Membership Policy
North West Cyber Resilience Centre MEMBERSHIP TERMS AND CONDITIONS
These Terms and Conditions are entered into between you (“You”, Your, the “Member”) and CYBER RESILIENCE CENTRE LTD a company limited by guarantee without share capital, incorporated and registered in England and Wales with company number No.12309263 whose registered office is at Cyber Resilience Centre, Manchester Technology Centre, Oxford Rd, Manchester, M1 7ED; and relate to your membership of the North West Cyber Resilience Centre’s membership Scheme.
You warrant that you are 18 years of age or older.
You warrant that if you are accepting these Terms and Conditions on behalf of an entity that is a company, partnership, unincorporated association or any other entity that is not an individual, that you have authority to bind that entity.
BACKGROUND
North West Cyber Resilience Centre (One) is one of nine Regional Cyber Resilience Centres affiliated to each of the Regional Police forces in England and Wales, which Centres deliver strategic partnerships and innovation to improve cyber resilience across supply chains and the SME community in all sectors and (Two) delivers cyber resilience and related services to its customers within the North West Cyber Resilience Centre via the National CRC Group Limited (NCRCG) which supports the nine Regional Cyber Resilience Centres.
In consideration for the Member performing the Member Undertakings, the North West Cyber Resilience Centre agrees to provide the Membership Benefits to the Member on the terms set out in this Agreement.
In consideration for receiving the Membership Benefits, the Member agrees to perform the Member Undertakings on the terms set out in this Agreement.
THEREFORE, the Parties HAVE AGREED and do hereby AGREE as follows:
1. Definitions and Interpretation: In this Agreement, the following words and expressions shall have the meanings set opposite them:
-
Affiliates means any entity directly or indirectly controlling or controlled by or in common control with such entity, where "control" is defined as the ownership of at least fifty percent (50%) of the equity or beneficial interests of such entity, or the right to vote for or appoint a majority of the board of directors or other governing body of such entity;
-
Agreement: these Terms and Conditions and the Schedules;
-
Member Undertakings: the tasks and obligations to be undertaken by the Member as detailed in Schedule 2;
-
Business Day: a day other than a Saturday, Sunday or public holiday in England, when banks in London are open for business;
-
Confidential Information: all information (in whatever form, including in written, oral, visual or electronic form) which is first disclosed by the Discloser to the Recipient during the Term, which relates to information that includes but is not limited to:
-
the existence and terms of this Agreement;
-
any information that would be regarded as confidential by a reasonable business person relating to:
-
the business, affairs, technical data, financial data, customers, clients, suppliers, plans, intentions, or market opportunities of the Disclosing Party;
-
the operations, processes, product information, know-how, designs, trade secrets or software of the Discloser;
-
-
Intellectual Property.
-
any information or analysis derived from Confidential Information.
-
and provided that it is of a nature such that the Recipient knows or should know that it is confidential.
-
-
Controller, processor, data subject, personal data, personal data breach, processing and appropriate technical measures: as defined in the Data Protection Legislation;
-
Data Protection Legislation: means all applicable legislation in force from time to time in the United Kingdom applicable to data protection and privacy including, but not limited to, the UK GDPR (the retained EU law version of the General Data Protection Regulation (EU) 2016/679), as it forms part of the law of England and Wales, Scotland, and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018); the Data Protection Act 2018 (and regulations made thereunder); and the Privacy and Electronic Communications Regulations 2003 as amended and the guidance of the Information Commissioner’s Office;
-
Discloser: the Party disclosing Confidential Information to the Recipient(s);
-
Intellectual Property: patents, utility models, rights to inventions, copyright and neighbouring and related rights, moral rights, trade marks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing off or unfair competition, design rights, rights in computer software, database rights, rights to use, and protect the confidentiality of, Confidential Information (including know-how and trade secrets) algorithms, graphical user interfaces, menu command hierarchy and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world;
-
Mandatory Policies: North West Cyber Resilience Centre's business policies and codes set out in Schedule 3, as amended from time to time;
-
Membership Benefits: the membership benefits, including without limitation any Materials, to be provided to the Member pursuant to the Agreement, as described in Schedule 1;
-
Membership Start Date: the day on which the Member’s membership of the North West Cyber Resilience Centre, and entitlement to Membership Benefits, is to commence the date upon which the Member accepts these Terms and Conditions;
-
Party: means either North West Cyber Resilience Centre or the Member as the case may be and “Parties” shall mean both of them;
-
Privacy Policy: North West Cyber Resilience Centre’s Privacy Policy which can be found here https://www.nwcrc.co.uk/privacy-policy
-
Recipient: the Party or Parties receiving Confidential Information from the Discloser;
-
Schedules; the schedules annexed to this Agreement;
-
Term: the period of one (1) year commencing on the Membership Start Date;
-
North West Cyber Resilience Centre Materials: any documents, materials, images, software, video or sound files or any other such type of content provided or made available by the North West Cyber Resilience Centre via the Membership Benefits; and
-
North West Cyber Resilience Centre Marks: all Trade Marks whether registered or un-registered, logos, branding and others belonging to or licensed to the North West Cyber Resilience Centre or its Affiliates;
In this Agreement:
-
A reference to a statute or statutory provision is a reference to it as amended, extended or re-enacted from time to time. A reference to a statute or statutory provision includes any subordinate legislation made from time to time under that statute or statutory provision.
