(last amended 17 June 2021)

1.              DEFINITIONS

1.1        In these Terms of Use (“Terms”)

Additional Items” means any additional goods (including but not limited to software) and / or services that are provided by us in addition to the Service;

Content” is defined in clause 4.9.2;

Contract” means the order placed by you with us on these Terms and any other document agreed by us to be incorporated in a contract between us both;

Customer Thermometer account” means your account of our Customer Thermometer service;

Data Protection Legislation” means (whilst they are in force):

(a)        the Data Protection Act 1998;

(b)        the EU General Data Protection Regulation (“GDPR”); and

(c)         any successor legislation to the Data Protection Act 1998 or the GDPR and any other applicable laws and regulations relating to the processing of personal data and privacy.

the due date” means the repeat billing date;

Email” means any electronic mail sent from time to time by us on your behalf under the Service using our software, servers and/or system, the Content of which is to be provided by you to us;

List” is defined in clause 4.9.1;

Recipient” means any person who you intend to receive an Email to be sent under the Service;

the Service” means our email customer feedback service, using our software and reporting systems through Customer Thermometer and any Additional Items that you have ordered from us, and we have agreed in writing to supply;

the service fees” means the fees agreed between us both for the provision of the Service by us under the Contract;

Transgression” shall mean any breach of contract, tort or other act of default, omission or statement by us in respect of which we are liable to you;

Unlawful” is defined in clause 4.1.

We” means Customer Thermometer Limited and reference to our consent authority or agreement means consent authority or agreement in writing signed by one of our Directors;

You” means the person firm or company who has entered into this Contract for the Service and includes, for the avoidance of doubt, any resellers of the Service;

1.2        Terms defined in our order form (or previously agreed in other applicable documents, which form part of the Contract) have the same meanings in these Terms.

2.             OUR SERVICE

2.1        We shall provide the Service (being Customer Thermometer), to you under these Terms and the Service shall continue to be supplied, unless the Contract is terminated.  No additions or modifications to these Terms shall be binding unless agreed in writing by us.  In the event of any inconsistency between these Terms and any other document forming part of the Contract, these Terms shall prevail unless expressly referred to and varied with our written consent.  The Contract is not intended to create a partnership or agency relationship between us both.

2.2        We will process information about you and the Recipients in accordance with our privacy policy, from time to time, contained at

2.3        The delivery to or receipt of Emails by any Recipient cannot be guaranteed and is dependent upon (a) complete, full and accurate Lists from you (including but not limited to, up to date email addresses); (b) suitable internet availability or connectivity by the Recipient; and (c) on various anti-spam and junk mail policies adopted by the Recipient.  Whilst we will provide the Service in accordance with the terms of the Contract, we make no representations or warranties whatsoever about the speed or proportion of Emails sent that will be delivered.

2.4        We may, at our sole discretion and upon notifying you in writing, assign, transfer, sub-contract or deal in any other manner with all or any of our rights under the Contract (or any part) to a third party.

2.5        We may, from time to time and without notice, change the Service in order to comply with any applicable statutory requirements and/or industry standard procedures, provided that such changes do not materially detrimentally affect the nature, or scope of the Service or the service fees.


3.1        We shall provide the Service to you with reasonable skill and care and in a professional manner.  All warranties, conditions and other terms implied by statute or common law are excluded to the fullest extent permitted by law from the Contract and these Terms.

3.2        We shall provide you with a 24-hour contact service in order that you may notify us of any interruptions or any other problems with the Service.  We shall use reasonable endeavours to respond to your notification of interruptions or other problems with the Service and to rectify any problems with reasonable diligence and within a reasonable timescale.

