This Privacy Policy explains how we use your personal information in relation to the Applied online recruitment platform ("Platform"). We really value your trust and your privacy is important to us, so we’ll keep your information secure and manage it in accordance with our legal responsibilities. By providing us with your personal information, you agree to it being used and disclosed in the manner set out in this Policy.
So you can understand what this all means in practice we’ve tried to present this policy in clear language without too much “legal jargon”.
We also want to make it easy for you to quickly find answers to the questions that are most important and relevant to you so we’ve split the policy into three sections:
- Section 1: The bits relevant to people applying for a job ("Applicants");
- Section 2: The bits relevant to employers who are offering jobs (“Hiring Managers”); and
- Section 3: The bits relevant to everyone.
We’ve also included some signposts down the side to guide you in the right direction. We hope this is helpful!
Applied is a trading name of Be Applied Ltd ("we", "us").
Of course, you don’t have to provide your personal information to us, but if you don’t you may not be able to fully benefit from all the services that we can offer through the Platform.
Where we refer to "data controller" or "data processor", we give those terms the meanings they have in the Data Protection Act 1998 (or any legislation which updates or replaces this legislation).
Our nominated representative for data protection matters is our Data Protection Officer, who you can contact at hello@beapplied.com
Information we collect directly from you
Information to enable you to apply for jobs: We collect the personal information we need in order for you to apply for jobs on the Platform which are being advertised on behalf of Hiring Managers. This may include:
- Full name;
- Date of birth;
- Contact details (email address, telephone number, postal address);
- Employment history;
- Education / qualifications;
- Details of experiences and achievements;
- Responses to questions we put to you to obtain equal opportunities data;
- Responses to skill, work and competency questions; and
- Responses to personality questions and aptitude tests.
The Hiring Manager may want to collect some or all of this information by asking you to upload a CV.
We will ask you to provide information relating to protected characteristics, such as your race or religion. Providing this information is entirely optional, and you do so freely. Unless you are successful in your application for the role and give your consent to sharing the information with the hiring company, this information is always anonymised and used solely for statistical and research purposes.
Registration Information: You will also be asked to set up a user account which will allow you to log into and out of the Platform. You need to register a username and password to gain secure access to your account.
Other data you intentionally share: We may collect personal data if you submit it to us in other contexts. For example, if you provide us with a testimonial.
Information we automatically collect about you
Like many website operators, each time you visit the Platform we may automatically collect the following information:
Technical information: including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Information about your visit: including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Referral data: if you arrive on the Platform from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.
Generally, we use your personal information: (i) to process job applications which you make through the Platform. We do this as a data processor on behalf of the Hiring Managers who are the data controllers; (ii) for research purposes, to help test and improve the service we offer through the Platform, to help Hiring Managers make recruitment smart, fair and easy, and (iii) to let you know about other hiring opportunities you might be interested in. We do this as a data controller.
We will only use your information in accordance with this Policy, or where we are required or authorised by law to disclose your information to others, or have your permission to do so. Some more detailed information about the above activities is listed below.
When you complete an application for a role on the Platform, we pass some of that information supplied to the Hiring Manager who has invited you to apply for that role. Some of the data will be passed to them only if you are successful in your application, or if they wish to interview you. We may pass them any of the information you provide to us (except for the equal opportunity data, which we will only pass them if you are specifically OK with this) and some of that data may be referred back to in future hiring rounds.
The Hiring Manager will be responsible for reviewing and responding to the information supplied and otherwise deciding how to proceed with your application. You understand that this means we pass information supplied on to them and that you may receive further direct correspondence from them about the application.
You should refer to the relevant Hiring Manager’s privacy policy and applicable recruitment policies or related terms for specific information relating to the application process and details about how they intend to use personal details contained within your application.
When you sign up, we ask for your consent to use the information you provide to support our recruitment research programme. This improves the service we offer through the Platform.
We are a social purpose company, with a mission to support research into behavioural sciences, including talent analytics and sometimes your information will be used to support our wider research in these areas.
Whenever we publish or publicise findings based on your personal information, those findings will be anonymised so that you cannot be individually identified.
If you agree to support the research programme, we will store a copy of your personal information securely in accordance with this Policy, solely for the purposes of carrying out research. This will be conducted by our hand-selected team of trained scientists, academics and researchers, and sometimes by trusted and carefully selected third parties.
You may withdraw your consent at any time by contacting us using the details set out below.
We internally perform statistical and other analysis on information we collect on the Platform (including usage data, device data, referral data and question and response data) to analyse and measure Applicants’ behaviour and to understand how Applicants use our services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.
We may also use your information: (i) for internal purposes designed to keep our services secure and operational, such as for troubleshooting and testing purposes, and for service improvement and research and development purposes; (ii) for our internal purposes to create and provide new services, features or content. In relation to metadata, we may look at statistics like response rates, question and answer word counts, and publish interesting observations about these for informational or research purposes. When we do this, neither Applicants nor Hiring Managers will be identified or identifiable unless we have obtained their permission; or (iii) to send you notifications about roles similar to the ones you have applied for or we think you might be interested in, or if you are successful, to learn about your experience in the role. You can opt-out of these emails at any time by clicking on the link provided in the email.
We occasionally send you communications of a transactional nature (e.g. service-related announcements, sending you an email including a link to the page containing an application you have started, changes to our services or policies, a welcome email when you first register). You can’t opt out of these communications as they are needed to provide our services to you.
If you’ve signed up to our Newsletter or online resources we’ll occasionally send you emails so you can stay tuned on the latest research developments in how to make recruitment smart, fair and easy! We may also send you updates by email on new roles we think might interest you, if you agree. You can opt-out of receiving the Newsletter, online resources or new role updates at any time by clicking on the link provided in the email. We use profiling and screening techniques to increase the chance that any roles we notify you of by email are relevant to you.
Hiring Managers: We need to share your personal information with the Hiring Managers who have advertised the job you have applied for. If the Hiring Managers direct us to, this might include sharing it with external systems they use as part of their hiring process (an example might be their employee on-boarding system, or their preferred video interview service provider).
We may also provide your information to:
In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or shares.
You understand that we may disclose or share personal information with third parties as outlined above. If you are concerned about these arrangements, please feel free to contact us using the details listed at the bottom of this statement.
We keep your personal information for as long as required to process your role applications, manage your user account, where relevant, to carry out our research and to manage and improve our services to you, and in accordance with legal, tax and accounting requirements.
Where your information is no longer required, we will ensure it is disposed of in a secure manner and, where required by applicable law we will notify you when such information has been disposed of.