-
Any words following the terms including, include, in particular, for example or any similar expression shall be construed as illustrative and shall not limit the sense of the words, description, definition, phrase or term preceding those terms.
-
A reference to writing or written includes fax and email.
-
A clause or paragraph is a reference to a Clause of this Agreement (other than the Schedules) or a paragraph of the relevant Schedule.
-
Any reference to the parties includes a reference to their respective personal representatives, successors in title and permitted assignees;
-
Any reference to a person includes any body corporate, unincorporated association, partnership or any other legal entity;
-
Words importing the singular number include the plural and vice versa; and
-
Words importing either gender include the other gender and neuter.
-
The headings in this Agreement are for convenience only and shall not affect its interpretation.
2. Commencement and Term
-
The Agreement shall endure for the Term, unless terminated earlier in accordance with its terms.
3. Membership Benefits/North West Cyber Resilience Centre Obligations
-
In return for the carrying out of the of the Member Undertakings by the Member, the North West Cyber Resilience Centre shall make available the Membership Benefits to the Member throughout the Term in accordance with the Agreement.
-
In making available the Membership Benefits, the North West Cyber Resilience Centre shall:
-
perform the Membership Benefits with reasonable skill and care;
-
use reasonable endeavours to perform the Membership Benefits in accordance with the service description set out in Schedule 1;
-
ensure that North West Cyber Resilience Centre Materials, and all goods, materials, standards and techniques used in providing the Membership Benefits are of satisfactory quality;
-
comply with all applicable laws, statutes, regulations and codes from time to time in force;
-
comply with the Mandatory Policies, provided that North West Cyber Resilience Centre shall not be liable under the Agreement if, as a result of such compliance, it is in breach of any of its obligations under the Agreement; and
-
take reasonable care of all Member Materials in its possession and make them available for collection by the Member on request and subject to reasonable notice, always provided that North West Cyber Resilience Centre may destroy the Member Materials if the Member fails to collect the Member Materials within a reasonable period after termination or expiry of the Agreement.
-
-
North West Cyber Resilience Centre confirms that it will act reasonably and in good faith when complying with its respective obligations under this Agreement.
-
North West Cyber Resilience Centre acknowledges that it must not act in any way which will bring the reputation or business of the Member into disrepute.
-
If North West Cyber Resilience Centre's performance of its obligations under this Agreement is prevented or delayed by any act or omission of the Member, its agents, subcontractors, consultants or employees, North West Cyber Resilience Centre shall:
-
not be liable for any costs, charges or losses sustained or incurred by the Member or any of the other Members that arise directly or indirectly from such prevention or delay;
-
be allowed an extension of time to perform its obligations equal to the delay caused by the Member or any of the other Members;
-
not be required to perform any outstanding obligations following the expiry or termination of the Agreement, while nevertheless being entitled to retain any payment of the Charges; and
-
be entitled to recover any additional costs, charges or losses North West Cyber Resilience Centre sustains or incurs that arise directly or indirectly from such prevention or delay.
-
4. Member Undertakings
-
In consideration of the provision of the Member Benefits by the North West Cyber Resilience Centre, the Member shall:
-
co-operate with the North West Cyber Resilience Centre in all matters relating to the Membership Benefits;
-
provide the Member Undertakings in a good, professional and efficient manner;
-
provide, in a timely manner, such information as North West Cyber Resilience Centre may reasonably require to deliver the Membership Benefits, and ensure that it is accurate and complete in all material respects;
-
comply with the Mandatory Policies, provided that the Member shall not be liable under the Agreement if, as a result of such compliance, it is in breach of any of its obligations under the Agreement;
-
-
The Member confirms that it will act reasonably and in good faith when complying with its respective obligations under this Agreement.