3.3        We shall use all reasonable endeavours to ensure that access to the Service will be available at an uptime level of 95%.  For the avoidance of doubt the uptime availability level does not include downtime attributable to:

3.3.1     hardware or telecommunications failures;

3.3.2     interruptions to the flow of data to or from the internet;

3.3.3     changes, updates or repairs to the network or software which we use as a platform to provide the Service;

3.3.4     the effects of the failure or interruption of the Service by third parties;

3.3.5     factors outside our reasonable control;

3.3.6     your actions or omissions (including without limitation, breach of your obligations set out in the Contract) or those of any third parties (including but not limited to breaks in the continuity of the electricity supply or of the telecommunications linked to our server); and

3.3.7     interruptions to the Service resulting from any request by you.

3.4        If the Service is suspended or interrupted, we shall use reasonable endeavours to restore the Service within a reasonable time period.

3.5        If we, in our sole discretion, believe that:

3.5.1     the Service is being used for spam, junk mail, unsolicited or unauthorised advertising, or

3.5.2     you are breaching these terms in any other way,

then we may decide (in our sole discretion) to suspend or terminate the Service and no refund to you of any service fee or other payments will be made.

3.6        We have the right, at our sole discretion, to remove the details of any Recipient from the List supplied by you (under clause 4.9.1 below), for whatever reason (including but not limited to, if we should receive any complaint from a Recipient in respect of any Email received by them).

3.7        We will make reasonable efforts to protect and backup data for you at least once every 24 hours.

3.8        We will not be liable for any lost, corrupted or destroyed data as a result of any suspension or interruption to the Service caused by our providing such a backup service or caused by the failure for whatever reason of any such backup service.

3.9        We do not guarantee the accuracy or regularity of the backup service.  You are also responsible for taking your own backups (via CSV download) in connection with your use of the Service and you are solely responsible for an independent backup of data stored on your or any third party providers’ server and network.  The retrieving of back up files by us may be charged as an Additional Item.

3.10      When we process any personal data on your behalf whilst performing our obligations under this Agreement, we shall process the personal data only in accordance with the data protection obligations, as set out in the Schedule to this Contract.

3.11      Notwithstanding any other provision of this Contract, including but not limited to the data processing obligations in the Schedule, we reserve the right to delete all the data that you have given us no earlier than 90 days after the end of this Contract.

4.              YOUR OBLIGATIONS

4.1        You will be solely responsible for the Content of the Emails sent using the Service and for selecting the Recipients.  You undertake that the Service shall not be used directly or indirectly for any Unlawful purpose and that the Content shall not be Unlawful.  For the purpose of this Contract the term “Unlawful” means in breach of any law, or regulations in force, from time to time in any jurisdiction and shall include but is not limited to: –

4.1.1     civil and criminal offences of copyright and trademark infringement;

4.1.2     transmission or display or posting of abusive, indecent, obscene or pornographic material;

4.1.3     commission of any criminal offence (including deliberate transmission of computer viruses) including, but not limited to, under the Computer Misuse Act 1990 or similar legislation in any country;

4.1.4    any transmission or display or posting of any material which is defamatory, libellous, offensive, abusive, or menacing in character or which causes annoyance, inconvenience or needless anxiety to any other person;

4.1.5     transmission or display or posting of any material in breach of the Data Protection Legislation or the Privacy Electronic Communication (EC Directive) Regulations 2003 (each as amended) or similar legislation in any other country, or of any material which is confidential or is a trade secret;

4.1.6     use of the service in any manner which is a violation or infringement of the rights of any one within the United Kingdom and elsewhere;

4.1.7     the use of the Service for purposes generally deemed to be unacceptable, including spamming, hacking, phreaking, password cracking, pirated software, ROMS, emulators, or IP spoofing or providing “links” or “how to” information to such material; and

4.1.8     the use of the Service for distributing misleading information or a misrepresentation.