Information we collect directly from you
Information to provide services: We collect the personal information we need to offer you our services and manage our relationship with you, or the business you work for, as our customer.
This may include some or all of the following:
- Full name;
- Work contact details (email address, phone number, postal address); and
- Job title / role.
Registration information: You will also be asked to set up a user account which will allow you to log into and out of the Platform. You need to register a username and password to gain secure access to your account.
Other data you intentionally share: We may collect personal data if you submit it to us in other contexts. For example, if you provide us with a testimonial.
Billing information: If you make a payment to Applied, we require you to provide your billing details, such as a name, address, email address and financial information corresponding to your selected method of payment (e.g. a credit card number and expiration date or a bank account number). If you provide a billing address, we will regard that as the location of the account holder.
Payments are processed in partnership with a third party provider, Stripe Payments UK Limited. Their privacy policy is available at https://stripe.com/gb/privacy. We do not collect or process your credit or debit card details. These are however collected and processed by Stripe. Both we and Stripe comply with applicable PCI standards.
Information we automatically collect about you
Like many website operators, each time you visit the Platform we may automatically collect the following information:
Technical information: including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
Information about your visit: including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Referral data: If you arrive on the Platform from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.
Generally, we use your personal information to create your customer account, to communicate with you about the roles you advertise on the Platform, and to contact you regarding changes or updates to the services we provide.
We may also contact you to provide you with information about our products and services, and those of carefully selected third parties, in each case where we have your prior consent. You can opt-out of receiving these communications by contacting us directly, or by using the link provided in our emails.
We will only use your information in accordance with this Policy, or where we are required or authorised by law to disclose your information to others, or have your permission to do so. Some more detailed information about the above activities is listed below.
We internally perform statistical and other analysis on information we collect on the Platform (including usage data, device data, referral data and question and response data) to understand how Hiring Managers use our services, and to monitor, troubleshoot and improve our services, including to help us evaluate or devise new features.
We may also use your information: (i) for internal purposes designed to keep our services secure and operational, such as for troubleshooting and testing purposes, and for service improvement and research and development purposes; or (ii) for our internal purposes to create and provide new services, features or content. In relation to metadata, we may look at statistics like response rates, question and answer word counts, and publish interesting observations about these for informational or research purposes. When we do this, neither Applicants nor Hiring Managers will be identified or identifiable unless we have obtained their permission.; or (iii) to contact you regarding your experience using the platform and the performance of candidates that have been hired, as a means of improving our service to you.
We occasionally send you communications of a transactional nature (e.g. service-related announcements, changes to our services or policies, a welcome email when you first register). You can’t opt out of these communications as they are needed to provide our services to you.
If you’ve signed up to our Newsletter or online resources we’ll occasionally send you emails so you can stay tuned on the latest research developments in how to make recruitment smart, fair and easy! You can opt-out of receiving the Newsletter or online resources at any time by clicking on the link provided in the email.
We may provide your information to:
Our service providers: who process information on our behalf to help deliver the Platform, for example hosting services and email service providers;
We take steps to ensure that third parties who have access to your personal information treat it with the same consideration that we do. For more information on where these organisations may be located see Section 3 below.
Legal enforcement bodies: We may from time to time be required to disclose information about you to law enforcement bodies, agencies or third parties under a legal requirement or court order. We act responsibly and take account of your interests when responding to any such requests.
For protective purposes: We may need to share your data with others in order to protect our rights, users, systems, and services.
In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or shares.
You understand that we may disclose or share personal information with third parties as outlined above.
We keep your personal information for as long as required to deliver our services to you, where relevant, to manage and improve our services to you, and in accordance with legal, tax and accounting requirements.
Where your information is no longer required, we will ensure it is disposed of in a secure manner and, where required by applicable law we will notify you when such information has been disposed of.
We are committed to handling your personal information and data with integrity and care and invest appropriate resources to protect your personal information, from loss, misuse, unauthorised access, modification or disclosure. However, no internet-based platform can be 100% secure and so there is always a risk of unauthorised or unintended access to your personal data by third parties that is beyond our control.
Your information may be transferred to, stored at or processed by, organisations located in other countries around the world. For example, to allow the processing of payment details you provide or the provision of support services to help us deliver the Platform.
As privacy laws in other countries may not be equivalent to those in your home country, we only make arrangements to transfer data overseas where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws we will take measures to ensure that personal information handled in other countries will receive at least the same level of protection as it is given in your home country. The details of these transfers are as follows:
Amazon Web Services (AWS) hosts our applicant and hirer databases on its servers, some of which are in the USA, and are subject to the EU-US Privacy Shield. (More information here - https://aws.amazon.com/compliance/eu-us-privacy-shield-faq/).
Mailchimp provides assistance in relation to our email newsletter and marketing activities. Mailchimp also has an EU-US Privacy Shield certification. (More information here -
Our corporate servers on which we hold account and billing data are hosted by Google servers, some of which may be in the United States. Google also has a Privacy Shield certification. (More information here - https://www.google.com/policies/privacy/frameworks/).
Inspectlet helps us to identify technical bugs and improve the user experience. (To read more about their GDPR protections, please click here - http://docs.inspectlet.com/hc/en-us/articles/360002994432-Privacy-Impact-Assessment-under-GDPR).
Zendesk is our customer support tool, enabling us to support you if you have questions you need help with. (Full details of their GDPR compliance, including their EU-US Privacy Shield certification, can be found here - https://www.zendesk.co.uk/company/customers-partners/eu-data-protection/).
Slack is a tool we use to communicate as a team and it also allows us to notify clients of key events in their hiring cycle. Slack has an EU-US Privacy Shield certification. (see here for more details - https://slack.com/privacy-shield-notice).
If you provide us with information about other individuals, for example details of a referee or colleague, you must check that they agree to you providing us with their details. Tip: Keep a record of their agreement and provide them with a copy of, or link to, this Policy to avoid any concern.
Other people’s websites
The Platform may contain links to and from websites operated by other people, including Hiring Managers. If you follow a link to any of these websites, please note that these websites have their own privacy policies. We don’t accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Updating your account and preferences
If you register a user account with us please do keep your details up to date and notify us of any changes to the personal information. You can do this through your account login or by emailing hello@beapplied.com.
Cookies
The Platform uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, beyond how it is explained in sections above, feel free to contact us at hello@beapplied.com.
You have the following rights:
- The right to request details of the information we have about you (this is subject to some limitations, for example where meeting your request involves disclosing someone else’s information).
- The right to withdraw your consent to the use of your information where we are relying on that consent (for example, you can opt out of receiving our Newsletter). We may still be entitled to process your information if we have another legitimate reason (other than consent) for doing so.
