2.1 Provision of Services

With effect from the Commencement Date, the Provider shall provide the Services to the Client in accordance with the terms of this Agreement. The Services include access to the Provider's online platform, enabling the Client to:

(a) request pre-employment screening checks for prospective employees, contractors, and candidates; (b) conduct ongoing compliance verification for existing personnel; and (c) manage and monitor the status and results of all screening activities.

2.2 Types of Checks

The Services include, but are not limited to, the following types of screening checks: identity verification, right to work confirmation, address history checks, criminal records searches (UK and international), financial litigation and court judgment searches, education and qualification checks, employment history confirmation, global sanctions screening, adverse press searches, and onboarding forms management.

The availability of specific checks may vary and is subject to change. Current checks and fees are set out in Schedule 1, which may be updated from time to time.

2.3 Standard of Service

The Provider will perform the Services with reasonable skill and care and in accordance with industry standards. The Provider will endeavor to validate information across multiple sources but cannot guarantee the accuracy or completeness of information obtained from third-party sources. The Provider remains responsible for the selection and management of any authorized third-party providers engaged to perform checks.

2.4 Service Levels

The Provider shall use reasonable endeavours to achieve the following service levels: (a) Platform availability of 99.5% during business hours (09:00 to 17:00 UK time, Monday to Friday, excluding public holidays); (b) completion of standard screening checks within 14 Business Days (subject to third-party processing times); and (c) response to critical system issues within 4 hours during business hours. These service levels are targets and not guarantees.

3.1 Legal Authority

The Client warrants that it has the legal authority to request the screening checks contemplated by this Agreement and shall ensure that all such requests comply with Applicable Laws in the Client's jurisdiction.

3.2 Compliance with Law

The Client shall ensure that its use of the Services complies with all Applicable Laws in its jurisdiction. This includes, but is not limited to, data protection and privacy legislation, employment and equality legislation, criminal records disclosure requirements, right to work verification requirements, anti-money laundering regulations, and any sector-specific regulations applicable to the Client's industry. The Client is responsible for having proper legal grounds for the checks it requests, treating all candidates fairly and lawfully, and ensuring compliance with all regulatory requirements applicable in its jurisdiction.

3.3 Co-operation

The Client shall: (a) co-operate with the Provider in all matters relating to the Services; (b) provide complete and accurate information about persons to be screened in a timely manner; (c) notify the Provider immediately of any material changes during the screening process; and (d) provide such access to premises, systems, and personnel as may reasonably be required.

3.4 Client Delays

To the extent that the Provider's performance is prevented or delayed by any act or omission of the Client or its agents, consultants, or other suppliers ("Client Cause"), the Provider shall not be in breach of this Agreement nor liable for any losses incurred as a result. The Provider shall be entitled to: (a) an extension of time equal to the delay caused by the Client Cause; (b) payment of its Fees notwithstanding such delay; and (c) recovery of any additional costs incurred.

3.5 Acceptable Use

The Client shall not, and shall ensure that its personnel do not:
(a) use the Services for any purpose other than lawful employment screening and compliance verification; (b) submit false, misleading, or fraudulent information through the Platform; (c) attempt to access, interfere with, or disrupt the Platform or its underlying systems, or circumvent any security measures; (d) resell, sublicense, or otherwise make the Services available to any third party without the Provider's prior written consent; or (e) use the Services in breach of any Applicable Laws.

Any breach of this Clause 3.5 shall be deemed a material breach of this Agreement.

4.1 Roles

For the purposes of data protection legislation, the Client acts as the Data Controller and the Provider acts as the Data Processor. Detailed terms for the processing of Personal Data are set out in the Data Processing Addendum.

4.2 Consent Process

The Provider will contact applicants directly via the Platform to obtain consent for screening checks. The Provider will provide appropriate privacy notices and offer applicants the opportunity to provide relevant information.

4.3 Provider Obligations

The Provider shall: (a) process Personal Data only on the Client's documented instructions and in accordance with applicable data protection requirements; (b) implement appropriate technical and organisational security measures; (c) maintain records of processing activities; (d) assist the Client in responding to data subject requests; and (e) notify the Client without undue delay upon becoming aware of any Personal Data breach; and (f) maintain an up-to-date list of sub-processors at https://security.hirepass.com (the "Trust Center”) and announce any additions or removals via the Trust Center. The Provider shall provide the Client with not less than fourteen (14) days’ prior written notice of any new sub-processor, unless a shorter notice period is required by law or is necessary to address an emergency or security issue affecting the Services.

4.4 Client Obligations

The Client shall: (a) ensure it has appropriate lawful basis for the screening activities requested; (b) respond to data subject requests within applicable statutory timeframes; and (c) report Personal Data breaches to the relevant supervisory authority where required by law.

