NICEIC Online Certification System Terms of use

These Terms apply to the platform services made available by CERTSURE to the Customer (including any Authorised User) as part of their NICIEC Certification and for use as a NICEIC Certified Business, as described herein. They form a part of the Agreement between CERTSURE and the Customer for the provision of the agreed Services, including relating to the NICEIC Online Certification System. The Schedules attached to these Terms also form part of this Agreement.  

1 Interpretation 

1.1 The definitions and rules of interpretation in this clause apply in these Terms including the other parts of the Agreement (unless the meaning is changed in those other parts).  

Agreement: these Terms, including the attached Schedules, and any other incorporated or linked documents and annexes forming the agreement between CERTSURE and the Customer for the provision, access and use of the Services, as described herein.   

Authorised User: an individual director, employee, representative or agent of the Customer who is authorised by the Customer to access and use the Services in accordance with the Agreement (including use of any Documentation provided by CERTSURE), as further described in clause 2. 

Back-Up Policy: CERTSURE's data management and back-up policy, as referred to in Schedule 4. 

Business Day: a day other than a Saturday, Sunday or public holiday in England when banks in London are open for business. 

CERTSURE: Certsure LLP (trading as NICEIC) (or 'we / our'), with company number OC379918, registered in England with registered address: Warwick House Houghton Hall Park, Houghton Regis, Dunstable, Bedfordshire, LU5 5ZX.  

NICEIC Certified Business:  means a business which has been assessed in accordance with the relevant Scheme Rules and has a valid Certificate of Certification. 

Confidential Information: information, documents or data (howsoever communicated or embodied) that are proprietary or confidential and are either clearly labelled as such, or which should reasonably be understood by the recipient as information of a secret, commercially sensitive or confidential nature. 

Contract Year: means a 12-month period starting on the Effective Date (or any anniversary of it). 

Customer: the NICEIC Certified Business customer of CERTSURE accessing and using the Services (including via its Authorised Users), subject to the Terms and Schedules of this Agreement. 

Customer Data:  any Customer (or its licensors') information, data or documentation sourced or generated by or on behalf of the Customer outside of the Services and input, provided or made available by or on behalf of the Customer (and its Authorised Users) for the purpose of using the Services, including any information or data directly derived or compiled from such information, data and documentation, excluding any Output Documents or Documentation. 

Customer End Users: any clients or customers of the Customer. 

Data Protection Laws: (a) the UK GDPR; (b) the Data Protection Act 2018; (c) the Privacy and Electronic Communications (EC Directive) Regulations 2003; (d) any other applicable laws of the United Kingdom relating to the processing of personal data; and (e) any laws which implement such laws. 

Data Subject Request: the exercise by or on behalf of a data subject of any of their rights under Articles 12-22 of the UK GDPR. 

Documentation: any of CERTSURE'S documents, templates, data/data-base(s), forms, precedents and manuals (whether made available on-line or in hard copy) which contain user information, instructions, guidance, specifications, technical and functionality descriptions, or other user, training, technical, resource or reference information and materials as provided or made available by CERTSURE in support of or to facilitate use of the Services, including NOCS. 

Domestic Law: has the meaning given to it in the UK GDPR. 

Effective Date: the date of the Agreement, being the date of first log-in and use of the Services by a Customer. 

Fees: the fees payable by the Customer to CERTSURE in connection with the receipt of the Services, as specified in Schedule 2.  

Intellectual Property Rights: all present and future copyright and related rights, trade marks and service marks, trade names and domain names, rights under licences, rights in get-up, rights to goodwill or to sue for passing off or unfair competition, patents, rights to inventions, rights in designs, rights in computer software, database rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications (or rights to apply) for, and renewals or extensions of, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world. 

Liability: means liability in or for breach of contract (including liability under any indemnity), tort (whether deliberate or not), negligence, breach of statutory duty, misrepresentation, restitution or any other cause of action whatsoever relating to or arising under or in connection with this Agreement, including liability expressly provided for under this Agreement or arising by reason of the invalidity or unenforceability of any term of this Agreement (and for the purposes of this definition, all references to "this Agreement" shall be deemed to include any collateral contract). 

NOCS: the NICEIC online certification cloud-based system. 

Normal Business Hours: 9:00 am to 5.00 pm local UK time, each Business Day excluding company shutdowns. 

Output Documents: certificates, forms, reports, analyses and other output documentation that are generated by or through the Services, including NOCS.  

Restricted Transfer: a transfer that is covered by Chapter V of the UK GDPR. 

Services: the software services (including any accompanying support and maintenance, information and training services) to be provided by CERTSURE to the Customer under this Agreement, as more particularly described in the Documentation and Schedule 1. 

Software: the online NOCS software platform and computer applications made available by or on behalf of CERTSURE through the Website, which the Customer (and its Authorised Users) is entitled to access and use as part of the Services. 