- In some circumstances, you have the right to receive some of your information in a usable format. This right only applies to information which you have provided to us.
- The right to ask that we update your information if it is inaccurate or incomplete.
- The right to ask that we erase your information in certain circumstances. There may be circumstances where you ask us to erase your information, but we are legally entitled to retain it.
- The right to request that we restrict the processing of your information in certain circumstances. In others, we will be legally entitled to refuse that request.
- If you want to take any of the above actions please contact us via hello@beapplied.com or write to Privacy, Be Applied Ltd, 114 Whitechapel High Street, London, E1 7PT, UK and we will respond to your requests as soon as we reasonably can, but within any legally mandated timeframes.
In certain circumstances (for example where required or permitted by law) we might not be able to provide you with access to some of your personal information. If this is the case we’ll tell you the reasons why.
If your request for access to your information relates to the use of your personal information in the context of your job application (as opposed to our use of your information for research or to communicate with you), you should contact the relevant Hiring Manager directly.
What is the legal basis on which we rely to process personal information?
For some uses, we may process personal information with consent (for example, when you decide to give us answers to optional questions to derive equal opportunities data, or agree to receive our newsletter). You have the right to withdraw your consent at any time by contacting us on the email address below.
On other occasions, we may process personal information when we need to do this to fulfil a contract (for example, for billing purposes) or where we are required to do this by law. If we didn’t process the data for those purposes, we’d be unable to provide you with the Applied service.
We also process your personal information when it is in our legitimate interests to do this and when we consider these interests are not overridden by your data protection rights. Those legitimate interests include using your information for research and analysis purposes, which we aim to do in a way that works to improve the recruitment process for both hirers and applicants.
Information Commissioner’s Office
You have the right to complain to the Information Commissioner's Office (ICO) if you believe we have not handled your request in an appropriate manner. For information on contacting the ICO please see their website (https://ico.org.uk/concerns/).
Updates
We keep this Policy under regular review and may update it from time to time but if we do this we will publish the changes on the Platform, and (if the change is an important one) we may email you to let you know. So please check this policy regularly for changes. If you do not accept the amended Policy, please stop using the Platform.
Any Questions – Contact us!
If you have any questions about this Policy, or would like to exercise your rights with respect to your personal information, please contact us via hello@beapplied.com or write to Privacy, Be Applied Ltd, 114 Whitechapel High Street, London E1 7PT, United Kingdom.
1.1 Be Applied Ltd ("Applied") has developed a customisable cloud computing platform ("Platform") which it makes available to a hiring manager (a “Customer”) via the internet for the purpose of developing a bespoke online application process and providing the Customer with an applicant email contact facility (the "Services").
1.2 The Customer has placed an order ("Order") for the Services which has been accepted by Applied. Each Order entered into by the Customer shall form a separate agreement, incorporating these Terms and Conditions including the Data Processing Terms set out at the end of these Terms and Conditions (“this Agreement”).
1.3 You indicate your agreement to this Agreement by clicking a button when placing your Order, by executing a document that incorporates this Agreement, or by using the Services.
1.4 If you will be using the Services on behalf of an organisation, you agree to this Agreement on behalf of that organisation and you represent that you have the authority to do so. In such case, “you” and “your” and “Customer” will refer to that organisation.
1.5 This Agreement supersedes any arrangements made or existing between the parties and constitutes the entire understanding between the parties. For the avoidance of doubt, any implied terms and warranties shall (to the extent permitted by law) be excluded from this Agreement.
2.1 Upon Applied’s acceptance of the Order either by email or by countersignature of an order form (“Order Acceptance”) and subject to the terms of this Agreement, Applied grants the Customer a non-exclusive, non-transferable, personal right to use the Services during the term of this Agreement for the purposes set out in clause 2.2 below, in accordance with the Subscription limits specified in the Order. Applied shall provide the Services in accordance with the terms of this Agreement. Applied shall make the Platform available to the Customer, who may then make it available to job applicants ("Applicants").
2.2 The Customer shall: (a) use the Platform solely for its own internal business purposes for its own recruitment of personnel in accordance with the user arrangements specified in the Order; (b) not otherwise modify, enhance, copy, redistribute, disseminate, sell, licence, reverse engineer, decompile or reproduce the Platform. In particular (but without limitation) the Customer shall not use the Platform in connection with the operation of any bureau service or outsourced service offering to any third party without the prior written consent of Applied; and (c) not access all or any part of the Platform in order to build a product or service which competes with the Platform or the Services.
2.3 Applied may make available to the Customer a limited right to use the Service on a limited free trial basis (“Free Trial Services”).
2.4 The Customer shall ensure that only those of its employees and individual freelance independent contractors authorised by it to have access to the Services (“Authorised Users”) use the Services and that such use is at all times in accordance with this Agreement.
2.5 The Customer shall:
2.5.1 be liable for the acts and omissions of the Authorised Users as if they were its own;
2.5.2 only provide Authorised Users with access to the Services via the Customer’s authentication credentials provided by Applied and shall not provide access to (or permit access by) anyone other than an Authorised User; and
2.5.3 procure that each Authorised User is aware of Applied’s Privacy Policy and is aware of, and complies with, the obligations and restrictions imposed on the Customer under this Agreement, including all obligations and restrictions relating to Applied’s Confidential Information.
2.6 The Customer warrants and represents that it, and all Authorised Users and all others acting on its or their behalf shall, keep confidential and not share with any third party (or with other individuals except those with administration rights at the Customer organisation as necessary for use of the Services) their password or access details for the Services.
2.7 The Customer shall ensure that Authorised Users at all times comply with all provisions of this Agreement. Any act or omission of an Authorised User in respect of the Services shall be deemed to be an act or omission of the Customer.
2.8 If any password has been provided to or obtained by an individual that is not an Authorised User, the Customer shall, without delay, disable any such passwords and notify Applied immediately.
2.9 The Customer shall comply (and shall ensure all Authorised Users comply) with all applicable laws, rules, and regulations (including applicable data protection laws) that apply to the Services or the User Data.
2.10 Clauses 2.5 to 2.9 (inclusive) shall survive termination or expiry of this Agreement.
3.1 The Order may specify a third party service provider engaged by the Customer (“Third Party Provider”) in respect of which the Customer has an account, (“Third Party Account”), which the Customer wishes to be connected to the Services, Applied shall use all reasonable endeavours to facilitate and maintain such connection by means made available by Third Party Provider to facilitate operation of the Services in conjunction with the Customer’s Third Party Account (“Third Party API”).