4.5 International Transfers

The Provider shall not transfer Personal Data outside the United Kingdom without appropriate safeguards in place in accordance with Chapter V of the UK GDPR. The Client acknowledges and agrees that international transfers may be necessary where: (a) an Applicant has resided in a country outside the United Kingdom and screening checks are required in that jurisdiction; or (b) the use of a specialist international vendor is reasonably determined by the Provider to be the most appropriate means of completing a particular check. In such circumstances, the Provider shall ensure that any transfer is conducted using approved transfer mechanisms under applicable data protection legislation.

4.6 Retention

The Provider shall retain screening data for two years after the completion of checks, unless the Client instructs otherwise in writing, in accordance with the Client's own retention policy. After the retention period expires, the Provider shall securely delete all Personal Data in accordance with Article 17 of the UK GDPR, unless retention is required by law or is necessary for the establishment, exercise, or defense of legal claims.

5.1 Provider's Rights

The Provider owns all Intellectual Property Rights in the Platform, including the software, algorithms, and system outputs. Nothing in this Agreement transfers any Intellectual Property Rights from the Provider to the Client.

5.2 Service Outputs

The Provider owns all Intellectual Property Rights in reports and insights generated by the Services. The Client is granted a non-exclusive, non-transferable licence to use such outputs for its internal business purposes during the Term.

5.3 Platform Licence

The Provider grants the Client a non-exclusive, non-transferable licence to use the Platform during the Term solely for the purposes contemplated by this Agreement.

5.4 Client Data

The Client retains ownership of all data it provides to the Provider. The Provider shall use such data solely to deliver the Services.

5.5 Marketing

The Client grants the Provider a non-exclusive, royalty-free licence to use the Client's name, logo, and trademarks on the Provider's website and in the Provider's marketing materials for the purpose of marketing and publicising the Provider's services during the Term and for a reasonable period thereafter, such period not to exceed twelve (12) months following termination or expiry of this Agreement. The Provider shall use the Client's brand assets in accordance with any brand guidelines provided by the Client and shall cease such use within thirty (30) days of receiving the Client's written request to do so.

5.6 Client References

The Client agrees to provide the Provider with up to four (4) client references per calendar year upon the Provider's reasonable request. Such references may include, but are not limited to: (a) participating in case studies; (b) providing written or recorded testimonials; or (c) speaking with prospective clients of the Provider regarding the Client's experience with the Services.

Any such reference shall be subject to the Client's reasonable availability and prior agreement on each occasion, such agreement not to be unreasonably withheld or delayed.

6.1 Fees

The Client shall pay the Fees set out in Schedule 1 (Pricing Schedule) for the Services. All Fees are exclusive of VAT and other applicable taxes, which shall be added where applicable.

6.2 Payment Terms

Unless otherwise agreed in writing, the Provider shall invoice the Client monthly in arrears for all checks completed during the preceding month. Payment shall be made by bank transfer within 14 days of the invoice date.

6.3 Late Payment

If any amount remains unpaid for more than 30 days after the due date, the Provider may: (a) suspend the Services until payment is made in full; and (b) charge interest on overdue amounts at 4% per annum above the Bank of England base rate.

6.4 Price Changes

The Provider may vary the Fees upon thirty (30) days' written notice to the Client. The Provider shall update the pricing list displayed on the Platform to reflect any such changes. Updated Fees shall apply to all screening requests submitted through the Platform after the effective date of the change. The Client's continued use of the Platform following the effective date shall constitute acceptance of the revised Fees.

6.5 Cancellation

If the Client cancels a screening request before the relevant check has been initiated, no Fee shall be payable in respect of that check. If the Client cancels a screening request after the relevant check has been initiated (meaning the applicant's information has been submitted for processing), the full Fee for that check shall remain payable.

7.1 Provider Warranties

The Provider warrants that: (a) the Services will be performed with reasonable skill and care; (b) the Services will materially comply with this Agreement; (c) the Provider has all necessary authorisations to provide the Services; and (d) the Services will not infringe any third-party Intellectual Property Rights.

7.2 Client Warranties

The Client warrants that: (a) it has full power and authority to enter into this Agreement; (b) it has obtained all necessary consents and authorisations; (c) it will comply with all Applicable Laws; (d) all information provided to the Provider is accurate and complete; and (e) it has appropriate lawful basis for data processing.

7.3 Limitations

Subject to Clause 8.3, and to the fullest extent permitted by law, the Provider makes no warranty regarding: (a) the accuracy, completeness, or timeliness of information obtained from third-party data sources; or (b) the uninterrupted or error-free operation of third-party systems or databases beyond the Provider's reasonable control. Any service level targets set out in this Agreement or otherwise communicated to the Client are objectives rather than guaranteed performance standards. Subject to the provisions set out in this Agreement, all conditions, warranties, representations, or other terms that might otherwise be implied into this Agreement by statute, common law, or otherwise are excluded to the fullest extent permitted by law.

8.1 Excluded Losses

Neither Party shall be liable to the other for any: (a) loss of profits, revenue, business, contracts, anticipated savings, or opportunities; (b) loss or corruption of data; (c) indirect, special, or consequential loss; or (d) loss of goodwill.