4.2        You accept that you are the data controller for the purposes of the Data Protection Legislation in respect of any personal data about a Recipient that we process in the course of providing the Service and you shall be solely responsible for the use of the Recipient’s personal data under this Contract. It is your obligation to ensure that you comply fully with the Data Protection Legislation, including that you have a lawful basis for using the Recipient’s personal data. We both acknowledge that the personal data used under this Contract is collected and processed for the purposes of your business and Customer Thermometer has no control over or information as to the relationship with the data subject, which remain matters solely within your control. We are not liable or responsible for the accuracy or use of such personal data.

4.3        You warrant that our processing of any personal data in accordance with this Agreement and your instructions under it will not infringe or breach any rights of any data subject or be other than in accordance with the Data Protection Legislation).

4.4        We do not accept and shall have no responsibility, or liability, for the Recipient’s personal data or the Content of the Emails sent using the Service or for sending them to Recipients in accordance with the terms of the Contract and you will indemnify us against all and any damages, claims, expenses, losses and costs that we may incur as a result of any breach of clause 4.1 to 4.3 above and Schedule 1.

4.5        You will ensure that that the Content supplied to us complies with all laws, regulations and requirements, in place from time to time, of any country from which it can be accessed and you will indemnify us against all and any damages, claims, expenses, losses and costs that we may incur as a result of any breach of this clause by you.

4.6        We reserve the right to monitor any and all communications passing through the Server in connection with the Service, at all times.

4.7        If the Service is used or we have reasonable cause to believe that it is being used for any Unlawful use we may either suspend or terminate the Service immediately and at the same time as suspension or termination occurs, we shall, if it is lawful to do so, notify you.

4.8        You shall comply with our policies which are in place from time to time in respect of the Service. You further agree to keep your password and other access details for use with the Service confidential and restricted to those members of staff who need to know such details and shall ensure all such staff are aware of the confidential nature of such information.  You are solely responsible for all activities that occur under your password or on or via your Customer Thermometer account.  You shall notify us without undue delay if you believe that your password and other access details for use with the Service are no longer secret.

4.9        You agree to undertake the following, from time to time, in relation to the Service:

4.9.1     the supply, in a timely manner, to us with full and accurate details (including but not limited to, names and email addresses) of all Recipients of the Emails (the “List”);

4.9.2     to supply, in a timely manner, the content, images, designs and any other information you reasonably require to be sent by us in the Emails (the “Content”); and

4.9.3     to instruct us as to when the Emails are to be sent to the Recipients.

4.10      Any date given by us to you about the Service and in particular the sending of Emails to Recipients shall be conditional upon our receiving from you the List, Content and any other information for any Emails in a final form from you, within any timescales specified by us (from time to time). Any delay in your providing such List, Content and any other information will result in our receiving an equivalent extension of time to estimated dates given for sending such Emails.

4.11      Where you submit the Content to us under clause 4.9.2, you:

4.11.1   warrant that such Content is your own original work and/or owned by you and that you have the right to make it available to us for the purpose of the Service and that the Content is and will continue to remain accurate, comprehensive and up-to-date and is not Unlawful;

4.11.2   indemnify us against all legal fees, damages, claims and other expenses that may be incurred by us as a result of your breaching clause 4.11.1;

4.11.3   agree to waive any moral rights in the Content for the purposes of its submission to Recipients as an Email; and

4.11.4   acknowledge and agree that such Content may be copied or downloaded by any Recipients.

4.12      Where you submit Content to us (including without limitation any text or graphics) you are required by such submission to grant to us a perpetual, royalty-free, non-exclusive, sub-licensable right and licence to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, and exercise all copyright and publicity rights with respect to any such work worldwide.

4.13      You accept that you are responsible for dealing with and responding appropriately to any complaints of whatever nature made by any Recipient to us and we do not accept and shall have no responsibility, or liability, for any such complaints made.

4.14      You shall not use the Service for the purposes of spam, junk mail, unsolicited or unauthorised advertising.

4.15      You agree to comply with our Anti-Spam policy, as published on our website from time to time.

5.              TERM AND PRICE

5.1        This Contract will continue for an initial term of 1 month (or as otherwise previously specified in our order form or any other applicable documents which forms part of the Contract) (“the Term”) and, subject to clause 6.1, the Contract will then continue until and unless either party terminates the Contract by serving one month’s written notice on the other party.

