Hello! Before you begin your MyWorkpapers journey, or if you are a client and/or user today, please read through these terms.

Contents

These terms lay out how we will supply our software services to you and are your legal rights and obligations, so please do read everything. By subscribing to and/or using our services, you agree to be bound by these terms. Please pass any questions you may have to us at admin@myworkpapers.com.

  1. Our services

    This section describes our services, subscriptions and access rights. This section also includes a number of definitions, in bold, which will have a consistent meaning throughout these terms.
    1. You and MyWorkpapers: When we say you, your, or customer we mean both you and any entity or firm you’re authorised to represent. When we say MyWorkpapers, we, our, us, or supplier we’re talking about MyWorkpapers Limited which is an English limited company (registered office at Studio J2A, Witan Studios, 279 Witan Court, Milton Keynes, MK9 1EJ) and the entity you contract with and pay fees to, based on the subscriptions you are purchasing for the MyWorkpapers’ application and content.
    2. Our services: Our services consist of all the services we provide now or in the future, including our cloud software MyWorkpapers Practice (as defined below), MyWorkpapers Practice Lite (as defined below) and various workpaper content packs / templates:
      1. Our MyWorkpapers Practice allows unlimited authorised users;
    3. Our MyWorkpapers Practice Lite has the following restrictions:
      1. this service only allows up to 5 authorised users;
      2. roles and permissions of authorised users cannot be changed;
      3. content is limited to a year-end (non-audit / exempt) content template and cannot be edited;
      4. you cannot create firm content templates;
      5. workflow manager access is restricted; and
      6. file subscriptions are limited to a maximum of 150 files per 12 month period, calculated from the annual anniversary of your first invoice.
    4. Creating a subscription: When you take out a subscription to use our services and accept these terms, you become a subscriber. If you’re the subscriber, you’re the one responsible for paying for your subscription and access will only commence on payment of your first invoice in accordance with the Quotation or as otherwise agreed.   As the subscriber you can maintain and edit your Firm Settings in our service. These terms and the Quotation, as defined in section 2.2 below, constitute the entire agreement between you and us and supersede all previous agreements, promises, assurances, warranties, representations and understandings between you and us, whether written or oral, relating to the services we provide. As with any other changes to our terms, changes to the Quotation won’t apply retrospectively and, if we make changes and you’re a subscriber, we’ll make every effort to let you know in accordance with section 12.8.
    5. People authorised to use our services: An authorised user is a person who has been authorised by the subscriber to use our services through a subscription, in accordance with these terms. 
    6. User roles and access: As a subscriber inviting others into a subscription, you should understand the permissions you’re granting to authorised users. If you’d like to read more about user roles and levels of access, check out User access and permissions  in our online help.
    7. The right to use our services: Whether you’re a subscriber or an authorised user, we grant you a non-transferrable and non-exclusive right, without the right to grant sublicences, to use our services (based on your subscription type, your user role and the level of access you’ve been granted) for as long as the subscriber continues to pay for the subscription, until the subscription is terminated, or if you’re an authorised user – until your access is revoked.
    8. Subscriber role: As a subscriber, you take responsibility for fully controlling how your subscription is used by all authorised users. You: 
      1. Can upgrade or buy other subscriptions;
      2. Control access to a subscription. You decide who’s authorised to use our services you’ve subscribed to and what kind of access the authorised user has. You can change or stop that access at any time; and
      3. Are responsible for all of your authorised users’ activity in relation to our services, including any activity in breach of these terms. Should your authorised user breach these terms, you will be liable as if you have breached these terms yourself.
    9. Rules: Whatever your role, when you use our services you agree to follow the rules outlined in section 8.6. Please read them and make sure you understand what you should and shouldn’t do. If you breach any of the rules in section 8.6, we reserve the right, without prejudice to our other rights, to disable your access to any of our services.
    10. Your responsibilities: You undertake that you’ll keep your information, including a current email address and billing details, up to date and provide us with all necessary co-operation and information required for us to provide our services. You understand that we will invoice you monthly for the subscription. You’re responsible for providing true, accurate and complete information and for verifying the accuracy of any information that you use from our services for your legal, tax and compliance obligations. You’re also responsible for protecting your username and password from getting stolen or misused. Our service has minimum password standards, but you will ensure that passwords are very strong and not easily guessable. For more on security generally, please check section 5.
    11. When we introduce new or revised services: We are an agile software company building and innovating all the time from input from our clients and our own inspiration and ideas that we believe will help you in your engagements.  For new or updated services, there might be additional terms. We will communicate updates to you and let you know if there are any changes to our terms are before you start using those services.
    12. What we own: We own our own intellectual property that makes up our services unless otherwise stated and excluding some content owned by others. Our intellectual property includes rights in the design, compilation, and look and feel of our services. It also includes rights in all copyrighted works, trademarks, designs, inventions, and other intellectual property. Except where expressly stated in these terms, these terms do not grant you any rights to, under or in, any patents, copyright, database right, trade secrets, trade names, trade marks (whether registered or unregistered), or any other rights or licences in respect of our services. You agree not to copy, distribute, disassemble, modify or make derivative works of any of our content or use any of our intellectual property rights in any way not expressly permitted by us.
  2. Subscription fees and services

