Terms of Service
Last modified: 10th April 2020
Welcome to OneUp Sales! These Terms of Service contain the terms and conditions that govern all use of our Platform (as defined below), Services (as defined below) and all content, services and/or products available on or through the Platform (collectively, the "OneUp Services”).
PLEASE READ THESE TERMS CAREFULLY. BY REGISTERING FOR, ACCESSING, BROWSING, AND/OR OTHERWISE USING THE ONEUP SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THESE TERMS. IF YOU DO NOT AGREE TO BE BOUND BY THESE TERMS, DO NOT ACCESS, BROWSE OR OTHERWISE USE THE PLATFORM OR THE ONEUP SERVICES.
The Supplier may, at its sole discretion, elect to suspend or terminate access to, or use of the OneUp Services to anyone who violates these Terms.
The original language of these Terms is English. The Supplier may make available translations for convenience. In case of conflicts between the original English version and any translation, the English version shall prevail.
|Account||the primary means for one User to access the Restricted Area of the Services, subject to payment of the Subscription Fee.|
|Business Day||any weekday other than a bank or public holiday in England.|
|Business Hours||the hours of 09:00 to 17:00 in the Europe/London timezone on a Business Day.|
|Charges||the Subscription Fee and Bespoke Services Fee listed in the Table.|
|Client||a Client of OneUp Sales who has accepted the Supplier's Terms of Service.|
|Client Data||personal data or documents in electronic form that a User of the Services stores within the Services.|
|Confidential Information||any proprietary information of either party including, without limitation, information relating to either party’s products, technology, know-how, specifications, and concepts; as well as information of business and commercial nature, of either party, all in any form or medium whatsoever including in written, physical, digitalised, oral or visual form. This does not include information that is or becomes public knowledge; is already known to the other party prior to its receipt; is demonstrably independently developed at any time by the other party without recognisable association to the Confidential Information; or is disclosed with the prior written permission of the other party.|
|Documentation||the documentation for the Service provided by the Supplier which can be accessed within the Restricted Area.|
|Hosted Services||the provisioning and usage of the Platform.|
|Implementation Fee||the one-off payment paid by the Client for works specified in the Table under Bespoke Services Fee ahead of receiving access to an Account.|
|Intellectual Property Rights||copyright, patents, rights in inventions, rights in confidential information, know-how, trade secrets, trade marks, service marks, trade names, design rights, rights in get-up, database rights, rights in data, semi-conductor chip topography rights, mask works, utility models, domain names, rights in computer software and all similar rights of whatever nature and, in each case: (i) whether registered or not, (ii) including any applications to protect or register such rights, (iii) including all renewals and extensions of such rights or applications, (iv) whether vested, contingent or future and (v) wherever existing.|
|Maintenance Services||the general maintenance of the Platform and Service, and the application of updates and upgrades.|
|Order Form||the document issued by the Supplier and signed by the Client detailing the specifics of the arrangement between both parties.|
|OneUp||the trading name of the Supplier. Also an alternative name for the Platform.|
|OneUp Sales||the trading name of the Supplier. Also an alternative name for the Platform.|
|Personal Data||any information relating to an identified or identifiable natural person.|
|Platform||the OneUp Sales platform provisioned via https://www.oneupsales.io.|
|Public Area||the area of the Service that can be accessed both by Users and Visitors (the Site), without needing to log in.|
|Restricted Area||the area of the Services that can be accessed only by Users (the Platform), and where access requires logging in.|
|Sales Order||any document, including one completed online, that records the Services purchased by the Client.|
|Service or Services||the Platform, Site, all related websites, downloadable software, mobile applications, other services provided by OneUp Sales, and all other communications with individuals through written or oral means.|
|Site||the compilation of all web documents (including but not limited to images, videos, PHP, JS, HTML and CSS files) made available via www.oneupsales.co.uk, oneupsales.io or sub domains or domains with similar names under other top domains and owned by the Supplier.|
|Special Terms||any particulars, specifications and conditions by which the parties have agreed to deviate from these Terms as defined on the Order Form.|
|Subscription Fee||the payment (amount and frequency provided in the Table) for using the Account(s) registered to a Client.|
|Subscription Term||the Initial Subscription Term specified in the Order Form until that period elapses, at which time it refers to the renewal period specified in Clause 1.3.|
|Supplier||Stormburst Studios (the developer and owner of the Services), a company incorporated in England and Wales under number 09302269 whose registered office is at Preston Park House, South Road, Brighton, East Sussex, United Kingdom, BN1 6SB.|
|Support Services||support in relation to the use of, and the identification and resolution of errors in, the Platform, but shall not include the provision of training services.|
|Supported Web Browser||the latest release of Google Chrome.|
|Table or Tables||the tables in the Sales Order document.|
|Terms of Service||these terms.|
|User||an employee, agent, or representative of a Client, who primarily uses the Restricted Area for the purpose of utilising the Services.|
|Visitor||an individual other than a User, who uses the Public Area, but has no access to the Restricted Area of the Services.|
This Agreement shall come into force on the Client Signature Date.
