Terms of Service
1. Intro
These Terms of Service set out the terms and conditions upon which Omnevue provides Omnevue Service via the Website.
2. Interpretation
“Account” means the Customer’s account accessible via the Website at https://client.omnevue.com/;
“Agreement” means the agreement between the Customer and Omnevue for the provision of the Omnevue Service comprising these Terms of Service and Omnevue Service Plan;
“Commencement Date” means the date on which the Customer completes the Sign Up Process and agrees to these Terms of Service;
“Confidential Information” means information which is identified as confidential or proprietary by either party or by the nature of which is clearly confidential or proprietary;
“Customer” means the person or organisation identified as the customer in the Sign Up Process;
“Customer Data” means any information, reports, statements or any other content or data uploaded by the Customer, or transferred, to the Omnevue Service from the Customer’s systems;
“Discount Code” means a code that can be used during the Sign Up Process to obtain a discount to the Service Fees when purchasing access to the Omnevue Service;
“Omnevue” means Omnevue (ESGgen Limited) a company incorporated in England and Wales with company number 13408145 and with its registered office at 7-9 The Avenue, Eastbourne, East Sussex BN21 3YA;
“Omnevue Service” means Omenvue’s Atmosphere, Atmosphere Pro, Assure, Analyse and / or Audit service (or any combination thereof) as identified in the Omnevue Service Plan and as described on the Website from time to time;
“Omnevue Service Plan” means the plan which identifies the Service Fees, Service Term and the Omnevue Service purchased by the Customer during the Sign Up Process or via the Account on renewing or upgrading access to the Omnevue Service;
“ESG Statements” has the meaning set out in clause 6.1;
“Malware” means anything or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by rearranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience (including all viruses, worms, trojan horses, spyware, logic bombs and similar files, scripts, agents, things or devices);
“Prepayment Voucher” means a voucher that can be used by the Customer to purchase access to the Omnevue Service during the Sign Up Process;
“Sign Up Process” means the process by which the Customer signs up to use the Omnevue Service via the Website and, which amongst other things, identifies the Customer and the applicable Omnevue Service Plan;
“Service Fees” means the price payable by the Customer for the Omnevue Service as set out in the applicable Omnevue Service Plan;
“Service Term” means the time period the Customer is permitted to access the Omnevue Service as purchased and detailed in the Omnevue Service Plan;
“Terms of Service” means these terms and conditions of service;
“User” means any person authorised by the Customer’s ESG Service owner to access the Omnevue Service on behalf of the Customer; and
“Website” means https://www.omnevue.com/ or any other website notified to the Customer by Omnevue from time to time.
3. Omnevue Service
3.1. Omnevue shall provide the Omnevue Service in accordance with Omnevue Service Plan on and subject to the terms of this Agreement.
4. Duration
4.1 The Agreement shall start on the Commencement Date and shall continue for the Service Term unless terminated in accordance with clause 14. Following expiry of the Service Term, the Agreement will automatically terminate, and the Customer will no longer be able to access the Omnevue Service.
5. Access to the Omnevue Service
5.1 To access and use the Omnevue Service, the Customer must complete the Sign Up Process and create an Account.
5.2. Omnevue grants the Customer a limited, non-exclusive, non-transferable, personal and non-sub-licensable licence to permit Users to use the Omnevue Service as permitted by the functionality of such Omnevue Service.
5.3. The Customer acknowledges that any activities that occur under its Account including the activities of Users are the responsibility of the Customer.
5.4. Omnevue may disable any login, at any time and at Omnevue’s sole discretion, if the Customer’s Account has been, or may have been, compromised or misused.
5.5. The Customer shall ensure that only authorised Users access the Account and links to the Omnevue Service are not shared with any unauthorised person.
5.6. If the Customer has any concerns about the Account or thinks the Account may have been misused, please contact Omnevue at support@omnevue.com.
5.7. The Customer must take reasonable precautions to prevent any unauthorised access to, or use of, the Omnevue Service and, in the event of any such unauthorised access or use, promptly notify Omnevue.