3.2 The Customer acknowledges that integration of the Services with a Third Party Provider requires a connection with a valid current Third Party Account and that Applied will have no responsibility for any failure to provide or use the Services in the event that the Customer does not have or maintain a valid current Third Party Account.
3.3 Applied makes no representation, warranty or commitment and shall have no liability or obligation whatsoever in relation to the content or use of, or correspondence with, any Third Party Provider, or any actions completed with or by means of any Third Party Provider.
3.4 Integration with Third Party Provider is provided on the basis of the Third Party API as of the date of Order Acceptance. The Customer shall throughout the term facilitate continued provision by the Third Party Provider to Applied of the Third Party API and access to the Third Party Account. Applied shall use reasonable endeavours to continue such integration but makes no warranty that such integration shall remain throughout the Subscription Period.
3.5 The Customer will abide by Third Party Provider’s terms of service in respect of any use by it of the Services.
3.6 The Customer hereby gives Applied express permission to access and use information from its Third Party Account for the purposes of this Agreement.
4.1 The Customer shall pay to Applied the charges specified in the Order for the Services ("Charges"): (a) within 14 days from receipt of an invoice from Applied; or (b) in accordance with the payment terms and billing method specified in the Order or selected by the Customer through its account management page.
4.2 Where a Customer places an Order on a subscription basis (a "Subscription") a Customer will be billed in advance on a recurring, periodic basis (each a "Subscription Period"). The length of a Subscription Period will depend on what subscription plan is selected when placing an Order.
4.3 Failure to comply with these payment terms shall entitle Applied to: (a) charge interest on the outstanding amount at the rate of 2% above the Barclays Bank rate from time to time per month (or the highest rate allowed by the applicable law, whichever is the lower) from the due date until the outstanding invoiced Charges or outstanding part thereof is paid; and/or (b) suspend access to the Platform.
4.4 Charges are exclusive of all current and future taxes and fees, all of which the Customer will be responsible for and will pay in full.
4.5 All Charges are non-refundable, except as provided in this Agreement or when required by law.
5.1 "Intellectual Property Rights" means all patents, copyright, design rights, domain names, registered designs, trade and service marks (registered and unregistered), rights in know-how, rights in relation to databases, trade secrets, rights in confidential information and all other intellectual property rights throughout the world including: (a) all registrations and pending registrations relating to any such rights and the benefit of any pending applications for any such registrations; and (b) all reversions, extensions and renewals of any such rights.
5.2 The Customer acknowledges that all of the Intellectual Property Rights subsisting in the Platform and the Services are and shall remain the sole property of Applied or its third party licensors. Except as set out in this Agreement, the Customer has no rights to, or in, any Intellectual Property Rights in respect of the Platform or the Services.
5.3 The Customer grants to Applied a perpetual, irrevocable, royalty-free, worldwide licence under any Intellectual Property Rights in (i) any questions in the online application form created by the Customer and presented to Applicants by means of the Services and (ii) any job advertisements and other recruitment materials in respect of which the Customer uses any text analysis tool provided in the Services (“Customer Recruitment Material”) to use the Customer Recruitment Material to gain insights into usage patterns by users of the Services, develop new features or improve existing features, advise users and prospective users on potential improvements to recruitment practices, and to market and sell the Services, and authorise others to do the same. To be clear, any disclosure of the Customer Recruitment Material to any third party will not identify the Customer.
5.4 The Customer grants to Applied a royalty-free, worldwide licence for the term of this Agreement under any Intellectual Property Rights any logo or other trade mark made available to Applied identifying the goods and services of the Customer (“Customer Marks”) for the purposes of (i) providing the Services; and (ii) identifying the Customer as Applied’s customer on Applied’s website and its sales and marketing materials. Any further use of the Customer Marks by Applied shall be subject to the Customer’s prior consent. Applied shall in its use of the Customer Marks comply with any standard brand guidelines policy document notified to it in writing by the Customer. Applied acknowledges that all goodwill generated through Applied’s use of any of the Customer Marks will accrue to the Customer’s benefit and Applied hereby assigns and will assign to the Customer any and all goodwill generated through Applied’s use of any of the Customer Marks, without payment or other consideration of any kind to Applied. Customer may revoke its consent to use Customer Marks at any time upon written notice.
5.5 The Customer agrees that all recommendations, comments and suggestions made by it to Applied in respect of the Services will be deemed non-confidential and Applied shall own all rights to use and incorporate them into the Services, without payment to the Customer.
6.1 Subject to the remainder of this clause 6, Applied warrants that the Services shall operate materially in accordance with the description of the Services’ features and functions (“Service Description”) provided or made available by Applied to the Customer when used in accordance with this Agreement under normal use and normal circumstances during the relevant Subscription Period.
6.2 The Customer acknowledges that clause 6.1 does not apply to Free Trial Services. Free Trial Services are provided ‘as is’ and without warranty to the maximum extent permitted by law. Applied may withdraw access to Free Trial Services at any time without any liability to the Customer.
6.3 The Services may be subject to delays, interruptions, errors or other problems resulting from use of any Third Party Provider, the internet or public electronic communications networks used by the parties or third parties. The Customer acknowledges that such risks are inherent in cloud services and that Applied shall have no liability for any such delays, interruptions, errors or other problems.
6.4 If there is a breach of any warranty in clause 6.1 Applied shall at its option: use reasonable endeavours to repair or replace the impacted Services within a reasonable time or (whether or not it has first attempted to repair or replace the Services) refund the Charges for the impacted Services which were otherwise payable for the period during which Applied was in breach of any such warranty (provided such period is at least 2 consecutive days). To the maximum extent permitted by law, clause 13 (Termination) and this clause 6.4 sets out the Customer’s sole and exclusive remedy (however arising, whether in contract, negligence or otherwise) for any breach of any of the warranties in clause 6.1.
6.5 The warranties in clause 6.1 are subject to the limitations set out in clause 9 and shall not apply to the extent that any error in the Services arises as a result of:
6.5.1 incorrect operation or use of the Services by the Customer or any of its Authorised Users (including any failure to follow the Service Description or failure to meet minimum specifications);
6.5.2 any act or omission of a Third Party Provider or operation of the Third Party Provider service;
6.5.3 use of the Services other than for the purposes for which they are intended;
6.5.4 any act by any third party (including hacking or the introduction of any virus or malicious code);
6.5.5 any breach of this Agreement by the Customer (or by any Authorised User).
