By Risk Area

Anti-Bribery & Corruption
Modern Slavery & Human Rights
Sustainability
Environmental, Social & Governance (ESG) 
Third-Party Risk Management
Cyber

By Role

Third-Party Risk Management
Compliance & Risk
Legal
Procurement
C-Suite

By Industry

Healthcare & Life Sciences
Aerospace & Defense
Manufacturing
Telecommunications
Enterprise
Agribusiness
Oil & Gas

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

How It Works

Why Ethixbase360?
Trust Center

TPRM Capabilities

FastStart
Risk Assessment
Entity Verification
Ultimate Beneficial Ownership
Screening & Monitoring
Enhanced Due Diligence
Collaborative Due Diligence
Questionnaires
eLearning
Workflows & Case Management
Reporting & Analytics
Managed Services

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

Get Certified

Tcertification
TRAC
ESGmetrics

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

RESOURCES

Blog
Case Studies
eBooks/White Papers
Guides
Infographics

EVENTS

Events

Podcasts
Press Releases
Webinars – On Demand
Webinars – Upcoming
Templates

Ethics Exchange

Ethics Exchange Risk Center

ETHICS EXCHANGE

Ethics Exchange Risk Center

Access for the latest third-party risk management news, best practices, and insights.

Sign up for the monthly newsletter today.

EVENTS

View All Events

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

company

About Us
Careers
Current Vacancies
Sustainability @Ethixbase360

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

CAREERS

Careers
Current Vacancies

EBOOKS/WHITE PAPERS

2025: The State of Modern Slavery and Human Rights in Global Supply Chains

Gain critical insights into modern slavery and human rights challenges in global supply chains, and discover strategies to strengthen compliance and mitigate risks for 2025 and beyond. 

Request Demo

Ethixbase360 Terms and Conditions for the Supply of Services

Ethixbase360 Terms and Conditions for the Supply of Services

Last updated 12 February 2026 . Please see here for previous versions.

Part 1

About Ethixbase360

Ethixbase360 supports its customers manage third-party risks with a focus on corporate sustainability, other ESG risk factors including anti-bribery and corruption, human rights, modern slavery and the environment and cyber risk.

Ethixbase360 services include cloud-based due diligence platforms, interactive due diligence questionnaires, risk assessment tools and custom due diligence reports.

Risk data is provided by: (a) information sourced from third-party data providers; (b) Ethixbase360 public domain research; (c) Third Party responses to DDQs; or (c) Customer.

Status of these terms and conditions

These terms and conditions, any applicable Managed Services Terms (Terms) and each Order create a separate agreement between Ethixbase360 and Customer regarding the supply of Services.

Once Customer enters into an Agreement, all additional Services supplied to Customer will be governed by the Terms whether or not Customer signs an Order for those additional Services.

If Customer clicks online to indicate acceptance of the Terms, makes payment based on an Order that references the Terms or continues to use Services, Customer has agreed to the Terms. Ethixbase360 does not have to accept orders for its services placed by email, but any order accepted will be subject to the Terms. 

Ethixbase360 does not accept other terms or conditions that Customer attempts to impose including those associated with Customer purchase orders. Such other terms and conditions will not apply to an Order.  

Customer may deliver a Customer purchase order or similar document as a convenience to Customer and for Customer’s internal accounting procedures only.  Supply of Services, signature of a purchase order or acceptance of payment shall not be considered acceptance of terms and conditions associated with such documentation.

The Terms prevail in the case of conflict between the Terms and an Order. However, the Order prevails if it refers to a specific provision of the Terms and an intention to vary that provision. The DPA always prevail in relation to the processing of Owner Personal Data.

If you sign an Order on behalf of a third party, you warrant and undertake that you are authorised to do so.

How these terms and conditions apply

Part 1:  applies to all Services

Part 2:  applies only if you buy Collaborative Reports 

Part 3:  applies only if you buy a Research Subscription 

Part 4:   applies only if you buy a Cyber Services

Interpretation. The definitions and rules of interpretation in this clause apply to an Agreement.

Affiliate: another entity that controls, is controlled by, or is under common control with a party. Control of a party means ownership, directly or indirectly, of over 50% of the entire ownership interest in the party or of the party’s voting stock, or the right and power to direct the party’s affairs.

Agreement: each separate agreement between Ethixbase360 and Customer made up of an Order and the Terms.

