Terms & Conditions
Terms and conditions for Use of Website
Whitgift Security hereby makes it known that the following terms and conditions apply to all visitors/users (hereafter ‘users’) who access this website. By accessing this website, or by downloading any of the information contained herein, you acknowledge acceptance of these terms and conditions.
Intellectual Property and Copyright The copyright and all other intellectual property in the material contained in the Whitgift Security web site vests in Whitgift Security. Reproduction of part or all of the contents of the Whitgift Security web site is prohibited save that you may print or download to a hard disk extracts from the Whitgift Security web site for your personal and non-commercial use only. This licence to re-copy does not permit incorporation of the material or any part of it in any other work, publication or web site whether in hard copy, electronic or other format and none of the information contained in the Whitgift Security web site may be copied or distributed for commercial purposes without the prior written consent of Whitgift Security.
Trademarks Any marks not relating to Whitgift Security used on this website are the marks of their respective owners and all rights are acknowledged. The use of such names and logos on the Whitgift Security web site shall not be construed as an endorsement by Whitgift Security.
Disclaimer: Accuracy of information Whitgift Security has made every effort to ensure that the information contained within this website is correct. However, Whitgift Security assumes no responsibility for the accuracy of the information herein. Information may be incomplete or out of date. Whitgift Security may change any of the information on this website, without notice.
Disclaimer: liability and damages Except to the extent required by law, Whitgift Security shall not be liable for any claims, damages, losses or expenses of any nature, arising directly or indirectly from the use of either this website or of the data or material contained herein. Such claims, losses or expenses shall include but not be limited to consequential loss, loss of profit or revenue, damage to data or goods.
Disclaimer: Third party links This website may contain links to third party sites. Such links do not constitute endorsement of the parties so linked, the content of their websites or their products and/or services. You access at your own risk any other website linked via this website.
Unenforceable terms or conditions In the event any that any of these terms and conditions are held to be invalid or unenforceable, the remaining terms and conditions will remain in full force.
Applicable law Your use of this website is governed exclusively by the law of the United Kingdom and the jurisdiction of the courts of the United Kingdom.
Terms and conditions for Certifications
Introduction: These terms are applicable for certifications through either the Cyber Essentials or IASME schemes. Certification. Where certification is purchased as a bundle with consultancy these terms apply for the certification elements of the activity.
The Cyber Essentials Scheme is owned by HM Government (the Authority) and IASME Consortium Limited is the Accreditation Body (AB), Whitgift Security is a Certification body(CB) appointed by IASME.
HMG and IASME own respectively all the intellectual property rights in the Cyber Essentials mark (as appears on the website) and the IASME Governance Standard mark (as appears on the website).
This agreement is intended to govern the relationship between Whitgift Security and you under which you wish to apply for certification under the scheme. The assessment for certification will be carried out only on the basis that you have paid the fees and that you accept the terms and conditions of this agreement in full.
By placing an order for a certificate, or for certification services you are deemed to be accepting these conditions. You need to signify acceptance by selecting the ‘I accept’ option in the question “Do you agree to these terms?” within the online assessment.
If you are accepting on behalf of a corporate body, you represent to us that you are doing so as an authorised representative of that corporate body. If you are not so authorised nor deemed by law to have such authority then you assume sole personal liability for the obligations set out in this agreement.
If you do not accept all of the terms of this agreement you must select the ‘I do not accept’ option and not download, copy or use the marks or claim to be certified under the scheme. You should also destroy any unlicensed copies of the marks or other materials under the scheme which might be in your possession.
A “pass” under the GDPR assessment does not mean that you are assessed as being legally compliant. It indicates only that your organisation is starting on the pathway to compliance and is committed to ensuring ‘privacy by design’.
You should ensure that your organisation obtains specialist legal advice on the GDPR as on any other data protection issue. This GDPR assessment is not legal advice and must not be relied upon as such and neither The IASME Consortium Ltd nor Whitgift Security Ltd accepts any liability for loss or damage suffered as a result of reliance on views expressed here.
The full extent of the GDPR regime and its application post Brexit (for example) is not yet fully known but the assessment addresses what we consider to be key elements and to help organisations demonstrate progress towards meeting the policy objectives that underpins the GDPR.
1. OUR OBLIGATIONS
1.1 We will, upon receipt of the Fees, allow you to complete a Scheme Self-Assessment Questionnaire and will, subject to you meeting your obligations under this Agreement, assess your completed Questionnaire against the Scheme’s criteria.
1.2 We will perform the assessment using reasonable skill and care.
1.3 In the event that your Questionnaire meets the Scheme criteria (which we shall assess at our sole and absolute discretion) we will notify you in writing and, subject to you meeting your obligations under clause 2, will arrange for the issue of a Scheme Certificate to you.
1.4 If you are unsuccessful in your first assessment attempt, we will consider and re- assess against the Scheme profile any changes to your profile that you notify to us or which otherwise come to our attention over the following 2 working days. We will not conduct this reassessment more than one time within the price quoted.
1.5 Prior to issuing a Scheme Certificate IASME will send you an agreement for you to sign, setting out the conditions of use and constraints on your use of the Marks. On receipt of the signed agreement from you (unamended) we will then issue the certificate.