-
The Member acknowledges that:
-
it must not act in any way which will bring the reputation or business of North West Cyber Resilience Centre into disrepute.
-
-
If the Member's performance of its obligations under this Agreement is prevented or delayed by any act or omission of North West Cyber Resilience Centre, its agents, subcontractors, consultants or employees, or any of the Other Members, the Member shall:
-
not be liable for any costs, charges or losses sustained or incurred by the North West Cyber Resilience Centre or any of the other Members that arise directly or indirectly from such prevention or delay;
-
be allowed an extension of time to perform its obligations equal to the delay caused by the North West Cyber Resilience Centre or any of the other Members;
-
not be required to perform any outstanding obligations following the expiry or termination of the Agreement;
-
be entitled to recover any additional costs, charges or losses the Member sustains or incurs that arise directly or indirectly from such prevention or delay.
-
5. Data protection
-
Each Party shall comply with all applicable requirements of the Data Protection Legislation. This clause 5 (Data protection) is in addition to, and does not relieve, remove or replace, a Party's obligations or rights under the Data Protection Legislation.
-
The Parties shall comply with their respective data protection obligations as set out in Schedule 4.
-
The Member acknowledges receipt of the Privacy Policy and warrants that this shall be brought to the attention of any of its employees or contractors undertaking any of the Member Undertakings on behalf of the Member.
6. Intellectual property
-
The North West Cyber Resilience Centre and its licensors shall retain ownership of all Intellectual Property rights owned by The North West Cyber Resilience Centre in the North West Cyber Resilience Centre Materials.
-
The Member shall not have any right to use and is prohibited from using in any way The North West Cyber Resilience Centre”s Marks or Intellectual Property without the prior written consent of the North West Cyber Resilience Centre.
-
Unless expressly states otherwise, nothing in this Agreement shall constitute any representation or warranty that the exercise by the Parties of their respective rights granted under this Agreement will not infringe the rights of any person.
-
The Parties shall comply with all regulations and practices in force or use in the Territory to safeguard Intellectual Property rights of the other Party.
-
The Parties shall not do or omit to do anything to diminish the rights of the other Party in their respective Intellectual property, nor assist any other person to do so, either directly or indirectly.
-
The North West Cyber Resilience Centre may subcontract or delegate in any manner any or all of its obligations under this Agreement to any third party, provided that it gives written notice of such subcontract or delegation to the Member and the North West Cyber Resilience Centre remains liable to the Member for the actions of any subcontractor or delegate.
7. Termination
-
Without affecting any other right or remedy available to it, either Party may terminate this Agreement with immediate effect by giving written notice to the other Party if:
-
the other Party commits a material breach of any other term of this Agreement which breach is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 28 days after being notified in writing to do so;
-
the other Party repeatedly breaches any of the terms of this Agreement in such a manner as to reasonably justify the opinion that its conduct is inconsistent with it having the intention or ability to give effect to the terms of this Agreement;
-
the other Party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or (being a company or limited liability partnership) is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986 as if the words "it is proved to the satisfaction of the court" did not appear in sections 123(1)(e) or 123(2) of the IA 1986;
-
the other Party suspends or ceases, or threatens to suspend or cease, carrying on all or a substantial part of its business; or,
-
For the purposes of clause 7.1.2, material breach means a breach (including an anticipatory breach) that is serious in the widest sense of having a serious effect on the benefit which the terminating Party would otherwise derive from:
-
a substantial portion of this Agreement; or
-
any of the obligations set out in clauses 5 (Data Protection) and 6 (Intellectual Property) and the Mandatory Policies at Schedule 3 over the term of this Agreement.
-
-
In deciding whether any breach is material no regard shall be had to whether it occurs by some accident, mishap, mistake or misunderstanding.
-
On expiry or termination of this agreement for any reason and subject to any express provisions set out elsewhere in this Agreement:
-
all outstanding sums payable by one Party to the other shall immediately become due and payable;
-
all rights and licences granted pursuant to this Agreement shall cease;
-
the Parties shall cease to make any use of the other Party’s Intellectual Property; and,
-
within 30 days after the date of termination both Parties shall promptly destroy all Confidential Information belonging to the other Party except where the same has to be retained by operation of law.
-
-
Any provision of this Agreement that expressly or by implication is intended to come into or continue in force on or after termination or expiry of this Agreement shall remain in full force and effect.