    Unless you are in a free trial or other offer period or time limited discounts, there will be a subscription fees based on the pricing, as set out and agreed by you in the Quotation document. The Quotation also contains pricing details and other terms of your subscription.
    1. Trial subscriptions: When you first sign up, you can opt for a managed free trial, based on the terms specified at the time. If you choose to continue using our services after the trial, you will either be billed when you add your billing details into our services or we will contract you to sign a Quotation, as defined below, and be billed when you add your billing details into our services.  If you choose not to continue using our services following a trial, you may delete your organisation.
    2. Quotation: Your use of our services generally requires you to pay a monthly subscription based on your subscription type (the subscription fees) in accordance with section 1.10. The Quotation sets out the services and subscription fees accepted by you, including invoicing, payment options and these terms.
    3. Subscription fees. We may amend the subscription fees once in any calendar Year and will give you at least 30 days prior written notice before we do so. Depending on your region, the subscription fees may be inclusive or exclusive of transactional taxes where relevant (like VAT and GST), as reflected in the Quotation.
    4. Taxes for your use of our services: You’re responsible for paying all other external fees and taxes associated with your use of our services wherever levied. We may collect geographical location information to determine your location, which may be used for tax purposes. This means location information you give us must be accurate for tax residency purposes.
    5. Additional services: Depending on where you’re based and how you use our services, you may be able to take advantage of additional services that MyWorkpapers offers – like Engagement subscription plans, training, implementation, custom workpaper file builds, etc. These might incur an additional fee that we’ll let you know about when you sign up for those services. These implementation services must be completed within 3 months of the relevant invoice being raised, otherwise this service will be considered forfeited, unless an extension is otherwise agreed in writing. One-off services are payable as soon as you are invoiced for them, to avoid any restriction of our services in accordance with section 2.6.
    6. Importance of timely payments: In order to continue accessing our services, you need to make timely payments in accordance with the Quotation. To avoid delayed or missed payments, please make sure we have accurate payment information. If we don’t receive timely payments, we may, without prejudice to any of our other rights and remedies, suspend access to your subscription until the payment is made.
  3. Data protection and our privacy policy

    MyWorkpapers uses your personal data in order to provide our services to you. Our Data Processing Schedule 1 and Privacy Policy explain in more detail how we deal with personal data.