8.2 Liability Cap

Subject to Clause 8.3, each Party's total aggregate liability under this Agreement shall not exceed the greater of: (a) £100,000; or (b) the total Fees paid by the Client in the 12 months preceding the event giving rise to liability.

8.3 Unlimited Liability

Nothing in this Agreement excludes or limits liability for: (a) death or personal injury caused by negligence; (b) fraud or fraudulent misrepresentation; (c) wilful misconduct; or (d) any liability that cannot be excluded by law.

8.4 Time Limit

No claim may be brought more than one year after the cause of action arose, except that claims for breach of confidentiality or infringement of Intellectual Property Rights may be brought within two years.

9.1 Client Indemnity

The Client shall indemnify and hold harmless the Provider against all claims, losses, damages, liabilities, costs, and expenses arising from: (a) the Client's breach of this Agreement; (b) unauthorised use of the Services; (c) provision of false or inaccurate information; or (d) the Client's failure to comply with Applicable Laws.

9.2 Provider Indemnity

The Provider shall indemnify and hold harmless the Client against all sums awarded by a court arising from any claim that the Services infringe any UK patent, copyright, or trade mark, except to the extent such infringement arises from: (a) materials provided by the Client; or (b) use of the Services in a manner not authorised by this Agreement.

9.3 Procedure

The indemnified Party shall: (a) promptly notify the indemnifying Party of any claim; (b) allow the indemnifying Party to control the defence; and (c) provide reasonable co-operation.

10.1 Term

This Agreement shall commence on the Commencement Date and continue until terminated in accordance with this Clause 10.

10.2 Termination for Convenience

Either Party may terminate this Agreement for convenience by giving not less than 30 days' written notice to the other Party.

10.3 Termination for Cause

The Provider may terminate this Agreement immediately upon written notice if the Client: (a) fails to pay any amount due within 30 days of the due date; (b) commits a material breach and fails to remedy it within 14 days of notice; (c) becomes insolvent, enters administration, or has a receiver appointed; or (d) is subject to any analogous event in any jurisdiction.

10.4 Consequences of Termination

Upon termination: (a) the Client's right to use the Services shall cease immediately; (b) all outstanding Fees shall become immediately due; (c) each Party shall return or destroy the other's Confidential Information; and (d) Clauses 4, 5, 6, 7, 8, 9, 11 and 13 shall survive termination.

11.1 Obligations

Each Party shall: (a) keep confidential all Confidential Information of the other Party; (b) use Confidential Information only for the purposes of this Agreement; and (c) not disclose Confidential Information to any third party without prior written consent.

11.2 Exceptions

The obligations in Clause 11.1 shall not apply to information that: (a) is or becomes publicly available other than through breach of this Agreement; (b) was lawfully in the receiving Party's possession before disclosure; (c) is received from a third party who is not bound by confidentiality obligations; or (d) is required to be disclosed by law or court order.

12.1 Force Majeure

Neither Party shall be liable for any delay or failure to perform its obligations under this Agreement to the extent that such delay or failure is caused by circumstances beyond its reasonable control, including but not limited to: natural disasters, acts of God, war, terrorism, acts of government, cyber attacks, pandemics, strikes, lockouts, or failures of third-party service providers. The affected Party shall notify the other Party as soon as reasonably practicable and use reasonable efforts to mitigate the effects of such circumstances.

12.2 Assignment

The Client may not assign or transfer any of its rights or obligations under this Agreement without the Provider's prior written consent. The Provider may assign this Agreement to any affiliate or in connection with a sale of all or substantially all of its business or assets.

12.3 Variation

No variation of this Agreement shall be effective unless it is in writing and signed by both Parties.

12.4 Severability

If any provision of this Agreement is found to be invalid, illegal, or unenforceable, it shall be deemed deleted, and the remaining provisions shall continue in full force and effect.

12.5 Entire Agreement

This Agreement, including its Schedules and the Data Processing Addendum, constitutes the entire agreement between the Parties and supersedes all prior agreements, understandings, and representations relating to its subject matter.

12.6 Third Party Rights

A person who is not a Party to this Agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement.

12.7 Notices

All notices under this Agreement shall be in writing and delivered by email to the addresses specified in this Agreement or to such other address as a Party may notify in writing from time to time.

12.8 Insurance

The Provider shall maintain professional indemnity insurance during the Term with coverage appropriate to the nature and scale of the Services. The Provider shall provide evidence of such insurance upon the Client's reasonable written request.

13.1 Governing Law

This Agreement shall be governed by and construed in accordance with the laws of England and Wales.

13.2 Escalation

In the event of any dispute arising out of or in connection with this Agreement, the Parties shall first attempt to resolve the matter through good faith negotiations between appropriate representatives of each Party. If the dispute remains unresolved within fourteen (14) days of written notification, either Party may escalate the matter in accordance with Clause 13.3.

13.3 Jurisdiction

Subject to Clause 13.2, the Parties irrevocably submit to the exclusive jurisdiction of the courts of England and Wales.