6.6 The Customer acknowledges that no liability or obligation is accepted by Applied (howsoever arising whether under contract, tort, in negligence or otherwise) that the Services shall meet the Customer’s individual needs, whether or not such needs have been communicated to Applied or that the operation of the Services shall not be subject to minor errors or defects.
6.7 Other than as set out in this clause 6, and subject to clause 9.6, all warranties, conditions, terms, undertakings or obligations whether express or implied and including any implied terms relating to quality, fitness for any particular purpose or ability to achieve a particular result are excluded to the fullest extent allowed by applicable law.
6.8 Without limitation, Applied shall not have any obligation to ensure that the Services comply with any laws or regulations which apply solely to specific commercial or other activities (such as recruitment business, recruitment agency, insurance, legal advice or other professional services) or which apply solely to a specific commercial or non-commercial sector (or part thereof) (such as the recruitment, HR, public, legal, accountancy, actuarial, insurance, banking or financial service sectors).
7.1 In this clause 7, "Personal Data", "Data Controller" and "Data Processor" shall have the meanings ascribed to them in Data Protection Laws (as defined in the Data Processing Terms).
7.2 'User Data' means the data inputted by the Customer, and Applicants for the purpose of using the Platform or facilitating the Customer's use of the Platform. The Customer shall have sole responsibility for the legality, reliability, integrity, accuracy and quality of the User Data and compliance with Data Protection Laws, including informing Applicants of, and where required, securing necessary consents to, processing of their Personal Data as anticipated in this Agreement.
7.3 Without prejudice to clause 7.5 and 7.6 below (in relation to Copy Data) Applied will process any Personal Data comprised within the User Data on the Customer's behalf as a Data Processor, in accordance with Applied’s Data Processing Terms set out below which are included as part of this Agreement.
7.4 Without prejudice to the Data Processing Terms, in the event of any loss or damage to User Data, the Customer's sole and exclusive remedy shall be for Applied to use reasonable commercial endeavours to restore the lost or damaged User Data from the latest back-up of such User Data maintained by Applied. Applied shall not be responsible for any loss, destruction, alteration or disclosure of User Data caused by any third party.
7.5 The Customer permits Applied to keep a copy of the User Data for use by Applied and any of its group companies (meaning its subsidiaries or holding companies from time to time and any subsidiary of any holding company from time to time) ("Copy Data"). Applied shall be the Data Controller of the Copy Data. Applied may use the Copy Data for purposes of research, inclusion in and improvement of the Applied service, and (with the prior consent of the Applicant) notifying Applicants of roles they may wish to apply for.
7.6 Applied shall be entitled to use the Copy Data to anonymise and aggregate it with other data. Because it will not identify any living individual, such anonymised and aggregated data shall not be Personal Data for the purposes of Data Protection Laws.
7.7 To the extent that the Customer requests that Applied enables any Third Party Provider (as defined in clause 3 above) to interface with User Data by means of the Services, Applied and the Customer acknowledge that the provider of such Third Party Provider is a data processor appointed by the Customer and not by Applied. The Customer, not Applied, shall be entirely responsible for the compliance with Data Protection Laws of any transfer of User Data to any such Third Party Provider, and any act or omission of such third party in respect of the User Data.
7.8 The Services comprise retention of User Data in respect of Applicants for a period of 12 months following the termination or expiry of this Agreement.
8.1 In this clause 8, "Confidential Information" means all confidential information disclosed (whether in writing, orally or by another means and whether directly or indirectly) by one party (“Disclosing Party”) to the other party in connection with this Agreement (“Receiving Party”) whether before or after the date of this Agreement including (i) (in the case of Applied as Disclosing Party) information relating to the Platform or Services, or a user identification code or password for the Platform, and (ii) any of the operations, processes, plans or intentions, product information, pricing, know-how, design rights, trade secrets, market opportunities and business affairs.
8.2 The provisions of this clause 8 shall not apply to any Confidential Information that:
8.2.1 is or becomes generally available to the public (other than as a result of its disclosure by the Receiving Party in breach of this clause);
8.2.2 was available to the Receiving Party on a non-confidential basis before disclosure by the Disclosing Party;
8.2.3 was, is or becomes available to the Receiving Party on a non-confidential basis from a person who, to the Receiving Party's knowledge, is not bound by a confidentiality agreement with the Disclosing Party or otherwise prohibited from disclosing the information to the Receiving Party; or
8.2.4 the parties agree in writing is not confidential or may be disclosed; or
8.2.5 is developed by or for the Receiving Party independently of the information disclosed by the Disclosing Party.
8.3 Each party shall keep the other party's Confidential Information confidential and shall not use such Confidential Information, or disclose such Confidential Information in whole or in part to any third party, except for the purposes of this Agreement or as permitted by this Agreement. For the avoidance of doubt, nothing in this clause 8 shall affect Applied’s use of Customer Recruitment Material as permitted under this Agreement.
8.4 Each party shall ensure that its officers, employees and sub-contractors who have, or may have, access to the other party’s Confidential Information are made aware of and comply with the obligations of confidentiality in this clause 8.
8.5 These obligations of confidentiality in 8.1 to 8.4 above shall continue after termination of this Agreement.
9.1 The extent of Applied’s liability under or in connection with this Agreement (regardless of whether such liability arises in tort, contract or in any other way and whether or not caused by negligence or misrepresentation or under any indemnity) shall be as set out in this clause 9.
9.2 Subject to clause 9.6, Applied’s aggregate liability in respect of Free Trial Services (howsoever arising under or in connection with this Agreement) shall not exceed £50.00 (fifty pounds sterling).
9.3 Subject to clause 9.6, Applied’s total aggregate liability howsoever arising under or in connection with this Agreement shall not exceed an amount equal to the Charges paid to Applied in the 12-month period immediately preceding the first incident giving rise to any claim under this Agreement. This clause 9.3 does not apply to Free Trial Services.
9.4 Subject to clause 9.6, Applied shall not be liable for consequential, indirect or special losses.
9.5 Subject to 9.6, Applied shall not be liable for any of the following (whether direct or indirect):
9.5.1 loss of profit, loss of revenue;
9.5.2 destruction, loss of use or corruption of data;
9.5.3 loss of savings, discount or rebate (whether actual or anticipated); and/or
9.5.4 harm to reputation or loss of goodwill;
9.5.5 loss of anticipated savings.
9.6 Notwithstanding any other provision of this Agreement, Applied’s liability shall not be limited in any way in respect of death or personal injury caused by negligence, fraud or fraudulent misrepresentation, or any other losses which cannot be excluded or limited by applicable law.