5.8. The Customer recognises that Omnevue is always innovating and finding ways to improve the Omnevue Service with new features and services. Therefore, the Customer agrees that the Omnevue Service may change from time to time, and no warranty, representation or other commitment is given in relation to the continuity of any functionality of any of the Omnevue Service.
6. Customer's obligations
6.1. Omnevue may monitor the Customer’s use of the Omnevue Service to ensure quality, improve the Omnevue Service, and verify the Customer’s compliance with the Agreement.
6.2 The Customer:
6.2.1. acknowledges that the use of, and results (including the ESG Statements) obtained from the Omnevue Service including the accuracy and completeness are dependent on the accuracy, completeness and quality of the Customer Data uploaded or transferred to the Omnevue Service;
6.2.2.shall provide to Omnevue with access to all information necessary for Omnevue to provide the Omnevue Service or as otherwise reasonably requested by Omnevue;
6.2.3. must comply with all applicable laws and regulations with respect to its use of the Omnevue Service and its activities under the Agreement;
6.2.4. must use and ensure its Users use the Omnevue Service in accordance with the terms of the Agreement and shall be responsible for any actions and omissions in connection with the use of the Omnevue Service by any Users;
6.2.5. must obtain and shall maintain all necessary licences, consents, and permissions necessary for Omnevue to perform its obligations to the Customer under the terms of the Agreement;
6.2.6. is solely responsible for any integration and configuration of its network, applications and systems required to access and use the Omnevue Service;
6.2.7. is solely responsible for procuring and maintaining its network connections and telecommunications links from its systems in order to access and use the Omnevue Service;
6.2.8. must not modify another website so as to falsely imply that it is associated with the Omnevue Service, or Omnevue or its affiliates.
6.2.9. must not carry out any penetration testing or automated or manual vulnerability scans (or similar security testing) in relation to any of the Omnevue Service without first having obtained the prior written authorisation of Omnevue; and
6.2.10. must not use the Omnevue Service: (a) to access, store, distribute or transmit or prepare for distribution or transmission any Malware; (b) to access, store, distribute or transmit or prepare for distribution or transmission any material that is unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive; (c) in a manner that is illegal or causes damage or injury to any person or property; (d) to infringe any copyright, database right or trademark of any person; (e) to transmit, send prepare for transmission or prepare for sending any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (‘spam’); or (f) to interfere with or attempt to interfere with or compromise the Omnevue Service’ integrity or security.
6.3. The Customer agrees that failure to comply with this clause 5 constitutes a material breach of the Agreement, and may result in the immediate, temporary or permanent withdrawal of any rights to use the Omnevue Service as reasonably necessary to mitigate any damage or loss caused by the breach.
6.4. The Customer acknowledges that it is responsible for all Customer Data distributed or transmitted under its Account (including by its Users).
7. Audit acknowledgement
7.1. The Customer acknowledges that the Omnevue Service is provided in connection with Customer’s ESG statements for the relevant year and in the opinion the Customer the ESG statements produced by the Omnevue Service (“ESG Statements”) are presented fairly, in all material respects, and give true and fair view in accordance with International Standard on Assurance Engagements (ISAE) 3000 Revised.
7.2. The Customer acknowledges that to the best of its knowledge and belief:
7.2.1. ESG Statements conform to ISAE 3000; and
7.2.2. any significant assumptions used by the Customer in making accounting estimates contained in the Customer Data, including those measured at fair value, are reasonable;
7.3. The Customer has uploaded or transferred to the Omnevue Service all Customer Data required to prepare the ESG Statements including all known instances of non-compliance or suspected non-compliance with laws and regulations relevant to the preparation of the ESG Statements.
7.4. The Customer acknowledges that certain aspects relevant to the preparation of the ESG Statements may be excluded or not covered in the ESG Statements if the Customer has not provided the relevant Customer Data.
