstanding the provisions of clause 1 either party may commence or take proceedings or seek remedies before the courts or any other competent authority for interim, interlocutory or injunctive remedies in relation to this Agreement.

27.2 English law governs this Agreement. Each party hereby irrevocably submits to the exclusive jurisdiction of the courts of England in respect of any claim or matter arising out of or in connection with this Agreement.

Appendix 2

Reward

Definitions

1. In this Appendix, unless the context otherwise requires, the following words shall have the following meanings:

Budget the annual financial budget allocated by the Customer for the provision of Rewards to its Employees, as amended from time to time by the Customer and notified to Benefex in accordance with this Appendix 1
Float the amount, from time to time, of the Budget paid to Benefex less the amount used by Benefex to fund Rewards for the Customer
Float Schedule the schedule of payments and dates in relation to the Float as agreed between the parties from time to time
Individual Account the notional account of each Employee
Retailer any organisation against whose goods and services a Voucher can be redeemed
Reward the monetary value awarded to an Employee
Rewarder an Employee authorised to give a Reward
User Terms the Reward End user terms, as amended from time to time,  made available to each Employee by Benefex, subject to which an Employee may use the Reward product
Voucher a digital card purchased by an Employee which can be redeemed at a retailer

Float

2. The Customer shall pay the Initial Float in cleared funds to Benefex on or before the Subscription Start Date,

3. The Customer shall make payments to Benefex in cleared funds in relation to the Float in accordance with the Float Schedule

4. If the Customer fails to comply with clause 2 and/or clause 3 Benefex reserves the right to:

4.1 withhold access to the Reward product from the Customer and the Employees; and

4.1 continue to render invoices for the Charges.

5. Benefex shall hold the Float in a bank account separate from Benefex’s trading accounts (Reward Account).

6. Benefex may only use the funds in the Reward Account for funding Rewards.

7. The Customer shall not be permitted to:

7.1 give any Rewards until Benefex has received the Initial Float; or

7.2 give any Rewards at any time when the value of the Rewards to be made exceeds the

8. If there is insufficient Float at any time, Benefex reserves the right:

8.1 not to credit a Reward to an Employee;

8.2 to communicate with the Employees that no Rewards can be credited to the Employees until further notice.

Budget

9. The Customer shall give Benefex not less than 5 Business Days’ written notice if they wish to change the Budget at any time and any change to the Budget shall take effect from the first day of the following month, subject to:

9.1 the availability of sufficient Float; and

9.2 revisions to the Float Schedule acceptable to both parties.

Allocating a Reward

10. When a Rewarder gives a Reward to an Employee:

10.1 Benefex shall notionally credit the amount of the Reward to the Employee’s Individual Account;

10.1 the Customer no longer has any interest in the amount of the Reward and the amount credited to the Individual Account will not be credited back to the Reward Account or returned to the Customer for any reason.

11. An Employee shall be able to receive a Reward only if the Employee has accepted the User Terms. If an Employee fails to accept the User Terms the Employee will not be permitted to participate in the Reward product or receive any Rewards.

12. The Employee may only use their Reward in accordance with the User Terms.

13. When an Employee uses a reward to select a Voucher, Benefex shall credit the Voucher to the Employee’s Individual Account and deduct the value of the Voucher.

14. It is the Employee’s responsibility to check whether a Voucher is available to him.

15. All Vouchers are issued subject to the terms of the organisation against whose goods and services the Voucher can be redeemed and may be subject to a time limit in which they must be redeemed. It is the Employee’s responsibility to check and comply with the terms of each Voucher. 

16. If a Voucher expires or is forfeited for any reason, the amount of the Voucher will not be re-credited to the Employee’s Individual Account and will not be re-credited to the Reward Account or returned to the Customer.

17. The Customer shall not at any time have access to any Individual Account or be entitled to know about an Employee’s activity in their Individual Account, which is personal to each Employee (and governed by the User Terms).