The Initial Subscription Term will commence upon the completion of the Bespoke Services by the Supplier.
At the end of the Initial Subscription Term, this Agreement shall renew for 12 months subject to termination in accordance with this Agreement.
The Client shall pay the Supplier the Bespoke Services Fees within 30 days of completing a Sales Order.
The Client shall pay in advance for each Subscription Term the Supplier the due fees, which is the greater of:
If the Client adds an Account to the Platform, the Supplier will charge the Client a prorated fee for that Account for the remainder of the active Subscription Term.
If the Client removes an Account from the Platform, the Supplier will grant the Client credits that may be used exclusively against future Charges (credits will not be reimbursed as cash to the Client).
If the Client does not accrue new Charges within 12 months or terminates this Agreement, the credits will be discarded and no reimbursement will be provided.
The Client shall pay the Charges to the Supplier in accordance with this Agreement.
The Client must have a payment method selected by the Supplier (card or direct debit) registerd to their account at all times.
The Client must pay the Charges to the Supplier providing that the Charges must in all cases be paid before the commencement of the period to which they relate.
All payments made by the Client are for the full delivery of the Services for the period to which they relate.
If the Client does not pay any amount properly due to the Supplier under this Agreement, the Supplier may:
5. Hosted Services
The Supplier shall endeavour to complete the Bespoke Services within the Bespoke Services Period.
The Bespoke Services Period commences once the Client has registered an accepted payment method and payment of the Bespoke Services Fee has been received by the Supplier.
The Supplier shall create an Account for the Client and shall provide access to this Account following the completion of the Bespoke Services subject to the Client paying the Implementation Fee and Subscription Fee.
The Supplier hereby grants the Client a worldwide, non-exclusive licence to use the Service by means of a Supported Web Browser during the Term.
The licence granted by the Supplier to the Client is subject to the following limitations:
Except to the extent expressly permitted in this Agreement or required by law on a non-excludable basis, the licence granted by the Supplier to the Client is subject to the following prohibitions:
The Client shall use reasonable endeavours, including reasonable security measures relating to Account access details, to ensure that no unauthorised person may gain access to the Service using an Account.
The Supplier shall use all reasonable endeavours to maintain the availability of the Service to the Client but does not guarantee 100% availability. Should the Service be unavailable (other than for the provision of the Maintenance Services) due to the fault of the Supplier, for a singular period of longer than 72 hours (the “Initial Period”) or for four periods of 4 hours each during the same calendar month, the Supplier accepts the right of the Client to deduct a sum of money equivalent to the same calendar month’s Subscription Fee.
For the avoidance of doubt, downtime caused directly or indirectly by any of the following shall not be considered a breach of this Agreement:
The Client must comply with Schedule 1 (Acceptable Use Policy), and must ensure that all persons using the Services with the authority of the Client or by means of an Account comply with Schedule 1 (Acceptable Use Policy).
The Client must not use the Service in any way that causes, or may cause, damage to the Services or Platform or impairment of the availability or accessibility of the Service.
The Client must not use the Hosted Services
For the avoidance of doubt, the Client has no right to access the software code (including object code, intermediate code and source code) of the Platform, either during or after the Term.
The Supplier may suspend the provision of the Service if any amount due to be paid by the Client to the Supplier under this Agreement is overdue and reasonable attempts have been made to retrieve payment from the Client.
6. Maintenance Services
The Supplier shall, where practicable, give to the Client prior written notice of scheduled maintenance periods or updates to the Platform that are likely to affect the availability of the Service or are likely to have a material negative impact upon the Service without prejudice to the Client’s other notice obligations under this main body of this Agreement.