5.2        The service fee for the Service shall remain in force for the duration of the Term.  After that time, we reserve the right at our sole discretion to increase the service fee from time to time after providing you with one month’s written notice of the service fees increase.

5.3        You shall pay the service fee by recurring credit or debit card payment on the due date as set out in writing by us from time to time.  If your subscription fails for any reason, then we reserve the right, notwithstanding any other rights or remedies that we may have, to charge an administration fee.

5.4        Time for payment shall be of the essence for the Contract. We reserve the right to suspend the Service or terminate the Contract immediately if the service fee is not received within 7 days of the due date. Any amounts due up to the point of suspension or termination will remain due and payable as if no suspension or termination had occurred.

5.5        If all or part of the price or service fee for the Contract or charges for any Additional Items remain unpaid after the due date we shall be entitled to charge interest on any unpaid balance at 4% above Barclays Bank plc lending base rate for the time being, such interest being due and payable in full together with the unpaid balance.

5.6        Unless otherwise expressly stated by us, all prices or service fee given by us to you under the Contract shall be exclusive of VAT.

6.              TERMINATION

6.1        We shall be entitled to terminate the Contract forthwith and recover all losses or damage resulting to us (including but without limitation to loss of profit or other consequential loss) if:

6.1.1     You have a bankruptcy petition presented against you, or a bankruptcy order is made, if you make or seek to make any composition or arrangement with your creditors, if you make a proposal to your creditors for a voluntary arrangement or apply for an interim order, if an encumbrancer takes possession of any of your assets, or any of your assets are taken in execution or process of law, if a petition is presented or an order is made or a resolution is passed for your winding up, if a petition is presented or an order is made for an administration order to be made in relation to you, or if a receiver or administrative receiver is appointed over any of your assets (or any analogous event occurs to you in any jurisdiction); or

6.1.2     you fail to make any payment owed to us on the due date as specified in Clause 5;

6.1.3     you are in breach of any contract with us (including this Contract) and, if it is capable of remedy, you fail to remedy it within seven working days of written notice requiring it or immediately if the breach shall be not be capable of remedy.

6.2        Termination shall be without prejudice to the rights of either party accrued at the date of such termination.

6.3        Upon termination:

6.3.1     the account may be deleted from our server, unless agreed otherwise by the parties;

6.3.2     all service fees shall immediately become due and payable to us; and

6.3.3     we shall be under no obligation to retain any data (including the Lists) and, provided always that we comply with the requirements of the Data Protection Legislation, we may delete such data as we deem appropriate.


7.1        All intellectual property rights, including copyright, in all software that is supplied or used by us remains either our property or that of our licensor.

7.2        You shall indemnify and keep us indemnified from and against the consequences of our suffering any claims of infringements of any intellectual property rights, including copyrights, patents, trademarks, industrial designs, database rights or other property rights arising from the provision of the Service.

7.3        In the event that any such infringement occurs or may occur, you may request us to modify and / or amend the account content or infringing part so that it becomes non-infringing and if we agree to modify and / or amend the account content we shall be entitled to charge for the additional cost for making the modifications and /or amendments which shall be chargeable at our then current hourly rate.

7.4        You warrant that you have obtained (and for future use, will obtain) all necessary consents, approvals and licences from any third party who has intellectual property rights incorporated as part of the Email, whether now or in the future.


8.1        We shall take all reasonable steps to perform our obligations under the Contract.  We shall not be liable for suspension or interruptions to the Service and any suspension or interruption shall not entitle you to terminate the Contract, subject to clause 3.4.

8.2        Without prejudice to the generality of Clause 8.1, we shall have no liability for any delay or default in performance of any obligation caused directly or indirectly by breakdown or unavailability of computer hardware, software, viruses, hackers, errors, interruptions, bugs, telecoms connections or power supply or any other cause or causes beyond our control.