    1. Use of business data: When you enter or upload business data into our services, we don’t own that data but you grant us a licence to use, copy, transmit, store, analyse, and back up all data you submit to us through our services to: enable you to use our services; allow us to improve, develop and protect our services and create new services;.
    2. Use of your personal data: We respect you and your client privacy and take data protection seriously. In addition to these terms, Schedule 1 Data Processing and our Privacy Policy set out in detail how we process personal data.
    3. Use of personal data you enter about others: Depending on where your contacts are based, our Data Processing Schedule 1 may also apply to the personal data of others (such as your customers, suppliers and employees) that you enter into any MyWorkpapers platform.
    4. Anonymised statistical data: When you use our services, we may create anonymised statistical data from your personal data and usage of our services, including through aggregation. Once anonymised, we may use it for our own purposes, such as to provide and improve our services, to develop new services or product offerings, to identify business trends, and for other uses we communicate to you.
    5. Data breach notifications: Where we are a controller and we think there has been unauthorised access to personal data in relation to your subscription, we’ll let you know and give you information about what has happened and notify any authority in accordance with the Applicable Data Protection Laws. Where you are the controller and we are a processor and we think there has been unauthorised access to personal data in relation to your subscription, we’ll let you know and give you information about what has happened in accordance with the Applicable Data Protection Laws. Depending on the nature of the unauthorised access and the location of your affected contacts, in your capacity as a controller you will be required to assess whether the unauthorised access must be reported to the contact and/or a relevant authority in accordance with the Applicable Data Protection Laws.
  4. Sensitive information

    How we should both deal with confidential information, in order to keep it safe.

    Confidentiality: While using our services, you may share confidential information with us, and you may become aware of confidential information about us. You and we both agree to take reasonable steps to protect the other party’s confidential information from being accessed by unauthorised individuals. You or we may share each other’s confidential information with legal or regulatory authorities if required to do so. This section shall survive termination of these terms, however arising.
  5. Our safeguards

    To help secure our services and your data, we offer a number of additional security features which we strongly suggest you adopt.

    1. Security safeguards: We’ve invested in technical, physical and administrative safeguards to do our part to help keep your data safe and secure. While we’ve taken steps to help protect your data, no method of electronic storage is completely secure and we cannot guarantee absolute security. We will notify you if we have reason to believe that someone has accessed (or may be able to access) your account without authorisation and we may also restrict access to certain parts of our services until you verify that access was by an authorised user.
    2. Account security features: We may enable security features to make your account more secure, such as multi-factor authentication. Depending on where you are in the world or what services you’re using, it is your responsibility to adopt and use security features. We strongly encourage you to use all optional security features.
    3. Playing your part to secure your data: You have an important part to play by keeping your login details secure, not letting any other person use them, and by making sure you have strong security on your own systems. If you realise there’s been any unauthorised use of your password or any breach of security to your account or email address linked to your account, you should immediately change your password and let us know immediately. You also agree not to use free-form fields in any of MyWorkpapers systems or services to store personal data.
  6. Third-party products and partners

    MyWorkpapers utilises a number of trusted partner apps, products and services.

    1. Other services: Some of our services, such as Office 365, and others are available through other companies’ services (e.g. Microsoft). These companies may have additional terms that apply to you.
    2. Third-party products: Along with the use of our services, you may use data, services and apps from other companies (third-party products), for example, those we make available in the MyWorkpapers Marketplace (e.g. Class API integration). Any third party providing a third-party product is a provider and is independent of us, so be aware that a provider may also charge you fees in addition to what you pay us.  If there are such fees, we reserve the right to pass these costs on to you in addition to our Subscription fees.
    3. MyWorkpapers Marketplace: Depending on your region, you may be able to purchase our services or third-party products through the MyWorkpapers Marketplace. When you connect your subscription to a Third Party service, you’re responsible for paying all fees and taxes associated with your use of that app. You authorise us to process and charge these costs to you using the payment method you provide to us or alternatively pay use directly. To learn more about the MyWorkpapers Marketplace, including how to manage your connected apps, check out Firm Settings in our service.
    4. Third-party terms and descriptions: Third-party products are subject to terms and conditions and privacy notices set by their providers. These include important things like pricing, refund policies, and how the provider will use your data that you make available to them. Be sure to read and make sure you agree to their terms and conditions and understand their approach before you connect to them. The descriptions of third-party products that we publish, and any associated links, have been provided to us by the providers. While we make reasonable efforts to check the accuracy of the descriptions, the providers are solely responsible for any representations contained in those descriptions. We don’t endorse or assume any responsibility for third-party products and you access third party providers’ websites, correspond with them and purchase products and services from them solely at your own risk.
    5. Use of your data to connect you to third party products: If you choose to connect your subscription to third-party products, we will use your personal data for that connection. Where we receive data as a result of that connection, we will use that data in line with our privacy policy and these terms.
  7. Support