Liability

18. Benefex is not responsible for the availability of certain Vouchers, or the availability, delivery, standard, quality or otherwise of goods or services an Employee may purchase with a Voucher or the failure of a Retailer to honour a redemption or the failure of a Retailer to make certain goods and services available.

Data Protection

19. Benefex shall comply with all Data Protection Laws (which apply to it in its capacity as a data controller) in connection with the processing of personal data of Employees in respect of the Individual Accounts.

Expiry of Award

20. Rewards and Vouchers credited to an Employee’s Individual Account shall remain available to the Employee until the Customer ends the Employee’s access to their Individual Account or until the end of this Agreement (whichever occurs first).

21. If the Employee fails to use any Reward or Voucher before such time:

21.1 the amount of the Reward will expire automatically, and the Employee will no longer be able to access it,

21.2 the value of expired Rewards will not be re-credited to the Employee or re-credited to the Reward Account or returned to the Customer,

21.3 the Employee will be unable to access any Vouchers which the Employee has not redeemed and they will automatically expire (unless the Employee has retained them in a redeemable form otherwise than in the Reward product),

21.4 the value of unused Vouchers will not be re-credited to the Employee or re-credited to the Reward Account or returned to the Customer.

22. The Customer shall be responsible for notifying the Employees if the Agreement is to end and the date by which they must use their Rewards and redeem any Vouchers

End of the Agreement

23. In the event of termination of this Agreement (for whatever reason) Benefex shall return to the Customer the balance of the Float held by Benefex within 28 days of termination.

Appendix 3

Data Protection 

1. Data Protection

1.1 Subject to clause 4, the parties agree that, in respect of the Personal Data, the Customer shall be the Data Controller and Benefex shall be the Data Processor.

1.2 Benefex shall comply with all Data Protection Laws (which apply to it in its capacity as a Data Processor) in connection with the processing of Personal Data in respect of the delivery of the Services and the exercise and performance of its rights and obligations under this Agreement.

1.3 The Customer shall comply with all Data Protection Laws (which apply to it in its capacity as Data Controller) in connection with the processing of Personal Data in respect of the exercise and performance of its rights and obligations under this Agreement, and to enable Benefex to deliver the Services.

1.4 Where Benefex processes the contact details of the Customer’s representatives in connection with the administration of this Agreement and the Services it does so as a Data Controller and Benefex shall undertake such processing in accordance with its legal obligations to Data Subjects under the Data Protection Laws.

Instructions and details of processing

1.5 Insofar as Benefex processes Personal Data on behalf of the Customer:

1.5.1 subject to clause 5.2, Benefex shall (and shall require each of its Sub Processors to) process the Personal Data only on and in accordance with the Customer’s documented instructions as set out in this Appendix 2 (including the Data Processing Details below), and as updated from time to time by the written agreement of the parties (together Processing Instructions);

1.5.2 if any Data Protection Laws require it to process Personal Data other than in accordance with the Processing Instructions, Benefex shall notify the Customer of any such requirement before processing the Personal Data (unless any of the Data Protection Laws prohibit such information on important grounds of public interest).

1.5.3 Benefex shall inform the Customer, as soon as reasonably possible, if, in Benefex’s opinion, any of the Processing Instructions infringe any of the Data Protection Laws.

1.5.4 Benefex shall make available to the Customer all information necessary to demonstrate its compliance with the provisions of Article 28 GDPR.

Benefex personnel

1.6 Benefex shall ensure that all Benefex personnel processing Personal Data:

1.6.1 are subject to obligations of confidentiality which apply, generally or specifically, to the Personal Data; and

1.6.2 are reliable and have received appropriate training on compliance with the Data Protection Laws.

Technical and organisational measures

1.7 Benefex shall implement and maintain, at its cost and expense (taking into account those factors which it is entitled to take into account pursuant to the Data Protection Laws) appropriate technical and organisational measures in relation to the processing of Personal Data by Benefex:

1.7.1 so as to ensure a level of security in respect of the Personal Data processed by it is appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed; and

1.7.2 insofar as is possible, to assist the Customer in the fulfilment of the Customer’s obligations to respond to Data Subject Requests relating to Personal Data.