8. Important note on intellectual property rights
8.1. To the extent protectable, all intellectual property rights in, the Website and all content contained therein (including but not limited to the screen displays, the content, the text, graphics, functionality and look and feel of the website), and any other content or work products generated by Omnevue in the course of providing the Website, except for any Customer Data belongs to Omnevue or its licensors.
8.2. Omnevue’s name, the terms “Omnevue”, and all related names, logos, product and service names, designs and slogans are trademarks of Omnevue or its affiliates or licensors. All other trademarks, service marks, company names or logos are the property of their respective holders. Any use by the Customer of these marks, names and logos may constitute an infringement of the holders’ rights. Omnevue does not warrant that the Omnevue Service and/or the Website do not infringe any intellectual property rights of third parties.
8.3. Subject always to the Customer’s compliance with the Agreement, Omnevue hereby grants the Customer a limited, non-exclusive, non-transferable license to use and display the Omnevue’s name and logo (a) as part of its use of the ESG Statements in the course of carrying out its business and (b) in the Customer’s place of business and its website and marketing material to provide notice that Omnevue has provided or provides the Omnevue Service to the Customer.
9. Customer data
9.1. All intellectual property rights in Customer Data shall remain vested in the Customer or its licensors, as relevant and Omnevue will only use it to provide the Omnevue Service in accordance with clause 9.2.
9.2. The Customer grants Omnevue a licence to access, download and use the Customer Data for the purposes of providing the Omnevue Service to the Customer in accordance with the Agreement, producing anonymised or anonymised and aggregated statistical reports and research and for developing and improving the Omnevue Service. Otherwise, Omnevue claims no rights in the Customer Data.
9.3. The Customer shall maintain a backup of Customer Data and Omnevue shall not be responsible or liable for the deletion, correction, alteration, destruction, damage, loss, disclosure or failure to store any Customer Data.
10. Publicity
10.1. Omnevue may use the Customer’s name, logo and related trademarks in any of Omnevue’s publicity or marketing materials (whether in printed or electronic form) for the purpose of highlighting that the Customer uses the Omnevue Service and alongside any testimonials that the Customer has agreed to give.
10.2. The Customer may request Omnevue to stop using the Customer’s name, logo and related trademarks at any time by contacting Omnevue in writing at help@omnevue.com.
11. Data protection
11.1. If any of the Customer Data contains personal data, the parties will process such personal data in accordance with the Data Processing Schedule.
11.2. For the purposes of the Agreement, “personal data” and “process” shall have the meanings as set out in the Data Processing Schedule.
12. Confidential information
12.1. Each party may be given access to Confidential Information from the other party in order to perform its obligations under the Agreement. A party’s Confidential Information shall not be deemed to include information that:
12.1.1. is or becomes publicly known other than through any act or omission of the receiving party;
12.1.2. was in the other party’s lawful possession before the disclosure;
12.1.3. is lawfully disclosed to the receiving party by a third party without restriction on disclosure;
12.1.4 is independently developed by the receiving party, which independent development can be shown by written evidence; or
12.1.5. is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.
12.2. Each party shall hold the other’s Confidential Information in confidence and, unless required by law, not make the other’s Confidential Information available for use for any purpose other than as needed to perform the terms of the Agreement.
12.3. Each party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by it or its employees or agents in violation of the terms of the Agreement.
12.4. Each party shall take a back-up of its own Confidential Information and shall not be responsible to the other for any loss, destruction, alteration or disclosure of Confidential Information.
13. Price and payment
13.1. The Customer will pay the Service Fees less any valid Pre-payment Voucher or Discount Code on purchasing access to the Omnevue Service either via the Sign Up Process or via their Account if renewing or upgrading access to the Omnevue Service.
13.2. The Customer may use any valid Pre-payment Voucher or Discount Code during the Sign Up Process and the Service Fees will be reduced by an amount equal to the Service Voucher or Discount Code save that Omnevue may reject any Pre-payment Voucher or Discount Code if it is not valid or Omnevue is unable to verify that the Customer is authorised to use it in which case the Service Fees will be due in full.