-
Termination or expiry of this Agreement shall not affect any rights, remedies, obligations or liabilities of the Parties that have accrued up to the date of termination or expiry, including the right to claim damages in respect of any breach of the Agreement which existed at or before the date of termination or expiry.
-
8. Limitation of liability
-
To the fullest extent permitted by law, neither Party shall be liable to the other Party for any costs, expenses, loss or damage (whether direct, indirect or consequential, and whether economic or other) arising from each Party's exercise of the rights granted to it under this Agreement.
-
EXCEPT AS EXPRESSLY PROVIDED IN THE AGREEMENT, THE MEMBERSHIP BENEFITS, ARE PROVIDED WITH NO OTHER WARRANTIES OF ANY KIND, AND THE NORTH WEST CYBER RESILIENCE CENTRE DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. THE NORTH WEST CYBER RESILIENCE CENTRE DOES NOT WARRANT THAT THE USE OF THE MEMBERSHIP BENEFITS SHALL BE UNINTERRUPTED OR ERROR-FREE.
-
The maximum liability of either Party under this Agreement shall not exceed the sum of TEN THOUSAND POUNDS (£10,000) STERLING. This cap on liability shall not apply to breach of Clause 5 (Data Protection) or Clause 6 (Intellectual property).
-
References to liability in this Clause include every kind of liability arising under or in connection with the Agreement including but not limited to liability in contract, tort (including negligence), misrepresentation, restitution or otherwise.
-
Neither Party may benefit from the limitations and exclusions set out in this Clause in respect of any liability arising from its deliberate default.
-
Nothing in the Agreement limits any liability which cannot legally be limited, including liability for:
-
death or personal injury caused by negligence;
-
fraud or fraudulent misrepresentation; and
-
breach of the terms implied by section 2 of the Supply of Goods and Services Act 1982 (title and quiet possession).
-
-
This sets out the types of loss that are wholly excluded from the Parties’ respective liability under this Agreement:
-
loss of profits;
-
loss of sales or business;
-
loss of agreements or contracts;
-
loss of anticipated savings;
-
loss of use or corruption of software, data or information (other than personal data);
-
loss of or damage to goodwill; and
-
indirect or consequential loss.
-
-
Whereas the North West Cyber Resilience Centre may have given commitments as to compliance of the Membership Benefits. In view of these commitments, the terms implied by sections 3, 4 and 5 of the Supply of Goods and Services Act 1982 are, to the fullest extent permitted by law, excluded from the Agreement.
9. General
-
Force majeure. Neither Party shall be in breach of the Agreement nor liable for delay in performing, or failure to perform, any of its obligations under the Agreement if such delay or failure result from events, circumstances or causes beyond its reasonable control including, without limitation:
-
acts of God, flood, drought, earthquake or other natural disaster;
-
epidemic or pandemic (whether naturally occurring or man-made);
-
terrorist attack, civil war, civil commotion or riots, war, threat of or preparation for war, armed conflict, imposition of sanctions, embargo, or breaking off of diplomatic relations;
-
nuclear, chemical or biological contamination or sonic boom;
-
any law or any action taken by a government or public authority, including imposing an export or import restriction, quota or prohibition
-
collapse of buildings, fire, explosion or accident;
-
any labour or trade dispute, strikes, industrial action or lockouts (other than in each case by the Party seeking to rely on this clause, or companies in the same group as that Party);
-
non-performance by suppliers or subcontractors (other than by companies in the same group as the Party seeking to rely on this clause); and
-
interruption or failure of utility service including the Internet.
-
-
Confidentiality.
-
For a period of three years from the date of disclosure each Party shall:
-
use Confidential Information solely for the purposes set out in this Agreement (and shall promptly notify the Discloser upon discovery of any unauthorised use or disclosure of Confidential Information);
-
use all reasonable endeavours to keep the Confidential Information safe and secure;
-
not at any time disclose any Confidential Information to any third party including but not limited to any Affiliates, group companies and other associated third parties (save to the extent that such disclosure is required for the proper exercise of that Party’s undertakings under this Agreement and subject to the condition that the Recipient ensures that each person to whom it discloses Confidential Information uses and keeps that information confidential on terms at least as onerous as those which apply to the Parties).