Sub-Processor: a processor appointed by another processor to process personal data on its behalf. This includes sub-processors of any level, for example a sub-sub-processor. 

Support Services Policy: CERTSURE's policy for providing help and support services, including reporting any problems, as part of the Services, as specified in Schedule 3. 

Terms:  these terms and conditions of use that apply to the Agreement. 

UK GDPR: has the meaning given to it in section 3(10) (as supplemented by section 205(4)) of the Data Protection Act 2018. 

Virus: any thing or device (including any software, code, file or programme) which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices. 

Vulnerability: a weakness in the computational logic (for example, code) found in software and hardware components that when exploited, results in a negative impact to the confidentiality, integrity, or availability, and the term Vulnerabilities shall be construed accordingly. 

Website: The NICEIC website at: nocs.niceic.com through which Authorised Users are entitled to access and use the Software.  

1.2 The terms “controller”, “processor”, “data subject”, “personal data”, “processing”, "special category personal data", and “appropriate technical and organisational measures” have the meanings given to them under the Data Protection Laws. 

1.3 A person includes an individual, corporate or unincorporated body (whether or not having separate legal personality) and that person's legal and personal representatives, successors or assigns. 

1.4 Unless the context otherwise requires, words in the singular shall include the plural and in the plural shall include the singular. 

1.5 A reference to a statute or statutory provision is a reference to it as it is in force as at the Effective Date. A reference to a statute or statutory provision shall include all subordinate legislation made under that statute or statutory provision. 

1.6 A reference to writing or written does not include fax. 

1.7 Unless the context requires otherwise, use of phrases such as "including", "such as" or similar words is not intended to limit the preceding words or introduce exhaustive lists or examples. 

1.8 The Terms and Schedules of this Agreement shall prevail over any other terms purported to apply to the subject matter of this Agreement, including any Customer terms as may be attached or linked via any Customer communications, Customer purchase order or e-mail (any such Customer terms, which the Customer hereby agrees shall not apply). 

2 Rights of Access and Use    

2.1 CERTSURE hereby grants to the Customer a non-exclusive, non-transferable right, without the right to grant sub-licences, to permit the Authorised Users to access and use the Software and Documentation through the Services for the duration of this Agreement, solely for the Customer's internal business operations.  The licence granted in this clause 2.1 is subject to any terms applicable to third party software included in the Software or Services, and the Customer (including via its Authorised Users) agrees to comply with those terms as if it were the licensee under them. 

2.2 In relation to the Authorised Users, the Customer agrees that: 

2.2.1 each Authorised User shall keep a secure password for their access to and use of the Software, Services and Documentation, and which they shall keep at all times personally confidential; and 

2.2.2 it shall procure that each Authorised User agrees to act (and acts) in accordance with the scope and terms of this Agreement, and the Customer shall be responsible and liable for the actions of the Authorised Users. 

2.3 The Customer shall maintain in place appropriate levels of organisational security and cyber-security and not access, store, distribute or transmit any Viruses, or unlawful material during the course of its use of the Software and Services.   

2.4 The Customer (and each Authorised User) shall not: 

2.4.1 except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties and except to the extent expressly permitted under this Agreement: attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software or Documentation (as applicable) and Services in any form or media or by any means; or attempt to de-compile, reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software and Services or Documentation; 

2.4.2 attempt to access any network, system or database through the Software, Services or Documentation except within the ordinary available functionality of the Software and Website; or access all or any part of the Software, Services or Documentation in order to build a product or service which competes with the Software, Services or the Documentation; or   

2.4.3 use the Software, Documentation or Services to provide services to third parties or for resale, other than in line with the purposes of this Agreement; or 

2.4.4 license, sell, rent, distribute or otherwise commercially exploit the Software, Services or Documentation or make it available to any third party except the Authorised Users for the purposes of this Agreement; or 

2.4.5 introduce or permit the introduction of, any Virus or Vulnerability into CERTSURE's network, Software and information systems. 

2.5 The Customer shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Software, Services and the Documentation and, in the event of any such unauthorised access or use, promptly notify CERTSURE at 03330156630 or email: nocsfeedback@certsure.com, providing all relevant details. 

2.6 CERTSURE reserves the right to amend or issue new usernames and passwords/codes or require the Customer to procure any Authorised Users change their usernames or passwords/codes at any time. 

2.7 The rights provided under this clause 2 are granted to the Customer only, and shall not be considered granted to any subsidiary or holding company or affiliate of the Customer. 

3 Data Protection 

3.1 To the extent that either party processes personal data as a controller, that party shall comply with the Data Protection Laws. 

3.2 CERTSURE shall process personal data pertaining to the Customer as an independent controller, to the extent that such processing is necessary for contract administration purposes, to ensure proper use of NOCS, and for reporting, development and analytics purposes. Such personal data shall be processed in accordance with CERTSURE's privacy notice (as may be amended from time to time): Our privacy policy. 