2. YOUR OBLIGATIONS
2.1 You will complete the Self-Assessment Questionnaire accurately, fully and honestly within 6 months of application. After these 6 months your account may be closed and no refund will be due.
2.2 You will not use the Marks or claim to be certified unless you are in receipt of a current, valid Scheme Certificate duly issued by the AB or a CB (Whitgift Security Ltd).
2.3 You acknowledge that any Scheme Certificate will be issued to you only upon acceptance of a signed agreement governing the terms and conditions of use including constraints on the use of the Marks. (The form of that agreement is available on the website).
2.4 You will not make any derogatory statements about the Scheme or behave in any manner that would damage the reputation of the Scheme.
2.5 You acknowledge that the Scheme is intended to reflect that certificated
2.6 organisations have themselves established the cyber security profile set out in the Scheme documents only and that receipt of a Scheme Certificate does not indicate or certify that the certificate holder is free from cyber security vulnerabilities. You acknowledge that we have not warranted or represented the Scheme or certification under the Scheme as conferring any additional benefit to you.
2.7 You will comply with the Scheme documentation and all reasonable directions made to you by the Authority, the AB or CB.
3. THE FEES
You must pay the Fees before the certification process can begin. The Fees are non- returnable.
The Scheme Profile details and methodology are confidential and you agree to keep them confidential, save where disclosure is required by an order of the courts or tribunal or as required by HMRC and only in accordance with the terms of that order or requirement.
5.1 You warrant that the Scheme Questionnaire has been completed by an authorised and suitably competent person.
5.2 You warrant that you will maintain the Security Profile indicated in your completed Questionnaire.
5.3 You warrant that the Scheme Questionnaire you submit is complete and accurate in all material respects.
6. LIMITATION OF LIABILITY
6.1 We do not accept any liability to you resulting from any security breach or vulnerability in your systems or processes.
6.2 We do not accept any liability to you resulting from any security breach or vulnerability in the systems or processes that have been applied
6.3 Without prejudice to the generality of clause 6.1 and subject to clause 6.5 we shall not be liable to you whether in contract, tort (including negligence) for breach of statutory duty or otherwise arising under or in connection with this agreement for:-
(a) loss of profits;
(b) loss of sales or business;
(c) loss of agreements or contracts;
(d) loss of anticipated savings;
(e) loss of or damage to goodwill;
(f) loss of use or corruption of software, data or information;
(g) any indirect or consequential loss.
6.4 The terms implied by sections 3 to 5 of the Supply of Goods and Services Act 1982 are, to the fullest extent permitted by law, excluding this agreement.
6.5 The limitations and exclusions on liability in this section will not apply to any liability for death or personal injury caused by our negligence, for fraud or fraudulent misrepresentation or for any other liability that cannot lawfully be excluded or limited.
6.6 Subject to clause 6.5, the total limit of our liability to you whether in contract or tort is the sum equivalent to the Fees that you have paid to us in the 12 months preceding the date of your claim against us.
7.1 We may terminate the certification process at any stage without notice to you in the event that you are in breach of any of your obligations under this agreement.
8. DISPUTE RESOLUTION
Any dispute regarding this agreement shall first be discussed between us with a view to resolving it promptly. If it cannot be resolved within 28 days then you and we hereby agree that it will be referred for alternative dispute resolution by an appropriate mediation practitioner who is a member of and subject to the rules of the Chartered Institute of Arbitrators.
9. LAW AND JURISDICTION
Our relationship with you will be governed by English law and will be subject to the exclusive jurisdiction of the English courts. However, we may bring legal proceedings in any other jurisdiction, including the jurisdiction where you are domiciled or based, to recover fees or other sums payable to us.
You also agree to IASME publishing the name of your company and, if relevant, the scope of the assessment if you are awarded certification and to the UK Government publishing the following details on their website:
(a) Company Name
(b) Location (town)
(c) Market sector
(d) Date of certification
(e) Certification level
(f) Certification scope
(g) Certification number
Terms and conditions for ToolBox and Documentation Packs
Introduction: These terms are applicable for use of documentation comprising the GDPR Toolbox and documentation packs. Where the toolbox or documentation pack is purchased as a bundle with consultancy these terms apply for use of the toolbox or documentation pack included in the project.
The terms :-
1.1 “Documentation Pack”, “GDPR Conformity Toolbox”, or “toolbox” means all the documents, videos and software used for customisation provided under this licence and listed in “List of Templates.xlsx”. The list may be updated as additional materials are made available.
1.2 “Customised documents” means documents created using the customisation software in the toolbox.
1.3 “Extended toolbox” means materials in the toolbox any customised documents produced using the toolkit.
1.4 “Customer” means entity specified as the customer on the applicable ordering document.
1.5 Supplier means “Whitgift Security” and their authorised agent
2.1 The copyright of the documents/documentation sold via Whitgift Security Ltd and GoLive UK or their authorised agents as the GDPR Conformity Toolbox is vested in Whitgift Security ltd.
2.2 The materials covered by copyright includes all the documents, videos and software used for customisation included in the “toolbox”.