-
-
Each Recipient’s obligations under clause 9.2.1 will not apply to information to the extent that:
-
it is already in the public domain or it subsequently comes into the public domain other than by breach of this Agreement;
-
it was demonstrably already known to the Recipient prior to its acquisition from the Discloser;
-
it has been received from a third party who did not acquire it in confidence from the Discloser nor from someone owing a duty of confidence to the Discloser; or
-
it must be disclosed pursuant to a legal or regulatory obligation placed upon the Recipient, provided that, to the extent permitted by law, the Recipient uses all reasonable endeavours to give the Discloser the opportunity to protect the Confidential Information by protective order or other such means.
-
-
The Recipient may, provided that they have reasonable grounds to believe that the Discloser is involved in activity that may constitute a criminal offence under the Bribery Act 2010, disclose Confidential Information to the Serious Fraud Office and any other relevant authority without first notifying the Discloser of such disclosure.
-
The Recipient may make only such copies of the Confidential Information as are necessary for use in terms of this Agreement. Ownership of all complete and partial copies of the Confidential Information shall at all times remain with the Discloser. Upon the Discloser’s written request, the Recipient will promptly (and in any event within seven days) return or permanently erase or destroy all copies of the Discloser’s Confidential Information (save that a single copy may be retained where required by law) and certify in writing its compliance with this requirement.
-
The Discloser warrants that it has the right to disclose the Confidential Information to the Recipient. No other warranty is made under this Agreement, whether in relation to errors, omissions or otherwise.
-
Each Party agrees that damages may not be an adequate remedy for any breach of this Agreement and accordingly each Party shall, in addition to any other rights or remedies which they may have, be entitled, without proof of damage, to seek injunctive or other such relief for any threatened or actual breach of this Agreement.
-
-
Entire agreement.
-
The Agreement constitutes the entire express agreement between the Parties and supersedes and extinguishes all previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.
-
Each Party acknowledges that in entering into the Agreement it does not rely on and shall have no remedies in respect of any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in the Agreement. Each Party agrees that it shall have no claim for innocent or negligent misrepresentation based on any statement in the Agreement.
-
-
Variation.
-
No variation of the Agreement shall be effective unless it is in writing and signed by the Parties (or their authorised representatives).
-
-
Waiver.
-
A waiver of any right or remedy under the Agreement or by law is only effective if given in writing and shall not be deemed a waiver of any subsequent right or remedy.
-
A failure or delay by a Party to exercise any right or remedy provided under the Agreement or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under the Agreement or by law shall prevent or restrict the further exercise of that or any other right or remedy.
-
-
Severance.
-
If any provision or part-provision of the Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this Clause shall not affect the validity and enforceability of the rest of the Agreement.
-
-
Notices.
-
Any notice or other communication given to a Party under or in connection with the Agreement shall be in writing and shall be:
-
delivered by hand or by pre-paid first-class post or other next working day delivery service at its registered office (if a company) or its principal place of business (in any other case); or
-
Sent by email with confirmation of receipt.
-
-
Any notice or communication shall be deemed to have been received:
-
if delivered by hand, at the time the notice is left at the proper address;
-
if sent by pre-paid first-class post or other next working day delivery service, at 9.00 am on the second Business Day after posting; or
-
if sent by email, at the time of transmission, or, if this time falls outside business hours in the place of receipt, when business hours resume. In this Clause, business hours means 9.00am to 5.00pm Monday to Friday on a day that is not a public holiday in the place of receipt.
-
-
This Clause does not apply to the service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.
-
-
Third party rights.
-
Unless it expressly states otherwise, the Agreement does not give rise to any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of the Agreement.
-
The rights of the Parties to rescind or vary the Agreement are not subject to the consent of any other person.
-
-
No partnership or agency
-
Nothing in this agreement is intended to, or shall be deemed to, establish any partnership or joint venture between any of the Parties, constitute any Party the agent of another Party, or authorise any Party to make or enter into any commitments for or on behalf of any other Party.
-
Each Party confirms it is acting on its own behalf and not for the benefit of any other person.
-
-
Governing law.
-
The Agreement, and any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with it or its subject matter or formation, shall be governed by, and construed in accordance with the law of England and Wales.
-
-
No Partnership
-
Nothing in this Agreement shall create or be deemed to create a partnership (within the meaning of the Partnership Act 1890) or to have created the relationship of principal and agent, a membership or any other legal entity between the Parties other than as specifically set out herein.