3.3 The parties agree that for the purposes of the Data Protection Laws, to the extent that CERTSURE processes Customer Data in connection with the delivery of the Services as further specified in Schedule 5, the Customer is the controller and CERTSURE is the processor. Schedule 5 describes the subject matter, duration, nature and purpose of processing and the personal data categories and data subject types in respect of which CERTSURE may process the personal data in accordance with this Agreement. 

3.4 CERTSURE must do all of the following where it is a processor to the Customer as a controller: 

3.4.1 only process Customer Data to the extent, and in such a manner, as is necessary for delivery of the Services in accordance with the Customer's documented instructions unless required to do so by Domestic Law, in which case CERTSURE shall inform the Customer of that legal requirement, unless such notification is prohibited by Domestic Law on important grounds of public interest. 

3.4.2 ensure that persons authorised by CERTSURE to process Customer Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality. 

3.4.3 take all measures required pursuant to Article 32 UK GDPR. 

3.4.4 taking into account the nature of the processing, assist the Customer, at the Customer's cost, by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Customer's obligation to respond to Data Subject Requests. 

3.4.5 at the Customer's cost, assist the Customer in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the UK GDPR, taking into account the nature of processing and the information available to CERTSURE. 

3.4.6 at the Customer's cost, make available to the Customer all information necessary to demonstrate compliance with the obligations laid down in this clause 3 and allow for and contribute to audits, including inspections, conducted by the Customer or another auditor mandated by the Customer. 

3.4.7 on termination or expiration of this Agreement, CERTSURE must at the Customer's choice securely destroy or return all Customer Data, subject to any legal or regulatory requirement for CERTSURE to retain such Customer Data. 

3.5 CERTSURE may make a Restricted Transfer provided that such transfer complies with the Data Protection Laws. 

3.6 Subject to clause 3.7, the Customer grants its general authorisation for the engagement of Sub-Processors by CERTSURE. As at the date of this Agreement, the Customer has authorised use of those Sub-Processors listed in Schedule 5.  

3.7 CERTSURE shall notify the Customer in writing of any further appointments of, or changes to, Sub-Processors, thereby giving the Customer the opportunity to object to such appointments or changes prior to the engagement of the concerned Sub-Processor(s). The Customer is deemed to have authorised the appointment unless: 

3.7.1 CERTSURE fails to notify the intended appointments or changes to the appointed Sub-Processors; or 

3.7.2 the Customer objects to the appointment within 10 Business Days after CERTSURE informs the Customer in writing of any intended appointment or change. If the parties are unable to resolve any objection made by the Customer within 10 Business Days of CERTSURE's receipt of the objection, then CERTSURE may terminate this Agreement without liability.   

3.8 On the appointment of a Sub-Processor, CERTSURE must enter into a written agreement with the Sub-Processor on terms that meet the requirements of the Data Protection Laws, and in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of Data Protection Laws. CERTSURE will remain liable for all acts or omissions of any Sub-Processor it has appointed.  

4 Services 

4.1 CERTSURE shall use commercially reasonable efforts to provide the Software and Services and make available all Documentation to the Customer (and the Authorised Users) on and subject to the Terms of this Agreement. 

4.2 CERTSURE shall use commercially reasonable efforts to make the Software and Services available 24 hours a day, seven days a week, except for: 

4.2.1 planned maintenance 

4.2.2 unscheduled maintenance. 

4.3 CERTSURE will, as part of the Services and at no additional cost to the Customer, make commercially reasonable efforts to provide the Customer with CERTSURE's standard customer support services during Normal Business Hours in accordance with CERTSURE's Support Services Policy.  

4.4 CERTSURE will notify the Customer via appropriate communication channels such as email, social media as soon as reasonably practicable of any material incidents affecting the availability of the Services. 

5 Customer data 

5.1 The Customer (and its licensors) shall own all right, title and interest in and to all of the Customer Data.  The Customer hereby grants (and shall procure the grant of, as necessary) to CERTSURE a non-exclusive, non-transferable, royalty-free, sub-licensable (subject to clause 5.2), licence to use the Customer Data and the Intellectual Property Rights in and to it for the purposes of:  

a)  providing the Services and performing this Agreement; and 

b)  at any time (including following termination of the Agreement), analysing, testing, training, comparing and informing any corrections, improvements and enhancements of the Software and Services, provided that any such use is limited to versions of Customer Data that do not allow identification of the Customer and complies with CERTSURE'S confidentiality obligations and any applicable data privacy laws and data privacy provisions in the Agreement.  

5.2 CERTSURE's sublicensing rights under clause 5.1 are limited to sublicensing to: (a) contractors that are engaged by CERTSURE to host and support the Services; and (b) affiliates of CERTSURE involved in managing or providing the Software, Services or Documentation or CERTSURE's obligations under the Agreement.  