    So that we can minimise service downtime, you understand that we need to update our services from time to time.
    1. Availability: We strive to maintain the availability of our services and provide online support most hours of the day. On occasion, we need to perform maintenance on our services, and this may require a period of downtime. We try to minimise any such downtime. Where planned maintenance is being undertaken, we’ll attempt to notify you in advance.
    2. Access issues: Occasionally you might not be able to access our services and your data. This might happen for any number of reasons, at any time, due to the nature of the internet and your connection to it.
    3. Data loss: Data loss is an unavoidable risk when using any technology. Whilst we will take all commercially reasonable efforts to keep backups for up to seven years for an active subscriber, it is ultimately your responsibility for maintaining copies of all your data entered into our services and we shall not be liable for any of your data that is lost. For information on how to do that, check out this article here.
    4. No compensation: Whatever the cause of any downtime, access issues or data loss, your only recourse is to discontinue using our services.
    5. Problems and support: If you have a problem, we have support articles available through our Online Help that should help you with most situations. If you still need help, you can contact our support team.
    6. Modifications: We frequently release new updates, modifications and enhancements to our services, and in some cases discontinue features. Where this occurs, we’ll endeavour to notify you in advance where practical (for example, communication by email, announcements in our platform, or within our services when you log in).
  8. Using our services
    1. Feedback: We really appreciate your feedback, please use the Submit a request which can be found top right in the online help centre.
    2. Help using our services: We provide engagement subscription services, online learning management, user webinars, and an online help – there is a lot of guidance and support to help you use our services. You agree to use our services only for lawful business purposes and in line with the instructions and guidance we provide.
    3. Forum Discussions: You can participate in discussions about our services. Only share private information if you’re happy for others to know it, and don’t post anything you don’t have the right to share.
    4. Limitations: MyWorkpapers practice lite has restricted users but MyWorkpapers practice has unlimited users. Our content workpaper packs have limits associated to what your subscription is and what you have purchased.
    5. No-charge or beta services: Occasionally we, or our strategic partners, may offer a service at no charge – for example a beta service, or a time-limited trial account. Because of the nature of these services, you use them at your own risk.
    6. While we cannot cover everything here, we do want to highlight a few more examples of things you must not do:
      1. Undermine the security or integrity of our computing systems or networks.
      2. Use our services in any way that might impair functionality or interfere with other people’s use.
      3. Access any system without permission.
      4. Introduce or upload anything to our services that includes viruses or other malicious code.
      5. Share anything that may be offensive, harmful, threatening, defamatory, obscene, infringing, harassing, violates any law or facilitates illegal activity, or infringes on the rights of others.
      6. Modify, copy, adapt, reproduce, disassemble, decompile, reverse engineer or extract the source code of any part of our services.
      7. Resell, lease or provide our services in any way not expressly permitted through our services.
      8. Repackage, resell, or sublicense any leads or data accessed through our services.
      9. Commit fraud or other illegal acts through our services.
      10. Act in a manner that is abusive or disrespectful to a MyWorkpapers employee, partner or other MyWorkpapers customer. We will not tolerate any abuse or bullying of our MyWorkpapers employees in any situation and that includes interaction with our support teams.
  9. Termination
    1. Subscription period: 
      1. Your subscription will have an annual maximum quantity of file purchase engagements, which you can complete on our services. Your subscription purchase date becomes the anniversary date for resetting your available files to use (and each year on that date thereafter), and your subscription refreshes your file usage count to the quantity you are buying in the month prior to the annual anniversary.
      2. Your subscription is evergreen and will continue indefinitely unless terminated in accordance with these terms.
      3. As our services are used for a financial year, we spread the cost of our services over a 12 month period. Because you are using our services for a 12 month financial year we require 12 months’ notice to downgrade or terminate a subscription other than for our Engagement Membership subscriptions. You may upgrade your subscription at any time. For our Engagement Membership subscriptions, after 12 months you can terminate your subscription with one month’s written notice.
    2. Termination by MyWorkpapers: MyWorkpapers may choose to terminate your subscription at any time by providing you with twelve month’s written notice in advance. MyWorkpapers may also immediately terminate or suspend your subscription or access to any of our services if:
      1. you breach any of these terms and do not remedy the breach within 14 days after receiving notice of the breach,
      2. you breach any of these terms and the breach cannot be remedied,
      3. you fail to pay subscription fees in accordance with these terms, or
      4. you or your business become insolvent or applies for or obtains a moratorium under any UK or Australian insolvency legislation, your business goes into liquidation or has a receiver or manager appointed over any of its assets, you become insolvent or make any arrangement with your creditors, or become subject to any similar insolvency event in any jurisdiction.
    3. No refunds: No refund is due to you if you terminate your subscription or MyWorkpapers terminates it in accordance with these terms.
    4. Payment due to MyWorkpapers. Please note that, if you or MyWorkpapers terminate your subscription in accordance with these terms (other than an Engagement Membership which is terminated in accordance with clause 9.1.3), MyWorkpapers will be entitled to recover all subscription fees payable to us for the 12 months after termination, in keeping with notice period to which we are entitled under these terms.
    5. Licence termination: Once a subscription is terminated by you or us, for any reason, all licences granted under these terms shall immediately terminate and you will immediately cease all use of our services.
    6. Retention of your data: Once a subscription is terminated by you or us, it is archived and the data submitted or created by you is no longer available to you. We retain it for a period of time consistent with our data retention policy and applicable legislation. During this period, you can reactivate your subscription and once again access your data by paying the subscription fees. You can get in touch with us to have your data removed completely if you wish, but please note that some backup data cannot be completely removed if it is still within our retention policy period or tied to the integrity of the backup system, however our policies always ensure that any backup data is immediately removed once it is no longer needed to be retained for this purpose.
  10. Liability under these terms