9.1        We shall not be liable to you for any loss, injury or damage whatsoever or howsoever caused arising directly or indirectly in connection with the Contract, or the Service (including, without limitation, arising out of or in connection with any misuse of data by an unauthorised third party) except as specified in Clause 9.3 or to the extent to which it is otherwise unlawful to exclude such liability.

9.2        Notwithstanding the generality of 9.1 above, we expressly exclude liability for consequential loss, indirect damages, or corruption to other software or data, or for loss of profit, business, revenue, goodwill or anticipated savings.

9.3        We do not restrict our liability for death or personal injury to the extent that it results from our negligence, or anything else that we are prevented by law from excluding.

9.4        To the extent that we are held legally liable to you for any single Transgression, our liability for it shall not exceed the value of the Contract. A number of Transgressions whether successive or concurrent, which together result in or contribute to substantially the same loss or damage shall be treated as a single Transgression.


10.1      You undertake that you shall not during this Agreement and for a period of one-year following its expiry or termination employ or contract the services of any person who is or was employed or engaged by us in connection with the Contract.

11.            WAIVER

11.1      Failure or neglect by us to enforce at any time any of these provisions shall not be construed nor shall be deemed to be a waiver of our rights nor in any way affect the validity of the whole or any part of this Agreement nor prejudice our rights to take subsequent action.

12.            NOTICES

Any notice required under the Contract shall be deemed served if sent by registered or recorded delivery post or by facsimile or e-mail addressed to the party for whom it is intended at such party’s registered or main office or last known address and shall be deemed to have been served 48 hours after the date of posting or 12 hours after the time of transmission if by e-mail.


13.1      The Contract shall be governed by English Law and shall be subject to the jurisdiction of the English Courts.  The text of this Contract and these Terms written in the English language is the authentic text and any difficulties or uncertainties arising shall be solved solely by reference to that text.

13.2      Save for statement or representations confirmed in writing in this Contract, no oral statements of whatsoever nature and by whomsoever made shall form part of the Contract.  In contracting with us you acknowledge that you have not relied on any oral statements or representations made to you save those confirmed as described above.

13.3      Clause headings are for convenience only and do not affect the construction of this document.

13.4      The Contract and the documents referred to in it constitute the entire agreement and understanding of the parties in respect of its subject matter and supersedes and extinguishes any previous agreement, understanding, undertaking, representation, warranty and arrangement between them relating to the Service, save that nothing in the Contract shall operate to limit or exclude any liability for fraud.

Schedule 1 PART 1 – Data Processing Obligations

1)     In this Schedule:

the Controller” means you;
Controller’s Personal Data” means Personal Data of which the Controller is the Data Controller;
Data” shall have the meaning set out in the Data Protection Legislation;
Data Controller” shall have the meaning set out in the Data Protection Legislation;
Effective Date” means the date the Processor first Processes any Controller’s Personal Data;
Personal Data” shall have the meaning set out in the Data Protection Legislation;
the Processor” means us (Customer Thermometer Ltd; and
Processing” shall have the respective meaning set out in the Data Protection Legislation and the term “Processed” shall be construed accordingly.

2)     The Processor agrees to undertake processing of the Controller’s Personal Data for the Controller from time to time upon the terms of this Agreement.

3)     The Controller shall be solely responsible for determining the purposes for which and the manner in which such Personal Data is Processed. However, the Processor shall further be authorised to Process the Personal Data if it is required so to do by the laws of the UK or of any member of the EU, or by the laws of the EU applicable to the Processor to process Personal Data (“Applicable Laws”). Where the Processor relies on laws of the UK, or a member of the EU or EU law as the basis for Processing Personal Data, the Processor shall promptly notify the Controller of this before performing the Processing required by the Applicable Laws unless those Applicable Laws prohibit the Processor from so notifying the Controller.