5.3 Without prejudice to CERTSURE's obligations under applicable data protection and privacy laws, the Customer shall have sole responsibility and Liability for the legality, rights of use, useable formatting and quality of all Customer Data. Customer agrees that it will provide or input Customer Data in accordance with all applicable laws having obtained any necessary consents, licences and approvals. The Customer acknowledges that the Software and Services depend on the quality of the Customer Data that is provided or made available by the Customer, and agrees that the Customer Data it provides or makes available will be accurate and complete.     

5.4 CERTSURE shall make commercially reasonable efforts to follow its archiving procedures for Customer Data as set out in its Back-Up Policy.  In the event of any loss, corruption or damage to Customer Data, the Customer's exclusive remedy against CERTSURE shall be for CERTSURE to use commercially reasonable efforts to restore the lost or damaged Customer Data from the latest back-up of such Customer Data maintained by CERTSURE in accordance with the archiving procedure described in its Back-Up Policy. CERTSURE recommends that Customer maintains in place its own systems for the storage and back-up of all Customer Data. Except with respect to any specific obligations of confidentiality and data protection in the Agreement, CERTSURE disclaims all Liabilities arising from loss of, damage to or corruption of, Customer Data.  

6 Third party websites 

The Customer acknowledges that the Software and Services may enable it to access the website content of, correspond with, or access information and services from, third parties via third-party websites, and that it does so solely at its own risk.  Any such arrangement entered into with any third-party website is between the Customer and the relevant third party, and not CERTSURE.  CERTSURE recommends that the Customer refers to any such third party's website terms and conditions and privacy policy prior to using the relevant third-party website. 

7 Certsure's obligations 

7.1 CERTSURE undertakes that the Software will be provided and the Services will be performed substantially in accordance with the specifications set out in Schedule 1 and any applicable Documentation, and with reasonable skill and care. 

7.2 If CERTSURE fails to comply in any material respect to the obligation in clause 7.1, CERTSURE will, at its expense, use commercially reasonable efforts to remedy the failure by bringing the Software and Services into conformance with clause 7.1.  CERTSURE may opt at its cost to reperform the Services, amend the Software or Documentation, or take other steps to remedy the failure. Alternatively, at its option, CERTSURE may pay a refund to the Customer relating to affected Services. The steps taken by CERTSURE in accordance with this clause 7.2 will be Customer's exclusive remedy for any failure by CERTSURE to provide the Software and Services in accordance with this Agreement. The Customer agrees to cooperate reasonably with CERTSURE to facilitate any remedy proposed under this clause 7.2, which may include repeat collection and assessment of Customer Data and generation of replacement Output Documents. The Customer agrees to give prompt written notice of any problems, issues and complaints and allow CERTSURE an opportunity to remedy any failure in accordance with this clause 7.2.  

7.3 CERTSURE: 

7.3.1 does not warrant that: 

(a) the Customer's use of the Software and Services will be uninterrupted or error-free; or 

(b) that the Software, Services, Documentation or any information and results obtained by the Customer through the Services will meet the Customer's requirements, be fit for any purpose or allow the Customer to achieve any particular result; or 

(c) the Software, Services or Documentation will comply with any schemes, standards, codes, certifications or regulatory requirements other than as expressly specified by Certsure.  

7.3.2 is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the Customer acknowledges that the Software, Services and Documentation may be subject to limitations, delays and problems inherent in the use of such communications facilities. 

8 Customer's obligations 

8.1 The Customer shall: 

8.1.1 without affecting its other obligations under this Agreement, comply with all applicable laws and regulations and codes with respect to its (including its Authorised Users') activities under and in connection with this Agreement, including compliance with applicable schemes, standards, codes or regulatory requirements relating to Customer Data and the Customer's own business and services; 

8.1.2 ensure that the Authorised Users understand, acknowledge and comply with the Agreement, and not do anything that puts the Customer in breach of the Agreement; 

8.1.3 ensure that the Authorised Users access and use the Software, Services and the Documentation in accordance with these Terms, and only for the purposes of this Agreement, and the Customer shall be fully responsible and liable for any Authorised User's actions in breach of this Agreement;  

8.1.4 monitor the Authorised Users' access and use of the Services; and 

8.1.5 without prejudice to CERTSURE's obligations, obtain and maintain all necessary licences, consents, and permissions, including in respect of any Customer Data, necessary for CERTSURE and its agents to perform their obligations under this Agreement lawfully. 

8.2 It is the Customer's responsibility to ensure that the Software and Services are sufficient and suitable for its purposes and will meet its requirements. The Customer is wholly responsible and liable for its use of Output Documents. 