    This section outlines liability for you and us under these terms and so we encourage you to read this section closely and in full.
    1. You indemnify us: You indemnify us against all losses, claims, costs (including, without limitation, court costs and reasonable legal costs), expenses, demands or liability that we incur arising out of, or in connection with, a third-party claim against us relating to your use of our services or any third-party product (except as far as we’re at fault).
    2. Disclaimer of warranties: Our services and all third-party products are made available to you on an “as is” basis. Subject to the exclusion in section 12.4, we disclaim all warranties, express or implied, including any implied warranties of non-infringement, merchantability and fitness for a particular purpose to the fullest extent permitted.
    3. Limitation of liability: Other than liability that we can’t exclude or limit by law, our liability to you in connection with our services or these terms, in contract, tort (including negligence) or otherwise, is limited as follows:
      1. We have no liability arising from your use of our services for:
        1. any direct or indirect loss of revenue or profit, loss of goodwill, loss of customers, loss of capital, loss of anticipated savings, legal, tax or accounting compliance issues, damage to reputation, loss in connection with any other contract; or
        2. any indirect, consequential, incidental, punitive, exemplary or special loss, damage or expense.
      2. For loss or corruption of your data, our liability will be limited to taking reasonable steps to try and recover that data from our available backups.
      3. Our total aggregate liability to you in relation to a claim in any circumstance is limited to the total amount you paid us for your subscription in the 12 months immediately preceding the date on which the claim giving rise to the liability arose.
  11. Resolving a dispute