4)     The Controller will ensure that it has all necessary appropriate consents and notices in place to enable the lawful transfer of the Personal Data to the Processor and the Processing of the Personal Data by the Processor (or any of our authorized sub-processors) for the purposes of this Agreement.

5)     We shall both at all times during the term of this Agreement comply with all applicable requirements of the Data Protection Legislation in relation to the Processing of Personal Data.

6)     The Processor will maintain a written log in accordance with Article 30(2) of the GDPR of applicable Processing performed by it on behalf of the Controller. The log will be available to the Customer via the service dashboard to view and/or export the relevant information. The Processor shall record the following information:

a)     the categories of recipients (other than the Controller) to whom Personal Data have been or will be disclosed by the Processor;

b)     transfers of Personal Data by the Processor to a third party outside the EEA and UK (including the name of the relevant non-EEA country and organisation), and documentation of the suitable safeguards in place for such transfers; and

c)     a general description of the technical and organisational security measures referred to in this Agreement.

7)     Where the Processor Processes Personal Data on the Controller’s behalf, the Processor shall, in respect of such Personal Data:

a)     not access or use Personal Data except as is necessary to provide the Services, and then only as reasonably necessary for the performance of this Agreement;

b)     act strictly in accordance with this Agreement and on the Controller’s written instructions received from time to time;

c)     comply promptly with any request from the Controller to amend, delete or transfer Personal Data;

d)     not disclose Personal Data to any employee, director, agent, contractor or affiliate of the Processor (“Processor’s Personnel”), or any third party, except as is necessary for the performance of the Services, or to comply with applicable laws, or with the Controller’s prior written consent;

e)     implement and maintain appropriate technical and organisational measures:

i)      to protect the security and confidentiality of Personal Data Processed by the Processor in providing the Services;

ii)     to protect Personal Data at all times against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure, access, or Processing; or

iii)    as required under the Data Protection Legislation.

f)      notify the Controller of any request made by a Data Subject under Data Protection Legislation in relation to or in connection with Personal Data Processed by the Processor on the Controller’s behalf and at all times cooperate with and assist the Controller to execute its obligations under the Data Protection Legislation in relation to such Data Subject requests;

g)     process the Personal Data in accordance with the specified duration, purpose, type and categories of Data Subjects as specified in the Schedule to this Agreement or as notified in writing by the Controller to the Processor.

8)     The Processor shall within 24 hours, or earlier if reasonably practicable, of becoming aware, notify the Controller in writing of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data. The notice provided will specify:

a)     the categories and number of the individuals and the records concerned;

b)     the likely consequences of the breach;

c)     any steps taken to mitigate and address the breach; and

d)     specify an appropriate point of contact within the Processor’s organisation who the Controller can contact about the breach.

9)     The Processor will promptly give to the Controller the detail it requests to allow the Controller to understand the impact of the breach. The Processor will promptly comply with any instructions provided by the Controller, and cooperate with the Controller, in relation to the data breach.

10)   The Processor may engage subcontractors to Process Personal Data on the Controller’s behalf provided that (a) the subcontractors agree in writing to adhere to the Applicable Laws and terms broadly similar to the those in this Schedule 1 and the Processor remains liable to the Controller for all actions of the subcontractors.

11)  The Processor shall not, and shall procure that its subcontractors shall not, transfer or Process any Personal Data outside the EEA and/or the UK unless the prior consent of the Controller has been obtained and the following conditions are fulfilled:

a)     appropriate safeguards are in place relating to the transfer in line with the Applicable Laws;

b)     the data subject has enforceable rights and effective legal remedies;

c)     the Processor complies with its obligations under the Applicable Laws by providing an adequate level of protection to any Personal Data that is transferred; and

d)     the Processor complies with reasonable instructions notified to it in advance by the Controller with respect to the processing of the Personal Data.