8.3 The Customer acknowledges and agrees that it shall be wholly responsible for complying with its own professional and regulatory obligations and duties of care in respect of the conduct of Customer's business and provision of its own services, and CERTSURE shall not be responsible or liable for any failures by Customer to undertake those obligations and meet those duties of care.  Nothing in this Agreement causes CERTSURE to assume responsibility or liability with respect to those duties and obligations or replaces the Customer's need to exercise its own skill, care, experience and professional duties and judgment in the course of carrying out its business.  

9 Charges and payment 

9.1 The Customer shall pay the Fees to CERTSURE in accordance with this clause 9 and the applicable payment terms specified in Schedule 2. 

9.2 The Customer shall on the Effective Date or promptly thereafter provide to CERTSURE valid, up-to-date debit card or other banking account details acceptable to CERTSURE and any other relevant valid, up-to-date and complete contact and billing details. The Customer shall pay each invoice issued by CERTSURE on receipt of receiving the invoice. 

9.3 If the Customer is late in paying any part of any undisputed sums due to CERTSURE, CERTSURE may do either or both of the following: 

9.3.1 give the Customer at least 14 Business Days' notice that it is suspending all Authorised Users' access to the Software and Services until CERTSURE receives the outstanding sum(s) in full; and 

9.3.2 charge interest which shall accrue in accordance with the Late Payment of Commercial Debts (Interest) Act 1998 from the due date until payment (after as well as before judgment), such interest to run from day to day and to be compounded monthly. 

9.4 All Fees stated or referred to in this Agreement: 

9.4.1 shall be payable in pounds sterling; 

9.4.2 are non-cancellable and non-refundable (unless due to CERTSURE'S material breach of Agreement); 

9.4.3 are exclusive of value added tax (VAT), which shall be charged or added to CERTSURE's invoices at the appropriate rate. 

9.5 CERTSURE shall be entitled to increase the Fees on each anniversary of the Effective Date, and the relevant sums and provisions of this Agreement shall be deemed to have been amended accordingly. By continuing to use the Software and Services following notification, Customer shall be deemed to have accepted any such increase in the Fees. 

10 Proprietary rights  

10.1 The Customer acknowledges and agrees that CERTSURE and/or its licensors own (and shall retain) all Intellectual Property Rights in and to the Software, Services and the Documentation (including any updates, new versions, amendments, developments or improvements to them).  Except as expressly stated in this Agreement, this Agreement does not grant the Customer (or any Authorised User) any rights to, under or in, any Intellectual Property Rights in respect of the Software, Services or the Documentation. 

10.2 In accordance with clause 5.1, CERTSURE acknowledges and agrees the Customer and/or its licensors own (and shall retain) all Intellectual Property Rights in and to all Customer Data.   

10.3 The Customer acknowledges and agrees that CERTSURE and/or its licensors will own all Intellectual Property Rights in and to all Output Documents (except in respect of any Customer Data that may be provided with or contained in an Output Document, which shall remain owned by the Customer).  CERTSURE hereby grants to the Customer a non-exclusive, non-transferable, sub-licensable (including to clients of the Customer), worldwide, perpetual licence to use the Output Documents, subject to the following permissions and restrictions:  

10.3.1 Use is permitted for the Customer's business purposes only in line with the scope and purposes of this Agreement. 

10.3.2 Sublicensing to other software service providers supplying similar or competing services is not permitted. 

10.3.3 Use includes, without limitation, copying, disclosing and making available the Output Documents, provided the recipients are sublicensees (including clients of the Customer), relevant regulatory authorities or other persons that the Customer is entitled to disclose to pursuant to this Agreement.  

10.3.4 The Customer will not make any promises or representations about the Output Documents on CERTSURE's behalf. 

10.4 To the extent that any Intellectual Property Rights in Output Documents vest in the Customer or any person using the Software, Services or Documentation on behalf of the Customer by operation of law, the Customer hereby assigns and agrees to assign absolutely its and their right, title and interest in those Intellectual Property Rights to CERTSURE.  The Customer will provide assistance and execute documents, and procure the same from relevant third parties, to bring about the agreed ownership of Output Documents at CERTSURE's request.  

10.5 This section 10 shall survive termination of the Agreement howsoever arising.  

11 Confidentiality  

11.1 Each party may be given access to or receive disclosure of Confidential Information of the other party in order to perform its obligations under this Agreement.  A party's Confidential Information shall not be deemed to include information that: 

11.1.1 is or becomes publicly known other than through any act or omission of the receiving party; 

11.1.2 was in the other party's lawful possession before the disclosure; 

11.1.3 is lawfully disclosed to the receiving party by a third party without restriction on disclosure; or 

11.1.4 is independently developed by the receiving party without any reliance on the disclosing party's Confidential Information, which independent development can be reasonably demonstrated by supporting written evidence. 

11.2 Subject to clauses 11.4 and 11.5, each party shall hold the other party's Confidential Information securely and in confidence and not make the other party's Confidential Information available to any third party, or use the other's Confidential Information for any purpose other than the performance of obligations and exercise of rights under this Agreement. 