9.7 This clause 9 shall survive the termination or expiry of this Agreement.
10.1 The Customer will indemnify and hold Applied harmless against any claim (i) arising from or related to use of the Services by Customer in breach of this Agreement; (ii) alleging that the Customer’s use of the Services infringes any third party Intellectual Property Rights; or (iii) alleging that the Customer’s use of the Services is in breach of any applicable laws, including any Data Protection Laws (as defined in the Data Processing Terms). Applied will promptly notify the Customer of any such claim, and will provide all reasonable co-operation to the Customer in connection with such a claim.
11.1 Applied may at its absolute discretion make, and notify the Customer of, updated versions of these Terms and Conditions, from time to time by notifying the Customer of such update by e-mail together with a copy of the update or a link to a copy of the update (“Update Notification”).
11.2 The Terms and Conditions amended in accordance with the Update Notification shall replace the preceding version of the same for the purposes of this Agreement from the date 14 days after Update Notification of such revised document(s) (“the Update”) (or at such later date as Applied may specify).
11.3 In the event that the Customer reasonably believes that any Update materially impacts it negatively in any manner it may by notice elect to terminate this Agreement provided it exercises such right prior to such Update taking effect pursuant to clause 11.2 on not less than 7 days prior written notice and notifies Applied at the time of exercising such right of the negative impact which has caused it to exercise this right. In the event of such termination the Customer shall receive a pro-rata refund of any pre-paid Charges corresponding to the unexpired portion of the Subscription Period.
12.1 This Agreement shall come into force on Order Acceptance and, unless terminated earlier in accordance with its terms, shall continue for the duration of the period specified in the Order (“Subscription Period”) and any renewals thereof under this clause 12, after which it shall automatically expire.
12.2 Subject to clause 12.4, on expiry of the Subscription Period, the Subscription Period shall continue and automatically renew for a further period of twelve months (“first Renewal Date”) and thereafter renew for a further period of twelve months on each anniversary of the first Renewal Date (each of the first Renewal Date and each such anniversary being a “Renewal Date”). This clause 12.2 shall not apply in respect of Free Trial Services (which shall not renew).
12.3 If either party wishes for the Subscription Period to expire on the next Renewal Date, it may cause the Services to expire on that Renewal Date by notice provided such notice is served by email at least 14 days prior to that Renewal Date. If notice is not served within the timeframes set out in this clause 12.4, the Services shall renew at the next Renewal Date in accordance with clause 12.2.
12.4 Applied shall be entitled to increase the Charges from the next Renewal Date by notice to the Customer provided that Applied shall give notice of such change no less than 28 days prior to the Renewal Date.
13.1 Either party may terminate this Agreement immediately by notice in writing to the other party ("Breaching Party") if any of the following events occurs: (a) the Breaching Party commits any material breach of any term of this Contract which breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 14 days after being notified to do so; (b) the Breaching Party ceases, or threatens to cease, to carry on business; or (c) the Breaching Party takes any step or action in connection with its entering administration, provisional liquidation or any composition or arrangement with its creditors (other than in relation to a solvent restructuring), being wound up (whether voluntarily or by order of the court, unless for the purpose of a solvent restructuring), having a receiver appointed to any of its assets or ceasing to carry on business or, if the step or action is taken in another jurisdiction, in connection with any analogous procedure in the relevant jurisdiction.
13.2 Applied may terminate this Agreement immediately: (a) if there is a change of control (as defined in section 1124 of the Corporation Tax Act 2010) in Customer; or (b) the Customer fails to pay any amount due under this Agreement on the due date for payment and remains in default not less than 10 days after being notified to make such payment.
13.3 Applied may also suspend providing the Services to the Customer if it is investigating suspected misconduct by the Customer.
13.4 Immediately following termination of this Agreement Customer shall cease using the Platform and, if Applied so requires, delete from all computer hardware and storage media and otherwise destroy copies of all documentation, Platform data and other material including Confidential Information that Applied has made available to Customer save for the User Data for which the Customer shall be entitled to access. Customer shall warrant that it has done these acts within thirty (30) days of termination or the date on which Applied requires Customer to delete or destroy such items (as applicable). Customer shall also pay to Applied any Charges that are outstanding.
13.5 Termination shall not affect any of the terms of this Agreement expressed to survive or operate in the event of the termination and shall not prejudice the rights of either party in respect of any breach or in respect of any monies payable for any period prior to termination.
14.1 Applied shall be under no liability to Customer in respect of anything which, apart from this provision, may constitute a breach of this Agreement arising by reason of circumstances beyond the control of Applied.
14.2 Failure or neglect by Applied to enforce at any time any part of this Agreement shall not be construed nor shall be deemed to be a waiver of Applied’s rights hereunder nor in any way affect the validity of the whole or any part of this Agreement nor prejudice Applied’s rights to take subsequent action.
14.3 In the event that any or any part of this Agreement shall be determined by any competent authority to be invalid, unlawful or unenforceable to any extent such term, condition or provision shall to that extent be severed from the remaining terms and conditions which shall continue to be valid and enforceable to the fullest extent permitted by law.
14.4 This Agreement shall not be assigned by Customer without the prior written consent of Applied. Applied reserves the right to assign any or all of its rights under this Agreement.
14.5 A person who is not a party to this Agreement has no rights under the Contracts (Rights of Third Parties) Act 1999 or equivalent legislation outside England and Wales to enforce any term of this Agreement.
14.6 This Agreement and any dispute or claim arising out of, or in connection with, it, its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England and Wales. The parties irrevocably agree that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of, or in connection with, this Agreement, its subject matter or formation (including non-contractual disputes or claims).
15.1 In this Agreement, unless otherwise stated:
15.1.1 the clause, paragraph, schedule or other headings in this Agreement are included for convenience only and shall have no effect on interpretation;
15.1.2 any words that follow ‘include’, ‘includes’, ‘including’, ‘in particular’ or any similar words and expressions shall be construed as illustrative only and shall not limit the sense of any word, phrase, term, definition or description preceding those words;
15.1.3 a reference to ‘writing’ or ‘written’ includes any method of reproducing words in a legible and non-transitory form (including email);
15.1.4 a reference to any English action, remedy, method of judicial proceeding, court, official, legal document, legal status, legal doctrine, legal concept or thing shall, in respect of any jurisdiction other than England, be deemed to include a reference to that which most nearly approximates to the English equivalent in that jurisdiction.