The Supplier shall provide the Maintenance Services with reasonable skill and care.
The Supplier may suspend the provision of the Maintenance Services if any amount due to be paid by the Client to the Supplier under this Agreement is overdue for longer than 14 days.
7. Support Services
The Supplier shall provide the Support Services to the Client for as long as the Client has access to paid Account(s).
The Supplier shall make available to the Client a helpdesk in accordance with the provisions of this main body of this Agreement.
The Supplier shall provide the Support Services with reasonable skill and care.
The Supplier may suspend the provision of the Support Services if any amount due to be paid by the Client to the Supplier under this Agreement is overdue for longer than 14 days.
8. Client Data
The Client hereby grants to the Supplier a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Client Data to the extent reasonably required for the performance of the Supplier’s obligations and the exercise of the Supplier’s rights under this Agreement. The Client also grants to the Supplier the right to sub-license these rights to its sub-processors, subject to any express restrictions elsewhere in this Agreement.
The Supplier shall create a back-up copy of the Client Data daily, shall ensure that each such copy is sufficient to enable the Supplier to restore the Service to the state they were in at the time the back-up was taken, and shall retain and securely store each such copy for a minimum period of 30 days.
9. No Assignment of Intellectual Property Rights
Nothing in this Agreement shall operate to assign or transfer any Intellectual Property Rights from the Supplier to the Client, or from the Client to the Supplier.
In consideration of the Charges payable under this Agreement the Supplier grants to the Customer a non-exclusive, non-transferable revocable licence to use the Intellectual Property Rights owned by the Supplier to the extent necessary for the receipt of the Services throughout the Term.
10. Confidentiality Obligations
The Supplier must:
Notwithstanding the clause above, the Supplier may disclose the Client Confidential Information to the Supplier's officers, employees, professional advisers, insurers, agents and subcontractors who have a need to access the Client Confidential Information for the performance of their work with respect to this Agreement and who are bound by a written agreement or professional obligation to protect the confidentiality of the Client Confidential Information.
The Client must:
This Clause imposes no obligations upon the Supplier with respect to Client Confidential Information that:
The restrictions in this Clause do not apply to the extent that any Client Confidential Information is required to be disclosed by any law or regulation, by any judicial or governmental order or request, or pursuant to disclosure requirements relating to the listing of the stock of the Supplier on any recognised stock exchange.
The Client acknowledges that non-Confidential Information may be anonymously used for analysis and reporting by the Supplier.
The provisions of this Clause shall continue in force indefinitely following the termination of this Agreement.
11. Data Protection
Each party shall comply with the Data Protection Laws with respect to the processing of the Client Personal Data.
The Client warrants to the Supplier that it has the legal right to disclose all Personal Data that it discloses to the Supplier under or in connection with this Agreement.
The Client shall only supply to the Supplier, and the Supplier shall only process, in each case under or in relation to this Agreement, the Personal Data of data subjects falling within the categories specified in Part 1 of Schedule 2 (Data processing information) and of the types specified in Part 2 of Schedule 2 (Data processing information); and the Supplier shall only process the Client Personal Data for the purposes specified in Part 3 of Schedule 2 (Data processing information).
The Supplier shall only process the Client Personal Data for as long as the Client has active Accounts on the Platform, subject to the other provisions of this Clause.
The Supplier shall only process the Client Personal Data on the documented instructions of the Client (including with regard to transfers of the Client Personal Data to any place outside the European Economic Area).
The Supplier shall promptly inform the Client if, in the opinion of the Supplier, an instruction of the Client relating to the processing of the Client Personal Data infringes the Data Protection Laws.
Notwithstanding any other provision of this Agreement, the Supplier may process the Client Personal Data if and to the extent that the Supplier is required to do so by applicable law. In such a case, the Supplier shall inform the Client of the legal requirement before processing, unless that law prohibits such information on important grounds of public interest.
The Supplier shall ensure that persons authorised to process the Client Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
The Supplier and the Client shall each implement appropriate technical and organisational measures to ensure an appropriate level of security for the Client Personal Data, including those measures specified in Part 4 of Schedule 2 (Data processing information).