13.3. Omnevue does not collect or store any of the Customer’s payment information. Payment of the Service Fees is managed by Omnevue’s third party payment provider partners and will be subject to their terms.
13.4. All amounts and fees stated or referred to in the Agreement are exclusive of value added tax (“VAT”) or any other applicable taxes, levies or duties imposed by taxing authorities (where applicable) unless otherwise expressly stated, which shall be paid at the same time as payment of the Fees.
14. Service levels and support
14.1. Omnevue will use commercially reasonable endeavours to provide the Omnevue Service and technical support in accordance with good industry practice and support will be provide remotely by email or web chat.
14.2. The Customer acknowledges that elements of the Omnevue Service are dependent on the Internet and access to various third party services.
14.3. The Customer agrees that Omnevue is not responsible for the non-availability or interruption to the Omnevue Service caused by any such non-availability of the Internet or any such third party services.
15. Suspension and termination
15.1. Omnevue may terminate the Agreement by notice with immediate effect, or such notice as Omnevue may elect to give, if the Customer:
15.1.1. is in breach of applicable law and/or the Agreement; or
15.1.2. infringes Omnevue’s intellectual property rights in the Omnevue Service.
15.2. Either party may terminate the Agreement at any time on written notice to the other if the other:
15.2.1. is in material or persistent breach of any of the terms of the Agreement and either that breach is incapable of remedy, or the other party fails to remedy that breach within 30 days after receiving written notice requiring it to remedy that breach; or
15.2.2. is unable to pay its debts (within the meaning of section 123 of the Insolvency Act 1986), or becomes insolvent, or is subject to an order or a resolution for its liquidation, administration, winding-up or dissolution (otherwise than for the purposes of a solvent amalgamation or reconstruction), or has an administrative or other receiver, manager, trustee, liquidator, administrator or similar officer appointed over all or any substantial part of its assets, or enters into or proposes any composition or arrangement with its creditors generally, or is subject to any analogous event or proceeding in any applicable jurisdiction.
15.3. On termination of the Agreement for any reason all licences granted under the Agreement shall immediately terminate and the Customer’s right to access and use the Omnevue Service will end.
15.4. Upon termination of the Agreement, the Customer may request that any Customer Data is deleted. If the Customer fails to make such a request, Customer Data will be subject to deletion in accordance with Omnevue’s data deletion protocols and Omnevue shall not be held responsible for the deletion of such Customer Data.
15.5. The accrued rights of the parties as at termination, or the continuation after termination of any provision expressly stated to survive or implicitly surviving termination shall not be affected or prejudiced.
16. Warranty
16.1. Omnevue warrants and undertakes that:
16.1.1. it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under the Agreement; and
16.1.2. it will comply with all applicable laws and regulations with respect to its obligations under the Agreement.
16.2. Omnevue undertakes that the Omnevue Service will be performed with reasonable skill and care in accordance with good industry practice.
16.3. Save as set out in the Agreement, the Omnevue Service is provided on an “AS IS” and “AS AVAILABLE” basis and Omnevue gives no representations, warranties, conditions or other terms of any kind in respect of the Omnevue Service, whether express or implied, including, but not limited to, warranties of satisfactory quality, merchantability fitness for a particular purpose or non-infringement.
16.4. Except as expressly and specifically provided for in the Agreement:
16.4.1. the Customer assumes sole responsibility for any results obtained from the use of the Omnevue Service and for any decisions or actions taken arising from such use and it relies on the results obtained from the Omnevue Service at its own risk;
16.4.2. all representations, warranties, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by law, excluded from the Agreement; and
16.4.3. Omnevue will not be responsible for any interruptions, delays, failures or non-availability affecting the Omnevue Service or the performance of the Omnevue Service which are caused by third party services or errors or bugs in software, hardware or the internet on which Omnevue relies to provide the Omnevue Service and the Customer acknowledges that Omnevue does not control such third party services and that such errors and bugs are inherent in the use of such software, hardware and the Internet.