Artificial Intelligence: machine-based systems that are designed to operate with varying levels of autonomy, and that can, for a  given set of objectives, infer, from the input received, how to generate  predictions, recommendations, content or decisions that influence  physical or virtual environments, including, but not limited to, deep learning, natural language processing algorithms, large language models, small language models, generative AI systems, or any derivative technologies and applications, both as they exist today and as they may evolve in the future.

Authorised Users: Customer and Permitted Affiliate employees and individual contractors who are not competitors of Ethixbase360 authorised to use Services up to any maximum number specified in the Order.

Confidential Information: information of a party that is proprietary or confidential, including (for Ethixbase360) Ethixbase360 Data and (for Owner) Owner Data, and is clearly labelled as such or should reasonably be considered confidential by the receiving party.

Controller”, “Data Subject”, “Personal Data”, “personal data breach” “Processor” and “processing” have the meanings attributed to them in the DPA.

Customer: the party ordering Services identified in an Order.  

Customer Systems: (a) computer or electronic processing equipment (b) communication networks (c) the internet (d) other equipment, applications or software used by Customer, always excluding Services.

Cyber DDQ: a DDQ designed to assess the information security risks posed by a Third Party;

Cyber Inherent Risk Assessment: a short form DDQ designed to allocate an initial, indicative Third Party risk rating.

Cyber Services: any of a Cyber Inherent Risk Assessment, a Cyber DDQ  or Cyber Third Party Services as part of Services.

Cyber Third Party Services: any of Cyber Passive Scan and Monitor, Cyber Active Scan and Monitor or Cyber Collaborative Risk Assessment.

Data Protection Legislation: has the meaning in the DPA.

Data Provider: a third-party provider of Ethixbase360 Data.

DDQ: a standard or custom due diligence questionnaire (including the Modern Slavery Module and Cyber DDQ) sent via the Ethixbase360 Platform as part of Services.

DPA: Ethixbase360’s data processing agreement found at https://ethixbase360.com/ethixbase-data-processing-agreement/

EDD Reports: Ethixbase360 Enhanced Due Diligence Reports.

ESG Laws:  laws, statutes and regulations applicable to Ethixbase360 in the provision of Services relating to (a) anti-bribery and anti-corruption (b) anti-slavery and human trafficking (c) the protection of the environment (d) the prevention of facilitation of tax evasion.

Ethixbase360: the Ethixbase360 entity identified in Section 18.

Ethixbase360 Data: data and information including personal data, alerts, publications, documentation, white papers, research, analysis, forecasts, ratings, opinions, models, security identifiers, methodologies text, photographs, audio, video and graphics provided by Ethixbase360 through Services, including such data and information sourced from Data Providers.  Ethixbase360 Data does not include Owner Data.

Ethixbase360 Know-How:  know-how, templates, models, methodologies, ideas, techniques, tools, processes, and technologies, including algorithms owned by, licensed to or developed by Ethixbase 360, its subcontractors or Data Providers.  Ethixbase360 Know-How is Ethixbase360’s Intellectual Property Rights.

Ethixbase360 Platform:  any cloud-based platform provided by Ethixbase360 on a Subscription basis.

Force Majeure: an event or sequence of events beyond a party’s reasonable control (after exercise of reasonable care to put in place information security, back-up and disaster recovery arrangements) preventing or delaying that party from performing its obligations under an Agreement but excluding  circumstances resulting in Customer’s inability to pay the Price.

Good Industry Practise: practices, methods and procedures which would be reasonably commensurate with those practices, methods and procedures adopted by a skilled and experienced supplier engaged in providing services the same as or similar to Services and by a supplier of similar scale to Ethixbase360.

High Risk Data: information and data of the type described at the following location https://ethixbase360.com/company/eb360-high-risk-information-categories/

Initial Term: the initial, fixed term of an Agreement for a Service bought on a Subscription basis starting on the Order Start Date and ending on the expiry of 36 months from the Order Start Date unless otherwise specified in the Order. The Initial Term specified in an Order may be different for different Services.

Intellectual Property Rights: trade secrets, patents and patent applications, trade-marks (registered or unregistered, including goodwill accruing thereto), service marks, trade names, business names, internet domain names, copyrights, moral rights, database rights, design rights, know-how rights in inventions,  other intellectual property and proprietary rights (registered or unregistered), and other equivalent or similar rights which may subsist anywhere in the world, and applications for the foregoing.

Order: an Ethixbase360 ordering document, statement of work, work order or online order or registration form specifying Services to be provided by Ethixbase360 to Customer.