The Supplier must not engage any third party to process the Client Personal Data without the prior specific or general written authorisation of the Client. In the case of a general written authorisation, the Supplier shall inform the Client at least 14 days in advance of any intended changes concerning the addition or replacement of any third party processor, and if the Client objects to any such changes before their implementation, then the Client may terminate this Agreement on written notice to the Supplier, providing that such notice must be given within the period of 7 days following the date that the Supplier informed the Client of the intended changes. The Supplier shall ensure that each third party processor is subject to equivalent legal obligations as those imposed on the Supplier by this Clause 11.
As at the Effective Date, the Supplier is hereby authorised by the Client to engage, as sub-processors with respect to Client Personal Data, the third parties, and third parties within the categories, identified in Part 5 of Schedule 2 (Data processing information).
The Supplier shall, insofar as possible and taking into account the nature of the processing, take appropriate technical and organisational measures to assist the Client with the fulfilment of the Client’s obligation to respond to requests exercising a data subject's rights under the Data Protection Laws.
The Supplier shall assist the Client in ensuring compliance with the obligations relating to the security of processing of personal data, the notification of personal data breaches to the supervisory authority, the communication of personal data breaches to the data subject, data protection impact assessments and prior consultation in relation to high-risk processing under the Data Protection Laws. The Supplier shall report any Personal Data breach relating to the Client Personal Data to the Client within 24 hours following the Supplier becoming aware of the breach. The Supplier may charge the Client for any work performed by the Supplier at the request of the Client pursuant to this Clause 11.13.
The Supplier shall make available to the Client all information necessary to demonstrate the compliance of the Supplier with its obligations under this Clause and the Data Protection Laws.
The Supplier shall, at the choice of the Client, delete or return all of the Client Personal Data to the Client after the provision of services relating to the processing, and shall delete existing copies save to the extent that applicable law requires storage of the relevant Personal Data.
The Supplier shall allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the Client in respect of the compliance of the Supplier's processing of Client Personal Data with the Data Protection Laws and this Clause. The Supplier may charge the Client for any work performed by the Supplier at the request of the Client pursuant to this Clause.
If any changes or prospective changes to the Data Protection Laws result or will result in one or both parties not complying with the Data Protection Laws in relation to processing of Personal Data carried out under this Agreement, then the parties shall use their best endeavours promptly to agree such variations to this Agreement as may be necessary to remedy such non-compliance.
The Supplier warrants to the Client that:
If the Supplier reasonably determines, or any third party alleges, that the use of the Services by the Client in accordance with this Agreement infringes any person's Intellectual Property Rights, the Supplier may modify the Services in such a way that they no longer infringe the relevant Intellectual Property Rights.
The Client warrants to the Supplier that it has the legal right and authority to enter into this Agreement and to perform its obligations under this Agreement.
All of the parties' warranties and representations in respect of the subject matter of this Agreement are expressly set out in this Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of this Agreement will be implied into this Agreement or any related contract.
13. Acknowledgements and Warranty Limitations
The Client acknowledges that complex software is never wholly free from defects, errors and bugs, and subject to the other provisions of this Agreement, the Supplier gives no warranty or representation that the Services will be wholly free from defects, errors and bugs.
The Client acknowledges that complex software is never entirely free from security vulnerabilities; and subject to the other provisions of this Agreement, the Supplier gives no warranty or representation that the Services will be entirely secure.
The Client acknowledges that the Services are designed to be compatible only with the Supported Web Browsers and the Supplier does not warrant or represent that the Services will be compatible with any other software or systems.
The Client acknowledges that the Supplier will not provide any legal, financial, accountancy or taxation advice under this Agreement or in relation to the Hosted Services; and, except to the extent expressly provided otherwise in this Agreement, the Supplier does not warrant or represent that the Services or the use of the Services by the Client will not give rise to any legal liability on the part of the Client or any other person.
The Client acknowledges that the Supplier has no control over security vulnerabilities in systems belonging to third parties and that the Supplier gives no warranty or representation that the Services will be free of any defects, errors, bugs or vulnerabilities caused by a third party.
14. Limitations and Exclusions of Liability
Nothing in this agreement will:
The limitations and exclusions of liability set out in this Clause and elsewhere in this Agreement:
Neither party shall be liable to the other party in respect of any losses arising out of a Force Majeure Event.
The Supplier shall not be liable to the Client in respect of any loss of profits or anticipated savings.
The Supplier shall not be liable to the Client in respect of any loss of revenue or income.
The Supplier shall not be liable to the Client in respect of any loss of use or production.