Breach notification

In respect of any Personal Data Breach, Benefex shall:

notify the Customer of the Personal Data Breach without undue delay (and in any event within 48 hours after becoming aware of the Personal Data Breach); and

provide the Customer without undue delay (and in any event within 48 hours after becoming aware of the Personal Data Breach) with such details as the Customer reasonably requires regarding:

the nature of the Personal Data Breach, including the categories and approximate numbers of Data Subjects and Personal Data records concerned;

the likely consequences of the Personal Data Breach; and

any measures taken, or that Benefex recommends, to address the Personal Data Breach, including to mitigate its possible adverse effects,

provided that, (without prejudice to the above obligations) if Benefex cannot provide all these details within such timeframe, it shall (before the end of this timeframe) provide the Customer with reasons for the delay and when it expects to be able to provide the relevant details (which may be phased), and give the Customer regular updates on these matters

International Data Transfer

Benefex may only transfer any Personal Data to an organisation outside the European Union (EU) (an International Recipient) under the following conditions:

the Customer has consented to the transfer in writing (such consent not to be unreasonably withheld); or

the Personal Data is being processed in a territory which is subject to a then current finding by the European Commission under the Data Protection Laws that the territory provides adequate protection of the privacy rights of individuals; or

Benefex participates in a valid cross-border mechanism under the Data Protection Laws, and has entered into an agreement with each Data Processor which includes the European Commission’s Standard Contractual Clauses for the transfer of Personal Data from the EU to Data Processors established in third countries, as set out in the Annex to Commission Decision 2010/87/EU; or

Benefex has implemented appropriate safeguards in accordance with Article 46 GDPR.

Using other processors

Subject to clause 11, Benefex shall not engage another Data Processor for carrying out any processing activities in respect of the Personal Data without the Customer’s prior written consent.

The Customer consents to the appointment of:

the Sub Processors; and

Data Processors for the purposes set out in clause 20 of Appendix 1;

and any addition to or replacement of any of them and the processing of Personal Data by each of them in accordance with the Data Processing Instructions.

Where Benefex engages a Data Processor to carry out activities which involve the processing of Personal Data Benefex shall:

carry out appropriate due diligence of such Data Processor; and

engage such Data Processor on written terms which comply with the Data Protection Laws

Complaints

Each party shall promptly inform the other party if it receives a Complaint and provide the other party with full details of such Complaint.

Assistance with Customer’s Compliance with Data Subject Rights

Benefex shall:

record and then refer all Data Subject Requests it receives to the Customer, without undue delay;

subject to clause 7, provide such assistance, at the Customer’s cost, to the Customer as the Customer reasonably requests in relation to a Data Subject Request; and

not respond to any Data Subject Request without the Customer’s prior written approval.

Without prejudice to clause 5 Benefex shall, at the Customer’s cost, provide such assistance to the Customer as the Customer reasonably requests (taking into account the nature of processing and the information available to Benefex) in ensuring compliance with such obligations as apply to the Customer under Data Protection Laws, with respect to:

security of processing;

Data Protection Impact Assessments (as such term is defined in the Data Protection Laws);

prior consultation with a Supervisory Authority regarding high risk processing.

Deletion or return of Personal Data

After the end of the provision of the Services, Benefex shall without delay, securely delete all the Personal Data (except where the Customer, before the end of this Agreement, gives written notice to Benefex that it requires the return of the Personal Data, in which event Benefex shall securely return the Personal Data to the Customer) unless:

storage of any data is required by Data Protection Laws and, if so, Benefex shall inform the Customer of any such requirement); or

Benefex requires storage of any data for the establishment, exercise or defence of legal claims.