    Dispute resolution: Most of your concerns can be resolved quickly and to everyone’s satisfaction by contacting our support team. If we’re unable to resolve your complaint to your satisfaction (or if we haven’t been able to resolve a dispute we have with you after attempting to do so informally), you and we agree to resolve those disputes through: in the first instance, mediation in accordance with the Model Mediation Procedure of the Centre for Effective Dispute Resolution (CEDR) and, if that fails, by the applicable courts set out in section 12.11. You agree that any dispute must be brought in your name only and not as a plaintiff or class member in any purported class or representative proceeding.
  12. Miscellaneous terms
    1. No professional advice: Just to be clear, MyWorkpapers is not a professional services firm of any sort, and isn’t in the business of giving any kind of professional advice. We may provide you with information we think might be useful, but this should not be seen as a substitute for professional advice and we aren’t liable for your use of the information in that way.
    2. Events outside our control: We do our best to control the controllables. We aren’t liable to you for any failure or delay in performance of any of our obligations under these terms arising out of any event or circumstance beyond our reasonable control.
    3. Notices: Any notice you send to MyWorkpapers must be sent to admin@myworkpapers.com. Any notices we send to you will be sent to the email address you’ve provided us through your subscription.
    4. Exclusion: In some places, there may be non-excludable warranties, guarantees or other rights provided by law (non-excludable guarantees), such as our liability for death or personal injury caused by our negligence, or for fraud or fraudulent misrepresentation. They still apply – these terms do not exclude, restrict or modify them. Except for non-excludable guarantees and other rights you have that we cannot exclude, we’re bound only by the express undertakings made in these terms. Our liability for breaches that are not non-excludable guarantees is limited, at our option, to either replacing or paying the cost of replacing the relevant service (unless the non-excludable guarantee says otherwise) or by section 10.3. 
    5. Export limitations: You must not use our services in violation of any export or trade embargo laws that apply to you.
    6. Blocking your access, disabling your subscription, or refusing to process a payment: As our sites are global, different laws may apply in different countries that restrict our relationship with you. We may block your access, terminate your subscription or any licence or refuse to process a payment if we reasonably believe there’s a risk - like a potential breach of a law or regulation - associated with you, your company, your subscription, or a payment. Examples of where we might do this include transactions where the payment is from a sanctioned person or country; or where we reasonably believe there is a legal or regulatory risk or a risk of loss being suffered by us or our customers or partners. You guarantee that you’re not located in a sanctioned country and are not on a sanctioned persons list. We may also block users from a country if we can’t receive payments from that country. You should check what payment methods are available in your country for making payments. We may take any of these actions without notice.
    7. Relationship between the parties; assignment: Nothing in these terms is to be construed as constituting a partnership, joint venture, employment or agency relationship between you and us.
    8. Changes to these terms: We sometimes will decide to change these terms of use. But don’t worry, changes won’t apply retrospectively and, if we make changes, we’ll make every effort to let you know. You can keep track of changes to our terms by referring to the version and the date last updated at the top of the terms. Generally, we endeavour to provide you with 30 days’ notice of material changes before they become effective, unless we need to make immediate changes for reasons we don’t have control over. When we notify you, we’ll do it by email or by posting a visible notice through our services. If a change isn’t material, we may not notify you. If you find a modified term unacceptable, you may terminate your subscription by giving the standard advance notice to MyWorkpapers, in accordance with these terms.
    9. Enforcement of terms: If there’s any part of these terms that either one of us is unable to enforce, everything else will remain enforceable. No failure or delay by us to exercise any right or remedy provided under these terms or by a law will be considered a waiver of that or any other right or remedy, nor will it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy. These terms do not provide any rights to any other person or party, other than you and us.
    10. Interpretation: Words like ‘include’ and ‘including’ are not words of limitation and where anything is within our discretion we mean our sole discretion.
    11. Governing law and venue: all matters relating to or in connection with these terms shall be governed by English law and, subject to section 11, the parties agree to the exclusive jurisdiction of the courts of England and Wales to decide all such matters.