11.3 Each party (including acting by any Authorised User) shall take all reasonable steps to ensure that the other's Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this Agreement. 

11.4 CERTSURE may disclose the Customer's Confidential Information to: (a) those of its subcontractors that necessarily require access to it to enable CERTSURE to perform its obligations under this Agreement; and (b) its relevant affiliates involved in the provision or management of the Services, provided in each case that the recipient owes an applicable duty of confidentiality to CERTSURE at least equivalent to CERTSURE's confidentiality obligations assumed under this Agreement.   

11.5 A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction, provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of such disclosure as possible and, where notice of disclosure is not prohibited and is given in accordance with this clause 11.5, it takes into account the reasonable requests of the other party in relation to the content of such disclosure (including allowing the disclosing party to make representations to the person requesting disclosure, if lawful). 

11.6 The Customer acknowledges that details of the Software, Services and Documentation, and the results of any performance tests of the Services, constitute CERTSURE's Confidential Information. 

11.7 Unless otherwise agreed, CERTSURE may identify the Customer as a customer of CERTSURE on CERTSURE websites and in CERTSURE marketing materials.  CERTSURE may use the Customer's name and main logo for this limited purpose. 

12 Indemnity 

12.1 Except to the extent caused by any breach by CERTSURE of this Agreement, the Customer shall indemnify and keep fully indemnified CERTSURE against any and all Liabilities, losses, penalties, damages, charges, claims, demands, actions, proceedings, judgments, costs and expenses which CERTSURE, its affiliates or its or their employees, officers, directors, agents, contractors or authorised representatives ("Indemnified Persons") may incur or suffer in connection with the Customer's provision of Customer Data or the use of the Software, Services, Documentation or Output Documents, arising in respect of: 

12.1.1 any third party allegation or claim relating to any product or service that is created or provided by or on behalf of the Customer or its agents, including by its Authorised Users; and 

12.1.2 any non-compliance by the Customer or an Authorised User with applicable laws or regulatory requirements; and 

12.1.3 any non-compliance by Indemnified Persons with applicable laws (including applicable data privacy laws) or regulatory requirements, to the extent caused by the Customer's breach of this Agreement or applicable laws or regulatory requirements; and 

12.1.4 any third party allegation or claim of infringement of Intellectual Property Rights, misuse of Confidential Information or breach of third party rights in connection with CERTSURE's receipt and use of Customer Data in accordance with the Agreement or Customer's breach of the Agreement. 

12.2 The Customer shall be liable to indemnify CERTSURE pursuant to clause 12.1 provided that: 

12.2.1 the Customer is given prompt notice of any such claim; and 

12.2.2 CERTSURE provides reasonable co-operation to the Customer in the defence and settlement of such claim, at the Customer's expense. 

12.3 The indemnity in clause 12.1 applies to Indemnified Persons as if their relevant Liabilities were incurred or suffered by CERTSURE.  

12.4 This section 12 shall survive termination of the Agreement howsoever arising.  

13 Limitation of Liability  

13.1 Except as expressly and specifically provided in this Agreement: 

13.1.1 the Software, Services and Documentation are provided to the Customer on an "as is" basis; 

13.1.2 CERTSURE does not give any warranty that the Output Documents are free of errors and omissions, and Customer shall be responsible for checking and verifying all results of the Services; 

13.1.3 CERTSURE shall have no Liability for any damage, loss or failure caused by errors or omissions in any Customer Data;  

13.1.4 CERTSURE does not assume responsibility or Liability for any regulatory approval or authorisation required by Customer in the course of carrying out Customer's business; and 

13.1.5 all warranties, representations, conditions and all other terms implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from this Agreement. 

13.2 Nothing in this Agreement shall exclude or limit the Liability of CERTSURE: 

13.2.1 for death or personal injury caused by CERTSURE's negligence;  

13.2.2 for fraud or fraudulent misrepresentation; or 

13.2.3 any other Liability which cannot be excluded or limited by applicable law. 

13.3 Subject to Clause 13.2, CERTSURE shall not in any circumstances have any Liability for: 

13.3.1 indirect or consequential losses, damages, costs or expenses; 

13.3.2 loss of actual or anticipated profits; 

13.3.3 loss of contracts; 

13.3.4 loss of revenue;  

13.3.5 loss of goodwill, or reputation;  

13.3.6 loss of business, or opportunity; or 

13.3.7 loss of, damage to or corruption of, any data, including Customer Data (unless and to the extent CERTSURE has an express obligation of confidentiality or data protection, under this Agreement), 

whether or not such losses were reasonably foreseeable or CERTSURE or its agents had been advised of the possibility of the Customer incurring such losses.  For the avoidance of doubt, Clauses 13.3.2 to 13.3.7 apply whether such losses are direct, indirect, consequential or otherwise. 