17. Omnevue's liability
17.1. Subject to clause 17.2, Omnevue will not be liable for losses that result from Omnevue’s failure to comply with the Agreement, in tort (including negligence) or otherwise for the following categories of loss or damage: loss of income or revenue; loss of business; loss of profits; loss of anticipated savings; loss of data; waste of management or office time; or any indirect, consequential or special damages, costs or expenses.
17.2. Nothing in the Agreement excludes or limits Omnevue’s liability for death or personal injury caused by Omnevue’s negligence or for fraud or fraudulent misrepresentation.
17.3. Omnevue’s total liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise arising in connection with the performance or contemplated performance of the Agreement shall in all circumstances be limited to the Service Fees paid by the Customer in the 12 months prior to the event giving rise to the claim.
18. Written communications
18.1. Applicable laws may require that some of the information or communications Omnevue sends to the Customer should be in writing. When using the Omnevue Service, the Customer accepts that communication with Omnevue will be mainly electronic.
18.2. Omnevue will contact the Customer by e-mail or provide the Customer with information by posting notices on the Omnevue Service.
18.3. For contractual purposes, the Customer agrees to this electronic means of communication and the Customer acknowledges that all contracts, notices, information and other communications that Omnevue provides to the Customer electronically comply with any legal requirement that such communications be in writing.
19. Notices
19.1. All notices given by the Customer to Omnevue must be given to info@omnevue.com. Omnevue may give notice to the Customer by posting on the Omnevue Service, at the email or postal address the Customer provides to Omnevue, or in any other way Omnevue deems appropriate.
19.2. Notice will be deemed received and properly served immediately when posted on the Omnevue Service or 24 hours after an e-mail is sent or 3 days after the date of posting of any letter. In proving the service of any notice, it will be sufficient to prove, in the case of a letter, that such letter was properly addressed, stamped and placed in the post and, in the case of an e-mail that such e-mail was sent to the specified e-mail address of the addressee.
20. Transfer of rights and obligations
The Customer may not transfer, assign, charge or otherwise deal in the Agreement, or any of the Customer’s rights or obligations arising under the Agreement, without Omnevue’s prior written consent.
21. Events outside Omnevue's control
No party shall be liable to the other for any delay or non-performance of its obligations under the Agreement arising from any cause beyond its control including, without limitation, any of the following: telecommunications failure, pandemic, internet failure, act of God, governmental act, war, fire, flood, explosion or civil commotion. For the avoidance of doubt, nothing in this clause 20 shall excuse the Customer from any payment obligations under the Agreement.
22. Waiver
No forbearance or delay by either party in enforcing its rights shall prejudice or restrict the rights of that party, and no waiver of any such rights or of any breach of any contractual terms shall be deemed to be a waiver of any other right or of any later breach.
23. Severability
If any provision of the Agreement is judged to be illegal or unenforceable, the continuation in full force and effect of the remainder of the provisions shall not be prejudiced.
24. Variation
No variation of this agreement shall be effective unless it is in writing and signed by the parties (or their authorised representatives).
25. Entire agreement
The Agreement constitutes the entire agreement between the parties relating to the provision of the Omnevue Service and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.
26. Third party rights
A person who is not party to the Agreement shall not have any rights under or in connection with them under the Contracts (Rights of Third Parties) Act 1999.
27. Law and jurisdiction
The Agreement shall be governed by and construed in accordance with English law and each party hereby submits to the exclusive jurisdiction of the English courts.
Schedule - Data Processing
1. Introduction
1.1. This Schedule forms part of the Terms of Service between Omnevue and the Customer for the provision of the Omnevue Service and sets out the terms upon which Omnevue will process personal data on the Customer’s behalf when providing the Omnevue Service and acting as a data processor.