 

Schedule 1 – Data Processing

  1. Data processing terms
    1. Definitions:

      Applicable Data Protection Laws: means:

      To the extent that the UK GDPR applies, the law of the United Kingdom or of a part of the United Kingdom which relates to the protection of personal data.

      To the extent that the AUS DPR applies, the law of Australia or of a part of Australia which relates to the protection of personal data.

      To the extent that the EU GDPR or other national data protection law applies, the law of the European Union or any member state of the European Union or the applicable national data protection law which relates to the protection of personal data.

      AUS DPR: the Australian Privacy Act 1988 and/or relevant Australian data protection legislation.

      Customer Personal Data: any personal data which we process in connection with these terms, in the capacity of a processor.

      EU GDPR: the General Data Protection Regulation ((EU) 2016/679).

      Purpose: the purposes for which the Client Personal Data is processed, as set out in the terms or as otherwise agreed by the parties in writing.

      Supplier Personal Data: any personal data which we process in connection with this agreement, in the capacity of a controller.

      UK GDPR: has the meaning given to it in the Data Protection Act 2018.
  2. Data protection
    1. For the purposes of this Schedule 1, the terms controller, processor, data subject, personal data, personal data breach and processing shall have the meaning given to them in the Applicable Data Protection Laws.
    2. Both parties will comply with all applicable requirements of Applicable Data Protection Laws. This Schedule 1 is in addition to, and does not relieve, remove or replace, a party's obligations or rights under Applicable Data Protection Laws.
    3. The parties agree that, depending on the specific circumstances, we shall process the personal data referred to in these terms, either as the sole controller, joint controller with you or as a processor. Should this determination change, then each party shall work together in good faith to make any changes which are necessary to Schedule 1.
    4. By entering into this agreement, the Customer consents to (and shall procure all required consents, from its personnel, representatives and agents, in respect of) all actions taken by the Supplier in connection with the processing of Supplier Personal Data, provided these are in compliance with the then-current version of the Supplier's Privacy Policy available at https://www.myworkpapers.com/privacy-policy-2/ . In the event of any inconsistency or conflict between the terms of the Privacy Policy and these terms, the Privacy Policy will take precedence.
    5. Without prejudice to the generality of Schedule 1 clause 2.2, the Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Supplier Personal Data and Customer Personal Data to the Supplier or lawful collection of the same by the Supplier for the duration and purposes of these terms.
    6. In relation to the Customer Personal Data, Schedule 1 Clause 3 sets out the scope, nature and purpose of processing by the Supplier, the duration of the processing and the types of personal data and categories of data subject.
    7. Without prejudice to the generality of Schedule 1 clause 2.2 the Supplier shall, to the extent that it is acting as a processor in relation to Customer Personal Data:
      1. process that Customer Personal Data only on the documented instructions of the Customer, unless the Supplier is required by Applicable Data Protection Laws to otherwise process that Customer Personal Data. Where the Supplier is relying on Applicable Data Protection Laws as the basis for processing Customer Processor Data, the Supplier shall notify the Customer of this before performing the processing required by the Applicable Data Protection Laws unless those Applicable Data Protection Laws prohibit the Provider from so notifying the Customer on important grounds of public interest. The Supplier shall inform the Customer if, in the opinion of the Supplier, the instructions of the Customer infringe Applicable Data Protection Laws;
      2. implement the technical and organisational measures set out in Schedule 1 Clause 5 to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, which the Customer has reviewed and confirms are appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
      3. ensure that any personnel engaged and authorised by the Supplier to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
      4. assist the Customer insofar as this is possible (taking into account the nature of the processing and the information available to the Supplier), and at the Customer's cost and written request, in responding to any request from a data subject and in ensuring the Customer's compliance with its obligations under Applicable Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