The Supplier shall not be liable to the Client in respect of any loss of business, contracts or opportunities.
The Supplier shall not be liable to the Client in respect of any loss or corruption of any data, database or software, providing that this Clause 14.8 shall not protect the Supplier unless the Supplier has fully complied with its obligations under Clause 8.2.
The Supplier shall not be liable to the Client in respect of any special, indirect or consequential loss or damage.
The Supplier shall not be liable to the Client in respect of any breach or vulnerability caused by a third party or a third-party system.
The liability of each party to the other party under this Agreement in respect of any event or series of related events shall not exceed the total amount paid and payable by the Client to the Supplier under this Agreement in the 12-month period preceding the commencement of the event or events.
The aggregate liability of each party to the other party under this Agreement shall not exceed the total amount paid and payable by the Client to the Supplier under this Agreement.
15. Force Majeure Event
If a Force Majeure Event gives rise to a failure or delay in either party performing any obligation under this Agreement (other than any obligation to make a payment), that obligation will be suspended for the duration of the Force Majeure Event.
A party that becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in that party performing any obligation under this Agreement, must:
A party whose performance of its obligations under this Agreement is affected by a Force Majeure Event must take reasonable steps to mitigate the effects of the Force Majeure Event.
The Client may terminate this Agreement by providing written notice to the Supplier at least 30 days prior to the end of the current Subscription Term.
The Supplier may terminate this Agreement at any time by providing at least 30 days written notice to the Client.
In the event of a party committing a material breach of this contract, a remedial period of 30 days shall be granted to the party to resolve the breach. If 30 days should pass with no satisfactory resolution in place, this clause does not apply to 16.4.
Either party may terminate this Agreement immediately by giving written notice of termination to the other party if:
Upon the termination of this Agreement, all of the provisions of this Agreement shall cease to have effect, save that the provisions of this Agreement with lasting effects shall survive and continue to have effect (in accordance with their express terms or otherwise indefinitely).
Except to the extent that this Agreement expressly provides otherwise, the termination of this Agreement shall not affect the accrued rights of either party.
Following the termination of this Agreement for any reason, the Client must immediately pay to the Supplier any Charges in respect of Services provided to the Client in the current Subscription Term and without prejudice to the Supplier’s other legal rights.
Any notice from one party to the other party under this Agreement must be given by one of the following methods (providing that, if the stated time of deemed receipt is not within Business Hours, then the time of deemed receipt shall be when Business Hours next begin after the stated time):
Schedule 1 (Acceptable Use Policy)
This acceptable use policy (the "Policy") sets out the rules governing:
References in this Policy to "you" are to any customer for the Services and any individual user of the Services (and "your" should be construed accordingly); and references in this Policy to "us" are to Stormburst Studios Ltd (the developer and owner of the Services) a company incorporated in England and Wales under number 09302269 (and "we" and "our" should be construed accordingly).
By using the Services, you agree to the rules set out in this Policy.
We will ask for your express agreement to the terms of this Policy before you upload or submit any Content or otherwise use the Services.
You must be at least 18 years of age to use the Services; and by using the Services, you warrant and represent to us that you are at least 18 years of age.
2. General usage rules
You must not use the Services in any way that causes, or may cause, damage to the Services or impairment of the availability or accessibility of the Services.
You must not use the Services:
You must ensure that all Content complies with the provisions of this Policy.
3. Unlawful Content
Content must not be illegal or unlawful, must not infringe any person's legal rights, and must not be capable of giving rise to legal action against any person (in each case in any jurisdiction and under any applicable law).
Content, and the use of Content by us in any manner licensed or otherwise authorised by you, must not:
You must ensure that Content is not and has never been the subject of any threatened or actual legal proceedings or other similar complaint.
4. Graphic material
Content must be appropriate for all persons who have access to or are likely to access the Content in question, and in particular for children over 12 years of age.
Content must not depict violence in an explicit, graphic or gratuitous manner.
Content must not be pornographic or sexually explicit.
5. Factual accuracy
Content must not be untrue, false, inaccurate or misleading.
Statements of fact contained in Content and relating to persons (legal or natural) must be true; and statements of opinion contained in Content and relating to persons (legal or natural) must be reasonable, be honestly held and indicate the basis of the opinion.