Order Start Date: the start date specified in an Order (or if no such date is specified the date of the last signature of an Order) or, in relation to an online Order, the date the Order is placed.

Owner: the owner of all rights including Intellectual Property Rights in Owner Data being Customer or (in relation to Collaborative Reports) the party identified in Part 2. 

Owner Data: Reports (once paid for) and other Owner Confidential Information (including Owner Personal Data). In relation to Collaborative Reports, Third Party DDQ responses are owned as described in Part 2 of the Terms.  All other Third Party DDQ responses are owned by Customer. Owner Data does not include Ethixbase360 Platform usage or audit logs.

Owner Personal Data: has the meaning in the DPA.

Managed Services: business process management Services provided on a Subscription basis as described in an Order.

Managed Services Terms: additional terms and conditions that apply to a Managed Services as set out in the Order.

Modern Slavery Module: the Modern Slavery Due Diligence module provided on a Subscription basis.

Name: the name of any legal entity or natural person processed in the Ethixbase360 Platform by or on behalf of Customer at any point in a Year.

Name Limit: means any maximum number of Names in relation to which Services can be provided in any Year as set out in the Order. A Name will count towards the Name Limit if Services have been provided in relation to that Name at any point in a Year.

Permitted Affiliate: an Affiliate of Customer identified as such in the Order.

Permitted Purpose: to manage Customer’s legal or regulatory compliance obligations regarding (a) financial crime (b) supply chain sustainability or ESG risk factors  (c) regulatory and suspicious activity reporting (d) sanctions (e) embargoes (f) other regulatory risks and associated obligations.

Permitted Recipients: (a) Authorised Users (b) to the extent necessary for the Permitted Purpose, Customer’s officers, employees, regulators and professional advisors and those of its Permitted Affiliates (c) other third parties agreed by Customer and Ethixbase360.

Price: the price or charges for Services specified in the Order or agreed between Customer and Ethixbase360 in writing from time to time.

Professional Services: professional services provided by Ethixbase360 as set out in an Order.

Remediation: false positive remediation of Name matches against Ethixbase360 Data.

Remediation Methodology: Ethixbase360’s methodology for carrying out Remediation found at Remediation Methodology

Renewal Term: has the meaning in clause 13.2.

Report: a due diligence report provided to Customer as part of Services including digital reports provided through the Ethixbase360 Platform and all working papers used to compile that report.

Services: Ethixbase360 services ordered by Customer as specified in an Order or that Ethixbase360 otherwise agrees to provide.  Services exclude any third party applications, integrations or services that Customer uses to interact with Services whether or not approved by, Ethixbase360.

Start Date: the earlier of the Order Start Date or the date on which Ethixbase360 begins to provide Services.

Subscription: a license to use Services for an Initial Term and any Renewal Terms as identified in an Order.

Term: the total period of an Agreement including all Renewal Terms.

Third Party: the legal entity or individual that is the primary subject of a Report or other Services including as respondent to a DDQ.

Training Bundle: the modules of online training Services selected by Customer as identified in an Order.

Usage Data: information and data generated by, relating to or derived from Customer’s use of or from provision of, Services.

Virus:  programs that contain malicious code or infiltrates or damages a computer system or is designed to do so or which is hostile, intrusive or annoying and has no legitimate purpose, including Trojan horses, malware, malicious software, worms or logic bombs.

Year: each successive 12-month period of the Term starting on the Start Date.

1.2 Clause, schedule and paragraph headings do not affect the interpretation of an Agreement. References to clauses and schedules are to the clauses and schedules of an Agreement.

1.3 A person includes an individual and an incorporated or unincorporated body.

1.4 Unless the context otherwise requires, words in the singular include the plural and vice versa. A reference to one gender includes all genders.

1.5 A reference to a statute or statutory provision is a reference to it as it is in force as at the date of an Agreement and includes subordinate legislation made as at the date of an Agreement under that statute or statutory provision.

1.6 If the word “including” or similar words are used before describing items, such items are examples only and not an exhaustive list.

2. Licence and Usage Restrictions

2.1 Ethixbase360 grants Customer a non-exclusive, non-transferable right to use Subscription Services during the Term.  Reports and Ethixbase360 Data may be used only for the Permitted Purpose. 