12)  The consent of the Controller to the transfer pursuant to the arrangements set out in Schedule 1, Part 3 to this Agreement is hereby given.

13)  The Processor shall provide the Controller with such reasonable assistance as the Controller shall require in relation to any complaints made by Data Subjects or investigations or enquiries made by any regulator or supervisory authority relating to the Controller or the Controller’s obligations under the Applicable Laws.

14)  In relation to Personal Data Processed by the Processor under this Agreement, the Processor shall co-operate with the Controller to the extent reasonably necessary to enable the Controller to adequately discharge its responsibility as a data controller under the Applicable Laws (including in respect of the preparation of data protection impact assessments).

15)  The Controller shall have the right to audit the Processor and relevant records and materials as necessary to demonstrate the Processor’s compliance with its obligations under this Agreement and Applicable Laws. At any time, the Processor will co-operate fully to allow and assist such audits, including on-site inspections of its business premises or processing facilities, conducted by the Controller or its auditor.

16)  The Processor will tell the Controller immediately if the Processor is asked to do something which might infringe the Applicable Laws or other data protection law of the EU or a Member State.

17)  The Processor shall ensure that any Processor Personnel with access to Personal Data are both bound by confidentiality obligations in respect of access, use or processing of such Personal Data, and have received appropriate training.

18)  At the Controller’s request, the Processor shall provide a copy of all Personal Data held by the Processor in the format and on the media reasonably specified by the Controller.

19)  On termination or expiry of this Agreement, at the Controller’s request, the Processor shall delete or return to the Controller all Personal Data processed by the Processor on the Controller’s behalf, and the Processor shall delete existing copies of such Personal Data except where necessary to retain such Personal Data strictly for the purposes of compliance with UK, EU or EU Member State Laws applicable to the Processor.

20)  Each party shall be responsible for bearing the costs of its obligations under this Agreement.

21)  Any provision of this agreement that expressly or by implication is intended to come into or continue in force on or after the ending of this Agreement shall remain in full force and effect.

22)  The parties will agree to any reasonable amendment to this Agreement required to bring it into line with any amendment to or re-enactment of any Applicable Laws, in particular to reflect the GDPR, or to allow each of the Parties to comply with any requirement or recommendation of the Information Commissioner or any other data protection or supervisory authority in relation to the Processing of Personal Data.

23)  Return of Personal Data

Notwithstanding any provision above, on the Controller’s request at any time and/or on termination of this Agreement for any reason the Processor shall transfer to the Controller or a third party nominated by the Controller without charge or delay the Controller’s Personal Data (except where and for so long as such Personal Data, records or documentation are required to be kept by the Processor for statutory or regulatory requirements

Schedule 1 – PART 2 Data Processing Information

In this Schedule 1 Part 2, the “customer” is the data controller referred to in Part 1.

·                Subject matter of the processing

The provision to customers of the Service (relating to the provision of, and completion by invited recipients of, satisfaction surveys.

·                Duration

Throughout the term of the contract and as necessary thereafter for any relevant post-termination administration or assistance to the customer.

·                Nature and purpose of the processing

In the course of providing the Service to the customer.

·                Types of personal data processed

Business information including name, email address, address/location, satisfaction level and other information as included in the survey by the customer (as data controller).

·                Categories of data subjects in relation to Personal Data Processed

The customer’s employees and individuals invited by the customer to take part in surveys provided as part of the Service.

Schedule 1 – PART 3 Transfers outside the EEA

Category of recipients                             Sub-processor providing email sending services

Third Country or Organisation                  USA

Available Safeguard

With regard to any Restricted Transfer outside the EEA one of the following transfer mechanisms shall apply, in the following order of precedence:

(a)        EU-U.S.and Swiss-U.S. Privacy Shield Frameworks (“Privacy Shield”) self-certifications (if any);
(b)        the Standard Contractual Clauses;
(c)        any other lawful basis, as laid down in the EU data protection laws, as the case may be.