2. Definitions
2.1. In this Schedule, save where the context requires otherwise, the following words and expressions have the following meaning:
“Business Day” means a day other than a Saturday, Sunday or bank or public holiday in England;
“Data Subject Request” means a request made by a data subject to exercise any rights of data subjects under Data Protection Laws relating to the Personal Data;
“Data Protection Laws” means any applicable law relating to the protection of personal data and privacy in force from time to time, including (i) the General Data Protection Regulation ((EU) 2016/679) (“GDPR”); (ii) the Data Protection Act 2018; (iii) the retained EU law version of GDPR (as defined under the section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018) (“UK GDPR”) and (iii) the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended; in each case together with all laws implementing, replacing or supplementing the same and any other applicable data protection or privacy laws;
“Personal Data” means the personal data described in Annex 1 (Data Processing Information) and any other personal data processed by Omnevue on behalf of the Customer pursuant to or in connection with the Agreement;
“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed by the Processor or any Sub-processor;
“Sub-processor” means any data processor (including any affiliate of Omnevue) appointed by Omnevue to process Personal Data on behalf of the Customer; and
“Supervisory Authority” means any regulatory authority responsible for the enforcement of Data Protection Laws.
2.2. Terms such as “controller”, “data protection impact assessment”, “data subject”, “process/processing” and “processor” shall have the same meaning ascribed to them in Data Protection Laws.
2.3. Any other terms which appear as defined in this Schedule shall have the meaning given to them in the Terms of Service.
3. Processing of the personal data
3.1. Each party acknowledges and agrees that for the purposes of the Agreement and Data Protection Laws, the Customer shall be the controller and Omnevue the processor in respect of the Personal Data.
3.2. Each party confirms that in the performance of the Agreement it will comply with Data Protection Laws.
3.3. Omnevue shall only process the types of Personal Data relating to the categories of data subjects for the specific purposes in each case as set out in Annex 1 (Data Processing Information) to this Schedule and shall not process the Personal Data other than in accordance with the Customer’s documented instructions (whether in the Agreement or otherwise) unless processing is required by applicable law to which Omnevue is subject, in which case Omnevue shall, to the extent permitted by such law, inform the Customer of that legal requirement before processing that Personal Data.
3.4. Omnevue shall inform the Customer if, in its opinion, an instruction it receives from the Customer pursuant to the Agreement infringes the GDPR.
4. Customer warranty
4.1 The Customer warrants that it has all necessary rights to provide the Personal Data to Omnevue for the processing to be performed in relation to the Omnevue Service.
5. Supplier personnel
5.1. Omnevue shall treat all Personal Data as confidential and shall use reasonable efforts to inform all its relevant employees, contractors and/or any Sub-processors engaged in processing the Personal Data of the confidential nature of such Personal Data.
5.2. Omnevue shall take reasonable steps to ensure the reliability of any employee, contractor and/or any Sub-processor who may have access to the Personal Data, ensuring in each case that access is limited to those persons or parties who need to access the relevant Personal Data, as necessary for the purposes set out in paragraph 3.3 in the context of that person’s or party’s duties to Omnevue.
5.3. Omnevue shall ensure that all such persons or parties involved in the processing of Personal Data are subject to confidentiality undertakings or are under an appropriate statutory obligation of confidentiality.
6. Security
6.1. Omnevue shall implement appropriate technical and organisational measures to ensure a level of security of the Personal Data appropriate to the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed, and shall take all measures required pursuant to Article 32 GDPR.
7. Subprocessing
7.1. The Customer hereby grants its general authorisation to the appointment of Sub-processors by Omnevue under the Agreement.
7.2. If Omnevue seeks to replace any existing Sub-processor and/or appoint any new Sub-processor, Omnevue will provide the Customer with 30 days’ prior notice of the proposed change in Sub-processor(s) and the Customer shall have the right to object to such change within 14 days after its receipt of such notice.
7.3. The Customer’s sole remedy if it does not agree to the replacement or appointment of a Sub-processor shall be to terminate the Agreement.
7.4. With respect to each Sub-processor, Omnevue shall:
7.4.1. enter into a written contract with the Sub-processor which shall contain terms materially the same as those set out in this Schedule;
7.4.2. remain liable to the Customer for any failure by the Sub-processor to fulfil its obligations in relation to the processing of any Personal Data.