13.4 Subject to clause 13.2, the total aggregate Liability of CERTSURE for all causes of action arising in each Contract Year shall be limited to the greater of: (a) £1,000; or (b) 110% of the total sums paid and payable, in aggregate, by the Customer to CERTSURE under this Agreement, in that Contract Year. This limitation of Liability has effect in relation both to any Liability expressly provided for, and to any Liability arising by reason of the invalidity or unenforceability of any term, under this Agreement. 

13.5 CERTSURE will not incur or suffer any Liability in connection with this Agreement to the extent that the relevant failure, act or omission giving rise to that Liability was caused by the Customer's or its Authorised Users' acts or omissions, where those acts or omissions breach this Agreement or any connected duty (including in negligence) or contravene CERTSURE's reasonable instructions. 

13.6 This section 13 shall survive termination of the Agreement howsoever arising.  

14 Term and termination 

14.1 This Agreement shall start on the Effective Date and continue in force until: 

14.1.1 the Customer ceases to be a NICEIC Certified Business, at which point the Agreement shall terminate automatically from the date the Customer is no longer a NICEIC Certified Business; or 

14.1.2 CERTSURE gives the Customer no less than 60 days' written notice of its intention to terminate the Agreement for convenience, in which case the Agreement shall terminate automatically upon the expiry of the notice period; or  

14.1.3 it is otherwise terminated in accordance with the terms of this Agreement. 

14.2 Without affecting any other right or remedy available to it, either party may terminate this Agreement with immediate effect, by giving written notice to the other party if: 

14.2.1 the other party fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 14 days after being notified in writing to make such payment; 

14.2.2 the other party commits a material breach of any term of this Agreement which breach is irremediable, or (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified in writing to do so; or 

14.2.3 the other party suspends or ceases the relevant part of its business or its payment of debts or becomes the subject of insolvency proceedings which are not dismissed within applicable time limits for challenging the proceedings. 

14.3 CERTSURE may suspend its obligations under this Agreement immediately on written notice if any of its rights to terminate arise pursuant to clauses 14.2.1 and 14.2.2, and CERTSURE shall be entitled to maintain such suspension for so long as any payment due remains outstanding or a material breach remains unremedied. CERTSURE may also suspend its obligations under this Agreement if the Customer is suspended as a NICEIC Certified Business , for so long as the suspension persists. 

14.4 On termination of this Agreement for any reason: 

14.4.1 subject to clause 14.4.3, all licences, rights and permissions granted to the Customer (and each Authorised User) under this Agreement shall immediately and automatically terminate and the Customer shall immediately cease all access to and use of the Software, Services and the Documentation, unless otherwise agreed by the parties in writing; 

14.4.2 subject to clause 14.4.3 and unless otherwise agreed by the parties in writing, each party shall return and make no further use of any Documentation, data, Intellectual Property Rights and other items (and all copies of them whether in digital or hard copy form) belonging to the other party; 

14.4.3 subject to clause 5.1b), the Customer instructs CERTSURE to destroy or otherwise dispose of any of the Customer Data in its possession (except Customer Data that is included or incorporated into Output Documents), unless CERTSURE receives, no later than 14 days after the effective date of the termination of this Agreement, a written request for the delivery to the Customer of the then most recent back-up of the Customer Data. CERTSURE shall use commercially reasonable efforts to deliver the back-up to the Customer within 30 days of its receipt of such a written request, provided that the Customer has, at that time, paid all fees outstanding at termination. Unless expressly agreed in writing, the Customer shall pay all reasonable expenses incurred by CERTSURE in returning Customer Data;  

14.4.4 any rights, remedies, obligations or Liabilities of the parties that have accrued up to the date of termination which existed at or before the date of termination shall not be affected. 

15 Force majeure 

15.1 Neither party shall have any Liability for any breach or delay in performance of its obligations under or in connection with this Agreement caused by any act, event, omission or accident beyond its reasonable control, including any actions or omissions of third parties (including hackers, suppliers, couriers, governments, quasi-governmental, supra-national or local authorities), insurrection, riot, civil commotion, war, imposition of sanctions, national emergencies, terrorism, nuclear, chemical or biological contamination or strikes, impacts of epidemic or pandemic, fire, explosion, storm, flood, adverse weather conditions, loss at sea, ash cloud, natural disaster, accident, collapse of buildings, third party software or infrastructure or communications, cyber-attack, problems with public utility supplies (including general electrical, telecoms, water, gas, postal, courier, communications or Internet disruption), shortage of or delay in or inability to obtain supplies or transportation ("Event of Force Majeure"), regardless of whether the circumstances could have been foreseen.  The performance of each party's obligations shall be suspended during the period the circumstances persist, and such party shall be granted an extension of time for performance equal to the period of the delay. If the Event of Force Majeure continues without a break for more than 30 days, either party may terminate this Agreement on giving no less than five Business Days' notice to the other, in which event neither party shall have any Liability to the other Party by reason of such termination.  