These Data Processing Terms form part of this Agreement. In these Data Processing Terms:
Appropriate Safeguards
means such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time;
Data Controller
has the meaning given to that term (or to the term “controller”) in Data Protection Laws;
Data Processor
has the meaning given to that term (or to the term “processor”) in Data Protection Laws;
Data Protection Laws
means all applicable legislation relating to data protection and privacy which applies to the respective party in the role of Processing Personal Data in question under this Agreement, including GDPR; in each case as amended, repealed, consolidated or replaced from time to time :
(a) in the United Kingdom:
(i) the Data Protection Act 2018; and
(ii) the GDPR, and/or any corresponding or equivalent national laws or regulations;
(b) in member states of the European Union (EU) and/or European Economic Area (EEA): the GDPR and all relevant EU and EEA member state laws or regulations giving effect to or corresponding with the GDPR; and
(c) any Applicable Laws replacing, amending, extending, re-enacting or consolidating any of the above Data Protection Laws from time to time (whether or not before or after the date of this Agreement);
(d) the Privacy and Electronic Communications (EC Directive) Regulations 2003 (UK), Privacy and Electronic Communications Directive 2002/58/EC, any laws which supersedes these regulations and all relevant laws affiliated to a particular country on direct marketing communications.
Data Subject
has the meaning given to that term in Data Protection Laws;
Data Subject Request
means a request made by a Data Subject to exercise any rights of Data Subjects under Data Protection Laws;
GDPR
means the General Data Protection Regulation (EU) 2016/679;
International Organisation
has the meaning given in applicable Data Protection Laws from time to time;
International Recipient
has the meaning given to that term in paragraph 6.1;
Personal Data
has the meaning given to that term in Data Protection Laws;
Personal Data Breach
means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, any Protected Data;
Processing
has the meanings given to that term in Data Protection Laws (and related terms such as process have corresponding meanings);
Processing Instructions
has the meaning given to that term in paragraph 2.1.1;
Protected Data
means Personal Data received from or on behalf of the Customer to the extent that it is processed by Applied on Customer’s behalf in connection with the performance of Applied’s obligations under this Agreement, excluding Copy Data (as defined under this Agreement);
Services
means the Services as defined under this Agreement.
Sub-processor
means another Data Processor engaged by Applied for carrying out processing activities in respect of the Protected Data on behalf of the Customer; and
Supervisory Authority
means any local, national or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering Data Protection Laws.
Specific interpretive provision(s)
In these Data Processing Terms:
(a) a reference to a law includes all subordinate legislation made under that law; and
(b) references to paragraph numbers are to paragraphs of these Data Processing Terms.
Data processing provisions
1. Data Processor and Data Controller
1.1 The parties agree that, for the Protected Data, the Customer shall be the Data Controller and Applied shall be the Data Processor. The Customer acknowledges that Applied also processes a copy of the User Data as Copy Data in the capacity of data controller. These Data Processing Terms do not apply to Copy Data.
1.2 Applied shall process Protected Data in compliance with:
1.2.1 the obligations of Data Processors under Data Protection Laws in respect of the performance of its obligations under this Agreement; and
1.2.2 the terms of this Agreement.
1.3 The Customer shall comply with:
1.3.1 all Data Protection Laws in connection with the processing of Protected Data, the Services and the exercise and performance of its respective rights and obligations under this Agreement, including maintaining all relevant regulatory registrations and notifications as required under Data Protection Laws; and
1.3.2 the terms of this Agreement.
1.4 The Customer warrants, represents and undertakes, that all instructions given by it to Applied in respect of Personal Data shall at all times be in accordance with Data Protection Laws; and
1.5 The Customer shall not withhold, delay or condition its agreement to any change to this Agreement, the Platform or the Services requested by Applied in order to promote compliance with Data Protection Laws by the Services, the Platform, Applied and any Sub-Processor.
1.6 Where the Customer processes the personal data for the purposes of direct marketing the Customer shall ensure that the appropriate level of consent has been obtained from the relevant Data Subjects to allow the Personal Data to be used for the purposes of Direct Marketing in compliance with Data Protection Laws where Direct Marketing means “the communication by whatever means of advertising or marketing material which is directed to particular individuals; and the Customer is solely responsible for effective procedures in place to allow the Data Subject to “opt-out” from having their Personal Data used for such direct marketing purposes.
2. Instructions and details of processing
2.1 Insofar as Applied processes Protected Data on behalf of the Customer, Applied:
2.1.1 unless required to do otherwise by applicable law, shall (and shall take steps to ensure each person acting under its authority shall) process the Protected Data only on and in accordance with the Customer’s documented instructions as set out in this paragraph 2 and the Data Processing Details below, as updated from time to time in accordance by agreement between the parties (“Processing Instructions”);
2.1.2 if applicable law requires it to process Protected Data other than in accordance with the Processing Instructions, shall notify the Customer of any such requirement before processing the Protected Data (unless applicable law prohibits such information on important grounds of public interest); and
2.1.3 shall inform the Customer if Applied becomes aware of a Processing Instruction that, in Applied’s opinion, infringes Data Protection Laws, provided that this shall be without prejudice to paragraphs 1.3 and 1.4.
2.2. The processing of Protected Data to be carried out by Applied under this Agreement shall comprise the processing set out in the Data Processing Details below, as may be updated from time to time by agreement between the parties.
3. Technical and organisational measures
3.1 Applied shall implement and maintain, at its cost and expense, the technical and organisational measures:
3.1.1 in relation to the processing of Protected Data by Applied, as set out in the Data Processing Details below; and
3.1.2 taking into account the nature of the processing, to assist the Customer insofar as is possible in the fulfilment of the Customer’s obligations to respond to Data Subject Requests relating to Protected Data.
3.2 Any additional technical and organisational measures shall be at the Customer’s cost and expense.
4. Using staff and other processors
4.1 The Customer agrees that Applied may engage Sub-Processors to process Protected Data. Applied has currently appointed, as Sub-Processors, the Sub-Processors listed in [https://www.beapplied.com/sub-processors]. Applied shall notify the Customer at least thirty (30) days prior to engage a new Sub-Processor. The Customer shall be given the opportunity to object to any new Sub-Processor and state its grounds for doing so. The Customer acknowledges that Sub-Processors are essential in order for Applied to provide the Services and that objecting to the use of a Sub-Processor may prevent Applied from continuing to provide the Services to the Customer. In the event that Applied is unable to adequately address those objections, either party may terminate this Agreement upon notice without liability to the other. For the avoidance of doubt, in such circumstances Applied shall not be obliged to refund any Charges paid by the Customer.
4.2 Applied shall:
4.2.1 appoint each Sub-Processor under a written contract substantially on the standard terms of business of that Sub-Processor, or containing materially the same obligations as under these Data Processing Terms, that is enforceable by Applied; and
4.2.2 remain fully liable for all the acts and omissions of each Sub-Processor which constitutes a breach of these terms as if they were its own.