      5. notify the Customer without undue delay on becoming aware that there are reasonable grounds to suspect that there may have been a personal data breach involving the Customer Personal Data and the Customer shall be responsible for notifying any authorities or end users in accordance with the Applicable Data Protection Laws;
      6. at the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of these terms unless the Supplier is permitted by applicable law to continue to retain or process that Customer Personal Data. For the purposes of this clause, Customer Personal Data shall be considered deleted where it is put beyond further use by the Supplier; and
      7. maintain records to demonstrate its compliance with this Schedule 1 clause 2.
    8. The Customer hereby provides its prior, general authorisation for the Supplier to:
      1. appoint processors to process the Customer Personal Data, provided that the Supplier:
        1. shall ensure that the terms on which it appoints such processors comply with Applicable Data Protection Laws, and are consistent with the obligations imposed on the Supplier in this Schedule 1 clause 2;
        2. shall remain responsible for the acts and omission of any such processor as if they were the acts and omissions of the Supplier; and
        3. shall inform the Customer of any intended changes concerning the addition or replacement of the processors, thereby giving the Customer the opportunity to object to such changes provided that if the Customer objects to the changes and cannot demonstrate, to the Supplier's reasonable satisfaction, that the objection is due to an actual or likely breach of Applicable Data Protection Law, the Customer shall indemnify the Supplier for any losses, damages, costs (including legal fees) and expenses suffered by the Supplier in accommodating the objection; and
      2. transfer Customer Personal Data outside of the UK or the EU or Australia as required for the Purpose, provided that the Supplier shall ensure that any transfers of Customer Personal Data are effected in accordance with Applicable Data Protection Laws. For these purposes, the Customer shall promptly comply with any reasonable request of the Supplier, including any request to enter into standard data protection clauses required by the Applicable Data Protection Laws.
    9. We may, at any time on not less than 30 days' notice, revise Schedule 1 clause 2 by replacing it (in whole or part) with any applicable standard clauses approved by the UK Information Commissioner's Office (or its Australian counterpart responsible for data privacy) or forming part of an applicable certification scheme or code of conduct (Amended Terms). Such Amended Terms shall apply when replaced by attachment to this agreement, but only in respect of such matters which are within the scope of the Amended Terms.
    10. To the extent the parties act as joint-controllers in respect of personal data pursuant to these terms, the parties have agreed to allocate responsibility for each of their controller obligations under Applicable Data Protection Laws by a separate agreement in writing.
  3. Particulars of the processing
    1. Details can be found in our Privacy Policy.
    2. Types of Personal Data
      1. names
      2. addresses
      3. contact details
      4. identification details
      5. other personal data types for use on the MyWorkpapers platform
    3. Categories of Data Subject:
      1. suppliers / service providers of the Customer
      2. customers / clients of the Customer
      3. employees / contractors of the Customer
      4. authorised users
      5. other contacts of the Customer
  4. Technical and organisational measures
    1. For Australian clients, data is stored on cloud servers based in a secure availability zone in Australia while for UK clients, we use an availability zone in the UK. To ensure a zone is secure, our provider uses physically separated centres within low-risk geographic metropolitan regions. These centres all provide redundancy and physical security that is beyond what is available to most private organisations.
    2. All data is stored encrypted at rest and is served to customers using industry standard HTTPS with TLS1.2. Our platform also does not expose any direct server addresses and access is strictly controlled using vendor security services. Unlike many SAAS providers (where user data can be pooled together), MyWorkpapers stores each firm's data in its own separate and isolated database. Furthermore, each database automatically takes frequent backup snapshots, along with normal daily and monthly backups.
    3. To maintain and support our platform, all access makes use of restricted security groups using SSO (mfa compulsory). Our operational staff are limited to a small number of trained users, which only have monitored access to user data on an as-requested basis.

These terms and conditions apply from 1st December 2022