3. The licence
3.1 Upon payment, Whitgift Security Ltd grants Customer a non-exclusive, limited licence
(1) for use the customisation software, access to FAQs and email support for a period of 1 year after date of purchase
(2) a permanent licence to use the customised documents created worldwide exclusively in the manner expressly specified here. All rights which are not expressly granted here are reserved.
4. Licence terms Rights:
4.1 Creating customised documents – using the macros
(1) Customer is authorised to use the customisation software to create a customised document set of documents for the single customer identified above. The software may be used to create the complete set of documents at one time, or individual documents may be created. Customer is licenced to run the customisation software as often as required during licence period.
(2) Customer is authorised to manually edit, translate it into other languages, to adapt, or in any other way modify the customised documents for use within the Customer organisation.
(3) Manual edits will be lost if macros used to update documents.
4.2 Using the Toolbox Materials
(1) Customer is authorised to use the videos in the toolbox for the sole purpose of education of employees of the single licenced customer identified above. Where organisation subcontracts functions, employees who work almost exclusively for Customer may also view videos in context of customers organisation.
(2) Customer is authorised to use the customised documents exclusively for the needs of the single licenced customer identified above. Customer may distribute the customised documents within their own organisation to employees and other workers directly or indirectly, temporary or permanently, by any means and in any form. Customer may distribute customised documents to its clients and suppliers when required to do so for due diligence purposes by contract and the documents do not form part of the product or service being provided to either client or supplier.
5. Licence restrictions
5.1 Customer is not authorised to transfer its rights to associated or non associated legal or natural third persons, including its affiliate companies, or to grant any such third persons any right to use the extended toolbox without written consent previously granted by Whitgift Security ltd
5.2 Customer must not remove the copyright notice from the footer of any Customised Documents which are based on the extended toolkit and contain more than 30% of material from any of the example documents.
5.3 Customer is prohibited from to leasing or distributing or sharing the original or copies of the Toolbox materials or the original or copies of the customised documents by selling or otherwise, or offering them with the intention of selling, as well as to print, publish, and make available to the public, through wired or wireless systems, by enabling unauthorised third persons to access the documents from places and at times of their own choosing (e.g. internet publishing), without previously obtaining written consent from Whitgift Security ltd
5.4 Customer may not publish, transmit, retransmit, disseminate, broadcast, circulate, sell, resell, loan, lease, distribute or transfer any extended Toolbox materials or copies to third parties, nor reverse engineer, decompile, disassemble or otherwise attempt to discern the source code of the components of the software.
5.5 Customer may not use Toolbox, nor allow Toolbox to be used, to create customised documents provide for third parties unless third party has a licence in its own right.
5.6 Customer may not reproduce all or any portion of the extended toolbox (except as expressly permitted herein).
5.7 Customer agrees to notify its employees and agents who may have access to Toolbox of the restrictions contained herein and to ensure their compliance with these restrictions.
6. Disclaimer of Warranties
6.1 The Toolbox is provided “as is” without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, fitness for a particular purpose, accuracy, omissions, completeness, correctness and delays. Information contained in the Toolbox is believed to be accurate at the time of release.
6.2 There is no any warranty that access to Toolbox will be uninterrupted, secure, complete or error free.
6.3 Some systems may not be capable of supporting the Toolbox and Customer acknowledges (a) that it has made appropriate investigations into the necessary systems/software required to support organisations use of the relevant Software and (b) that performance of that Toolbox may vary with equipment with which it is used.
7. Exclusion of liability
7.1 Customer agrees that customised documents from the Toolbox will not, under any circumstances, be considered legal or professional advice and are not meant to replace the experience and sound professional judgment of professional advisors in full knowledge of the circumstances and details of any matter on which advice is sought.
7.2 Customer acknowledges that compliance with document in Toolbox does not infer immunity from legal proceeding nor does it guarantee complete information security
7.3 Supplier shall not be liable in contract, tort, delict or otherwise for any loss of whatsoever kind howsoever arising suffered in connection with using the Toolbox or customised documents.
7.4 Customer shall accept sole responsibility for and Supplier shall not be liable for the use of the extended Toolbox by Customer.
7.5 Customer shall hold Supplier harmless and fully indemnified against any claims, costs, damages, loss and liabilities arising out of any such use.
7.6 None of the terms of this Agreement shall operate to affect statutory rights where this Agreement is entered into as a consumer transaction.
Licence Holder agrees:
(1) to abide by licence terms
(2) that Toolbox is provided “as is” without warranty of any kind, express or implied.
(3) documents from the Toolbox will not, under any circumstances, be considered legal or professional advice.
(4) compliance with any toolbox documents does not infer immunity from legal proceeding nor does it guarantee complete information security
(5) Supplier shall not be liable in contract, tort, delict or otherwise for any loss of whatsoever kind howsoever arising suffered in connection with using the Toolbox or customised documents.
(6) Customer shall accept sole responsibility for and Supplier shall not be liable for the use of the extended Toolbox by customer.
(7) Customer shall hold Supplier harmless and fully indemnified against any claims, costs, damages, loss and liabilities arising out of any such use.