4.3 Applied shall ensure that all persons authorised by it to process Protected Data are subject to an obligation to keep the Protected Data confidential (except where disclosure is required in accordance with applicable law).
5. Assistance with the Customer’s compliance and Data Subject rights
5.1 Applied shall refer all Data Subject Requests it receives to the Customer, provided that if the number of Data Subject Requests exceeds 5 per calendar month, the Customer shall pay Applied’s charges calculated on a time and materials basis at Applied’s then current rates for recording and referring the Data Subject Requests in accordance with this paragraph 5.1. Applied shall reasonably assist Customer in responding to Data Subject Requests. Ensure that it does not respond to Data Subject Requests except on the documented instructions of the Customer or as strictly required by applicable laws to which Applied is subject.
5.2 Applied shall provide such reasonable assistance as the Customer reasonably requires (taking into account the nature of processing and the information available to Applied) to the Customer in ensuring compliance with the Customer’s obligations under Data Protection Laws with respect to:
5.2.1 security of processing;
5.2.2 data protection impact assessments (as such term is defined in Data Protection Laws);
5.2.3 prior consultation with a Supervisory Authority regarding high risk processing; and
5.2.4 notifications to the Supervisory Authority and/or communications to Data Subjects by the Customer in response to any Personal Data Breach,
provided the Customer shall pay Applied’s charges for providing the assistance in this paragraph 5.2, such charges to be calculated on a time and materials basis at Applied’s then-current rates for professional services.
6. International data transfers
6.1 The Customer agrees that Applied may transfer Protected Data to countries outside the United Kingdom provided all such transfers by Applied of Protected Data shall (to the extent required under Data Protection Laws) be effected by way of such legally enforceable mechanism(s) for transfers of Personal Data as may be permitted under Data Protection Laws from time to time; . The provisions of this Agreement shall constitute the Customer’s instructions with respect to transfers in accordance with paragraph 2.1.
6.2 This paragraph 6.2 applies where Applied, acting as a data processor, transfers Protected Data to the Customer acting as a data controller, and the Customer is located in a country which is not considered under an adequacy decision of the UK government to provide for a level of data protection as considered adequate pursuant to applicable Data Protection Laws. In this paragraph 6.2, “UK Addendum” means the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (version B.1.0) issued by the United Kingdom’s Information Commissioner. The Customer shall comply with the Importer’s obligations, and Applied shall comply with the Exporter’s obligations, set out in the UK Addendum, which is hereby incorporated into and forms part of this Agreement. In such incorporated UK Addendum: (i) the full legal name, main address and official registration number of the Importer and the Exporter are as set out in this Agreement, and the Start Date is the date of Order Acceptance; (ii) the key contact of each of the Importer and Exporter are as set out in the Order; (iii) for the purposes of the Addendum EU SCCs (as such term is defined in the UK Addendum), module four (processor to controller) is in operation, Clause 7 (Docking clause) shall apply, the optional provisions in Clause 11(a) shall not apply and personal data received from the Importer is combined with personal data collected by the Exporter; (iv) for the purposes of the Appendix Information (as such term is defined in the UK Addendum), the parties are listed and described in this Agreement, and the description of transfers is set out in the Data Processing Details; and (v) for the purposes of Part 1, neither party may terminate the UK Addendum pursuant to Section 19 of such UK Addendum, and the relevant boxes and information in Tables one to three of such incorporated UK Addendum shall be deemed completed accordingly.
7. Records, information and audit
7.1 Applied shall maintain, in accordance with Data Protection Laws binding on Applied, written records of all categories of processing activities carried out on behalf of the Customer.
7.2 Applied shall, in accordance with Data Protection Laws, contribute and allow for audits either by (at its option): (i) making available to the Customer upon reasonable request interviews with Applied personnel and documents, which the Customer must treat confidentially under the confidentiality provisions of this Agreement or under a non-disclosure agreement concluded between the Parties; or (ii) responding to a written security questionnaire submitted to it by the Customer provided that the Customer will not exercise this right more than once per year and will hold Applied’s responses in confidence under the confidentiality provisions of this Agreement.
8. Breach notification
8.1 In respect of any Personal Data Breach involving Protected Data, Applied shall, without undue delay:
8.1.1 notify the Customer of the Personal Data Breach; and
8.1.2 provide the Customer with details of the Personal Data Breach including, as far as reasonably possible:
8.1.2.1 the nature of the Personal Data Breach, including the categories of Data Subjects concerned and the categories of Personal Data and data records concerned;
8.1.2.2 the measures proposed or taken by Applied in cooperation with Customer to address the Personal Data Breach.
9. Deletion or return of Protected Data and copies
9.1 Applied shall, at the Customer’s written request, either delete or return all the Protected Data to the Customer in such form as the Customer reasonably requests within a reasonable time after the earlier of:
9.1.1 the end of the provision of the relevant Services related to processing; or
9.1.2 once processing by Applied of any Protected Data is no longer required for the purpose of Applied’s performance of its relevant obligations under this Agreement,
and delete existing copies (unless storage of any data is required by applicable law and, if so, Applied shall inform the Customer of any such requirement).
DATA PROCESSING DETAILS
1. Subject-matter of processing:
Any personal data comprised within applications for roles processed by means of the Services.
2. Duration of the processing:
For the duration of the provision of the Services (including any retention of Personal Data comprised in the Services).
3. Nature and purpose of the processing:
To provide the Applied recruitment platform and applicant email contact service.
4. Type of Personal Data:
First name, last name, email address, telephone number, responses to questions or tasks prescribed by the Customer; if requested by Customer, curriculum vitae.
5. Categories of Data Subjects:
Applicants for roles processed by means of the Services.
6. Technical and Organisational Security measures applied to the Protected Data:
As set out in our security practices document, which is available on request, simply contact us at questions@beapplied.com.
As a data controller, people trust us to keep their personal data safe. It is our top priority to ensure that your data is safe
All information passed between your web browsers and our systems is encrypted using 128-bit SSL certificates. No information is ever passed unencrypted. Nothing you pass to our servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.
All sensitive data is secured using AES-256, which is one of the most secure methods in common use. All data is stored in one of the most secure datacentres available.
While we do take payment from companies for providing this service, we make sure no payment card details or Direct Debit data touch our servers. Everything is transmitted instantly to our best-in-class fully-audited payment providers.
Applied is operated by a small team of diligent & dedicated people who care about doing things properly. Every team member takes your privacy and security extremely seriously.