-
-
Dispute Resolution
-
The Parties shall use good faith efforts to resolve any dispute, claim or proceeding arising out of or relating to this Agreement via the Steering Group. In the event that any disputes cannot be resolved at this level then the senior executives of the relevant Parties who have authority to settle the same shall use good faith efforts to resolve the same. If the matter is not resolved through negotiation, it shall be settled as agreed by the Steering Group either by:
-
mediation in accordance with the Centre for Dispute Resolution ("CEDR") Model Mediation Procedure (the "Model Procedure"). To initiate a mediation a Party must give notice in writing to the other members of the Steering Group to the dispute requesting a mediation pursuant to the Model Procedure. A copy of the request shall also be sent to CEDR. The mediation shall be before a single, jointly agreed upon, mediator; or
-
reference to the jurisdiction of the Courts in England and Wales.
-
-
If the Steering Committee is unable to select a mutually agreeable mediator or can not agree on the forum in which any dispute is to be held within 60 days of a dispute being notified to the Steering Committee, then the provisions of Clause 11.12.1.2 shall apply.
-
-
Jurisdiction.
-
Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim (including non-contractual disputes or claims) arising out of or in connection with the Agreement or its subject matter or formation.
-
Schedule 1 Membership Benefits
-
Welcome Pack - emailed to you upon membership being agreed.
-
E newsletter emailed monthly containing information around the latest threats and guidance relating to fraud and cybercrime.
-
Resources (such as documents and guides published on the North West Cyber Resilience Centre’s web pages and National Cyber Security Centre advice) to help You protect Yourself and Your business in cyber space.
-
Networking links to Police Cyber and Fraud Protect Officers – delivering a range of services locally.
-
Invitation to events which will either be virtual or face to face.
-
Full briefing about the North West Cyber Resilience Centre’s specialist cyber division services and how they can be tailored for You.
-
Up to date versions of the National Cyber Security Centre’s guidance + complementary supplements.
Schedule 2 Member Undertakings
-
To comply at all times with the Mandatory Policies.
-
To ensure that the information You submit is truthful and accurate and that You have not misrepresented your identity
-
To ensure that you update your contact information if it changes so that we can contact you
-
Warrant that your use of the Services does not violate any applicable law or regulation
-
Warrant that you are 18 years of age or older.
-
Warrant that if you are accepting these Terms and Conditions on behalf of an entity that is a company, partnership, unincorporated association or any other entity that is not an individual, that you have authority to bind that entity.
Schedule 3 Mandatory Policies
The Mandatory Policies:
Anti-bribery and corruption policy
Code of Conduct
Schedule 4 Data protection The Parties acknowledge that for the purposes of the Data Protection Legislation, the North West Cyber Resilience Centre shall be the Controller of personal data which it collects or procures for the purposes of developing, providing, managing and marketing the Membership Benefits.
-
In the event that the Member comes into possession of personal data pertaining to other Members and staff of the North West Cyber Resilience Centre, the Member shall be the Controller of such personal data.
-
The Parties shall each comply with all applicable laws, statutes, regulations and codes from time to time in force, including the Data Protection Legislation, in connection with their respective rights and obligations under this Agreement.
-
Without prejudice to the generality of paragraph 3 of this Schedule, the Member shall ensure that it has all necessary appropriate consents, or other lawful basis, and appropriate transparency mechanisms in place to enable the lawful transfer of any personal data provided by the Member to the North West Cyber Resilience Centre for the duration and purposes of this Agreement.
-
The Member shall promptly provide to any of its directors, officers, employees, agents, consultants, contractors or other individuals affected by the processing of personal data under this Agreement with the Privacy Policy which is applicable to the processing of their personal data.
-
Without prejudice to the generality of paragraph 3 of this Schedule, each Party shall ensure that it has in place appropriate technical and organisational measures, to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it).
-
Without prejudice to clause 11.2 (Confidentiality) of the Agreement, the Parties shall ensure that all personnel who have access to and/or process personal data are obliged to keep the personal data confidential.
-
The Parties shall promptly provide reasonable assistance to the other in connection with processing undertaken under the auspices of this Agreement, including the conduct of an impact assessment or consultation with the Information Commissioner’s Office or other such relevant supervisory authority, and in responding to any request from a data subject; any data breach; and responding to any enquiry or notice issued by the Information Commissioner’s Office or other such relevant supervisory authority,.
-
The Parties shall, without undue delay, notify the other on becoming aware in respect of personal data processed under the terms of this Agreement and affecting the relevant Party of a personal data breach, any data subject request, threatened data protection claim, or any enforcement action taken by the Information Commissioner’s Office or other such relevant supervisory authority and will assist one another expeditiously to deal with any such personal data breach, data subject request, threatened data protection claim, or enforcement action .