6. Negligent advice
Content must not consist of or contain any legal, financial, investment, taxation, accountancy, medical or other professional advice, and you must not use the Services to provide any legal, financial, investment, taxation, accountancy, medical or other professional advisory services.
6.2 Content must not consist of or contain any advice, instructions or other information that may be acted upon and could, if acted upon, cause death, illness or personal injury, damage to property, or any other loss or damage.
Content must be appropriate, civil and tasteful, and accord with generally accepted standards of etiquette and behaviour on the internet.
Content must not be offensive, deceptive, threatening, abusive, harassing, menacing, hateful, discriminatory or inflammatory.
Content must not be liable to cause annoyance, inconvenience or needless anxiety.
You must not use the Services to send any hostile communication or any communication intended to insult, including such communications directed at a particular person or group of people.
You must not use the Services for the purpose of deliberately upsetting or offending others.
You must not unnecessarily flood the Services with material relating to a particular subject or subject area, whether alone or in conjunction with others.
You must ensure that Content does not duplicate other content available through the Services.
You must ensure that Content is appropriately categorised.
You should use appropriate and informative titles for all Content.
You must at all times be courteous and polite to other users of the Services.
8. Marketing and spam
You must not use the Services for any purpose relating to the marketing, advertising, promotion, sale or supply of any product, service or commercial.
Content must not constitute or contain spam, and you must not use the Services to store or transmit spam - which for these purposes shall include all unlawful marketing communications and unsolicited commercial communications.
You must not send any spam or other marketing communications to any person using any email address made available through the Services or that you find using the Services.
You must not use the Services to promote, host or operate any chain letters, Ponzi schemes, pyramid schemes, matrix programs, multi-level marketing schemes, "get rich quick" schemes or similar letters, schemes or programs.
You must not use the Services in any way which is liable to result in the blacklisting of any of our IP addresses.
9. Regulated businesses
You must not use the Services for any purpose relating to gambling, gaming, betting, lotteries, sweepstakes, prize competitions or any gambling-related activity.
You must not use the Services for any purpose relating to the offering for sale, sale or distribution of drugs or pharmaceuticals.
You must not use the Services for any purpose relating to the offering for sale, sale or distribution of knives, guns or other weapons.
You acknowledge that we may actively monitor the Content and the use of the Services.
11. Data mining
You must not conduct any systematic or automated data scraping, data mining, data extraction or data harvesting, or other systematic or automated data collection activity, by means of or in relation to the Services.
You must not link to any material using or by means of the Services that would, if it were made available through the Services, breach the provisions of this Policy.
13. Harmful software
The Content must not contain or consist of, and you must not promote, distribute or execute by means of the Services, any viruses, worms, spyware, adware or other harmful or malicious software, programs, routines, applications or technologies.
The Content must not contain or consist of, and you must not promote, distribute or execute by means of the Services, any software, programs, routines, applications or technologies that will or may have a material negative effect upon the performance of a computer or introduce material security risks to a computer.
Schedule 2 (Data Processing Information)
1. Categories of data subject
The Client may submit Personal Data to the Services, the extent of which is determined and controlled by the Client in its sole discretion and which may include, but is not limited to, Personal Data relating to the following categories of data subjects:
2. Types of Personal Data
The Client may submit Personal Data to the Services, the extent of which is determined and controlled by the Client in its sole discretion and which may include, but is not limited to, the following categories of Personal Data:
3. Purposes of processing
The Supplier will process Personal Data as necessary to provide the Services as instructed by the Client in its use of the Services.
4. Security measures for Personal Data
The Supplier utilizes the services of Amazon Web Services (AWS) for storing and processing Client data. AWS’ security procedures are globally accepted by thousands of companies around the world and can be found at https://aws.amazon.com/security/, and their compliance can be viewed at https://aws.amazon.com/compliance/programs/.
Employees of the Supplier with access to Client Personal Data is only given access for as long as is required to provide the Services required by the Client. Employees of the supplier with access to Client Personal Data must also sign the Live System Operating Procedures document upon joining the business which outlines the procedures for ensuring Client Personal Data is kept secure and that compliance is not breached.
5. Sub-processors of Personal Data
The Supplier will comply with the conditions referred to in Article 28 (2) and (4) of the General Data Protection Regulation to use another Data Processor (Sub-processor).
The Sub-processors utilized by the Supplier can be found at http://www.oneupsales.co.uk/legal/subprocessors/.