16 Miscellaneous 

16.1 Subject to clause 16.2, no variation of this Agreement shall be effective unless it is in writing and agreed by the parties (or their authorised representatives).  

16.2 From time to time CERTSURE may update or amend these Terms and the Schedules, including (without limit) due to changes in the Services, changes in law, or otherwise. Where it does so, CERTSURE shall provide reasonable notice to the Customer of such changes, specifying the date upon which they shall take effect.  If Customer does not accept the changes it must notify CERTSURE in writing and cease its access to and use of the Software and Services from the date the changes take effect. If the Customer does not notify CERTSURE of its non-acceptance and by continuing to use the Software and Services, Customer shall be deemed to have accepted any such changes and the relevant provisions and details of this Agreement shall be deemed to have been amended accordingly. 

16.3 No failure or delay by a party to exercise any right or remedy provided under this Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy.  

16.4 If any provision or part-provision of this Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this Agreement.  

16.5 All clauses which expressly or by implication survive termination of this Agreement shall continue in full force and effect, including clauses: 3, 5, 9, 10, 11, 12, 13, 14.4, 15, 16.4, 16.5, 16.8, 16.11, 16.12 and 16.13. 

16.6 Nothing in this Agreement is intended to or shall operate to create a partnership between the parties, or authorise either party to act as agent for the other.   

16.7 The Terms and the Agreement are made only in the English language. 

16.8 This Agreement does not confer any rights on any person or party (other than the parties to this Agreement and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999. 

16.9 This Agreement constitutes the entire agreement between the parties and supersedes and extinguishes all previous agreements, warranties, representations and understandings between them, relating to its subject matter. Each party acknowledges that in entering into this Agreement it does not rely on, and shall have no remedies in respect of, any statement, representation or warranty that is not set out in this Agreement. Each party agrees that it shall have no claim for innocent or negligent misrepresentation or negligent misstatement based on any statement in this Agreement. 

16.10 The Customer shall not, without the prior written consent of CERTSURE, assign, transfer, charge or deal in any other manner with all or any of its rights or obligations under this Agreement. CERTSURE may at any time, without Customer's consent, assign, transfer, charge, sub-licence, sub-contract or deal in any other manner with all or any of its rights or obligations under this Agreement. 

16.11 Any formal notice required to be given under this Agreement shall be in writing and shall be delivered by hand or sent by pre-paid first-class post or recorded delivery post to the other party at its registered address, or such other address as may have been notified by that party for such purposes to the other party from time to time.  A notice delivered by hand shall be deemed to have been received when delivered.  A correctly addressed notice sent by pre-paid first-class post or recorded delivery post shall be deemed to have been received at the time at which it would have been delivered in the normal course of such post. Alternatively, the Customer can serve formal notice via email at this address: nocsfeedback@certsure.com  but such notice will not be deemed valid if the sender receives an automated bounce back (not including out of office). 

16.12 This Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.  

16.13 Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims). 

SCHEDULE 1 - Services specifications  

Under the applicable building regulations in England, Wales, Jersey and the Isle of Man, notifiable work by certified businesses should be checked and certified that the installation complies with the relevant building regulations.    

To satisfy these building regulations NICEIC Online Certification System (NOCS) allows NICEIC certified businesses to create, administer and store Building Regulations Compliance Certificates and notify the relevant local building control body of the work carried out.  

The NICEIC Online Certification System (NOCS) also allows NICEIC certified businesses access to a range of NICEIC branded and unbranded forms to issue for BS 7671, BS 5839 and BS 5266.   

SCHEDULE 2 - Fees 

We charge Fees for the following: 

Any Forms Finalised (they only become chargeable once locked) 

Any Notifications Submitted 

Some Print & Post Services.  

SCHEDULE 3 - Support Services Policy 

Our lines are open Monday to Friday 9am - 5pm. 

Customers can contact the NOCS team on 0333 015 6630 and the Building Control Team on 0333 015 6625. 

Customers are also able to Submit a Support Ticket when logged into the system.  

SCHEDULE 4 - Back-up Policy 

Backup Strategy 

• Daily Backups:  All data within the NOCS infrastructure, including non-transitory buckets, relational databases, and document databases, will be backed up daily (every 24 hours).  

• Retention Period:  Backup data will be retained for a period of 100 days. After this period, backups will be securely deleted.  

Data Recovery 

• Recovery Procedures:  In the event of data loss, recovery procedures will be initiated to restore data from the most recent backup. Recovery processes will be tested periodically to ensure effectiveness. 

• Access Control:  Access to backup data will be restricted to authorised personnel only. Backup data will be encrypted to protect against unauthorised access. 

SCHEDULE 5 - Data Processing Particulars