Records and Information

Benefex shall maintain complete, accurate and up to date written records of all categories of processing activities carried out on behalf of the Customer being:

the name and contact details of the Data Processor(s) and (subject to the Customer providing such information) of each Data Controller on behalf of which the Data Processor is acting, and of Benefex’s representative and data protection officer (if any);

the categories of processing carried out on behalf of each Data Controller;

where applicable, details of transfers of Personal Data to an International Recipient; and

where possible, a general description of the technical and organisational security measures referred to in clause 7.

Benefex shall make available to the Customer on request in a timely manner copies of the records under clause 17.

Audit

Subject to clause 16 of Appendix 1, Benefex shall allow for and contribute to audits, including inspections, conducted by the Customer or its Audit Agents, for the purpose of demonstrating compliance by Benefex with its obligations under Data Protection Laws and under this Appendix 3.

Customer responsibility

The Customer acknowledges that Benefex is reliant on the Customer for direction as to the extent to which Benefex is entitled to use and process the Personal Data. Consequently, Benefex will not be liable for any claim brought by a Data Subject arising from any action or omission by Benefex to the extent that such action or omission resulted from the Customer’s instructions or from the Customer’s failure to comply with Data Protection Laws or its obligations under this Agreement.

Without prejudice to clause 3 the Customer shall:

establish the legal basis under Data Protection Laws for the processing of the Personal Data by Benefex and any Third-Party Providers for the delivery of the Services (including, in the absence of any other legal basis, all necessary consents);

provide Benefex with details of such legal basis, if requested by Benefex.

If at any time Benefex or any Third Party Provider is unable to process any Personal Data because the Customer has failed or been unable to establish a legal basis for such processing or an Employee has exercised any of its rights under the Data Protection Laws to prevent such processing, Benefex shall not be in breach of any of its obligations under this Agreement to the extent that such breach arises from such failure or inability or prevention.

Where the Customer or any Employee uses or accesses the Services outside the EEA, it shall be the Customer’s responsibility to ensure that any use of or access to the Personal Data outside the EEA which results in a transfer of such Personal Data outside the EEA complies with the provisions of the Data Protection Laws and all laws in the relevant jurisdiction.

This Appendix 3 shall survive termination of the Agreement.

 

Data Processing Details

Subject matter of processing Personal Data is processed to enable Benefex to provide the Services to the Customer
Duration of processing Personal Data will be processed for the duration of this Agreement
Nature and purpose of processing Personal Data will be processed by Benefex for the purpose of the provision of the Services.
Types of personal data to be processed Data to be processed will include: Employee ID, Employee number, First Name, Last Name, Email address, Job title, Department. Data to be processed may include (at the option of the Customer): Business Unit, Date of Birth, Gender Country, start date of employment, leave date from employment, Manager’s employee ID. Data to be processed may include (at the option of the Employee): profile picture
Categories of data subjects Employees and former Employees

 

 

Sub-Processors

Third Party Provider Data Subject Categories of Data Processing Location
Google Cloud Employees Employee ID
First Name
Last Name
Email Address
Job Title
Department
Business Unit
Country
Date of Birth
Gender
Manager Employee ID
Host platform that Recognition runs on. EEA (Belgium)
Okta Employees Email Address
SSO identifier() if SSO used
Log-in & authentication of users. EEA
SendGrid Employees First Name
Last Name
Email Address
Distribute emails to employees. EEA & USA
Redis Aiven Employees First Name
Last Name
Email Address
Provides cache for feed of information in Recognition EEA
Mongo DB Atlas Employees Employee ID
First Name
Last Name
Email Address
Job Title
Department
Business Unit
Country
Date of Birth
Gender
Manager Employee ID
R & R Application Database (The application database resides within the same Google cloud infrastructure but is a separate entity, the application software is maintained and updated by MongoDB Atlas) EEA (Belgium)
Zendesk Employees First Name
Last Name
Email Address
Employee support ticket system EEA (Ireland)
Tillo Employees Email Address
First Name
Last Name
To contact employees as part of reward fulfilment after a purchase is made. EEA (Ireland)