8. Data subject rights
8.1. Omnevue shall without undue delay notify the Customer if it receives a request from any governmental or regulatory body or law enforcement agency related to disclosure of the Personal Data unless prohibited by law or a legally binding order of such body or agency.
8.2. Omnevue shall, without undue delay, refer all Data Subject Requests it receives to the Customer.
8.3. In the event that the Customer cannot fulfil any Data Subject Request itself, Omnevue shall co-operate as reasonably requested by the Customer to enable the Customer to comply with any such request including:
8.3.1. the provision of all information reasonably requested by Customer within any reasonable timescale specified by Customer in each case, including full details and copies of the complaint, communication or request and any Personal Data it holds in relation to a data subject;
8.3.2. implementing any additional technical and organisational measures as may be reasonably required by Customer to allow Customer to respond effectively to relevant complaints, communications or requests.
9. Incident management
9.1. In the case of a Personal Data Breach, Omnevue shall not later than 48 hours after having become aware of it notify the Personal Data Breach to the Customer providing the Customer with reasonable information which allows the Customer to meet any obligations to report a Personal Data Breach under Data Protection Laws.
9.2. Omnevue shall co-operate with Customer and take such reasonable steps requested by Customer to assist in the investigation, mitigation and remediation of each Personal Data Breach.
9.3. In the event that the Personal Data Breach is caused by the Customer’s acts or omissions, Customer shall reimburse Omnevue’s reasonable costs and expenses incurred in complying with this paragraph 9.
10. Data protection, impact assessment and prior consultation
10.1. Omnevue shall, at the Customer’s request, provide reasonable assistance to the Customer with any data protection impact assessments which are required under applicable Data Protection Laws and with any prior consultations to any Supervisory Authority of the Customer or any of its affiliates which are required under Data Protection Laws, in each case in relation to processing of Personal Data by Omnevue on behalf of the Customer and taking into account the nature of the processing and information available to Omnevue.
11. Deletion or return of customer personal data
11.1. On cessation of processing of Personal Data by Omnevue, or termination of the Agreement, Omnevue shall permit Customer (at its option) to:
11.1.1. extract a complete copy of all Personal Data by secure file transfer and securely wipe all other copies of the Personal Data processed by Omnevue or any Sub-processor unless required to retain such data in order to comply with applicable laws; or
11.1.2request Omnevue to delete the Personal Data (and procure that any Sub-processor does the same) unless required to retain such data in order to comply with applicable laws.
11.2. If the Customer fails to exercise its rights under paragraphs 11.1.1 and 11.1.2 above, Omnevue shall delete the Personal Data (and procure that any Sub-processor does the same) within a reasonable period following the termination of the Agreement, unless required to retain such data in order to comply with applicable laws.
12. Audit rights
12.1. Omnevue shall make available to the Customer on request all information reasonably necessary to demonstrate compliance with this Schedule and Data Protection Laws and allow for and contribute to audits in accordance with Omnevue’s or its Sub-processors polices in place from time to time.
12.2. Prior to conducting any audit pursuant to paragraph 12.1, the Customer must submit an audit request to Omnevue and the Customer and Omnevue must agree the start date, scope and duration of and security and confidentiality controls applicable to any such audit.
12.3. Omnevue may (acting reasonably) object to the appointment by the Customer of an independent auditor to carry out an audit pursuant to paragraph 12.1 and, where this is the case, the Customer shall be required to appoint another auditor or conduct the audit itself.
12.4. In the event that the Customer requires more than one (1) audit in any twelve (12) month period, Customer shall reimburse Omnevue’s reasonable costs and expenses incurred in complying with any audits over and above such one (1) audit in any twelve (12) month period.
13. Schedule Annex - Data Processing Information
Subject matter and purposes of the processing of Personal Data | Processing for the purposes of:
|
Nature of processing | Use and hosting to provide the Omnevue Service |
Duration of the processing | 7 years for auditing and compliance |
Type of personal data | Personal data including:
|
Categories of data subjects | Employees or contractors of the Customer and its business partners |