2.2 A Training Bundle cannot be used after the expiry of the period set out in the Order.

2.3 Customer may not allow any Affiliate (other than a Permitted Affiliate) to use, access or benefit from Services or the Ethixbase360 Data. No Permitted Affiliate has the right to a separate instance of the Ethixbase360 Platform. EthixBase360’s obligations under clause 10 and the DPA shall be interpreted accordingly. Customer must ensure that Permitted Affiliates comply with the terms of each Agreement.

2.4 Customer shall take industry standard steps designed to ensure that when using Services or Ethixbase360 Data, Customer does not access, store, distribute or transmit (a) Viruses or (b) material that (i) is illegal, harmful, threatening, defamatory, obscene, infringing, harassing or offensive (ii) abuses another’s privacy, intellectual property or other legal rights (iii) High Risk Data.

2.5 Each Authorised User must keep their Ethixbase360 Platform access credentials confidential and must not share them with any other person. Access to courses within a Training Bundle must not be shared. Ethixbase360 may suspend access to Services where it reasonably suspects credentials or access have been shared or misused.

2.6 Customer shall: (a) put reasonable measures into practice no less stringent than its own information security measures (and no less than reasonable measures) so only Authorised Users can access Services and Ethixbase360 Data (b) promptly notify Ethixbase360 and take steps to investigate and mitigate the impact of unauthorised use of, access to or transmission of Services or Ethixbase360 Data and cooperate with Ethixbase360 accordingly (c) not probe, scan, penetrate or test the vulnerability of Services (d) not breach the Ethixbase360 security or authentication measures, whether by passive or intrusive techniques.

2.7 Customer must attribute Ethixbase360 Data to the original source identified within Reports and not to Ethixbase360 or Data Providers.

2.8 Customer shall indemnify and defend Ethixbase360 against all liabilities, losses, damages, costs and expenses suffered or reasonably incurred by Ethixbase360 in connection with any claim by a Data Provider against Ethixbase360 to the extent that claim is caused by a breach of an Agreement by Customer. Ethixbase360 will use reasonable commercial endeavours to mitigate the amount of any claim under this clause.

3. Use of Services in relation to Individuals

3.1 Customer shall not use Services or Ethixbase360 Data in whole or in part (a) to establish an individual’s eligibility for credit, insurance, other financial services, government benefits or licences (b) to evaluate an individual for employment, promotion, reassignment or retention as an employee (c) for debt collection purposes or (d) to determine whether an individual continues to meet the terms of the credit or prepayment risks associated with an existing account.

3.2 Nothing in this clause 3 limits Customer’s right to use Services or Ethixbase360 Data for the Permitted Purpose.

3.3 If Customer receives complaints or communications (including from an individual, a regulator or law enforcement agency) that relate to Services, Ethixbase360 Data or Ethixbase360’s legal compliance in connection with Services, Customer shall promptly and to the extent legally permitted, notify Ethixbase360. Customer shall give Ethixbase360 reasonable co-operation and assistance in relation to such complaints, notices or communications.

4. Owner Data

4.1 Owner owns all Intellectual Property Rights in Owner Data excluding Ethixbase360 Know-How within Reports. Owner has sole responsibility for the legality, accuracy and quality of Owner Data other than Reports. Owner is advised to keep backup copies of Owner Data. Owner permits Ethixbase360 to use Owner Data as necessary to provide, monitor, troubleshoot and improve the performance, security and functionality of the Services and to develop Ethixbase360’s internal tools, models and processes.

4.2 If Owner Data is lost or damaged by Ethixbase360, as Customer’s sole and exclusive remedy, Ethixbase360 will use reasonable commercial endeavours to restore the lost or damaged Owner Data from the latest back-up maintained by Ethixbase360 in accordance with its internal policies. Ethixbase360 is not responsible for loss, destruction, alteration or disclosure of Owner Data caused by third parties (except Ethixbase360 sub-contractors or sub-processors).

4.3 The DPA is incorporated by reference and applies to the processing of Owner Personal Data as defined in the DPA.

4.4 Ethixbase360 will anonymise and use Usage Data for its own business purposes including for (a) statistical, trend analysis and reporting (b) machine learning (c) product and service improvements (d) new product development. Ethixbase360 owns the Intellectual Property Rights in Usage Data.

5. Access to Adverse Media

Customer may require a separate license with media owners to access certain underlying content within Ethixbase360 Data because adverse media behind may sit behind paywalls.

6. Ethixbase360’s obligations

6.1 Ethixbase360 warrants that: (a) Services will be performed with reasonable skill and care and in accordance with Good Industry Practise (b) it has and will maintain  necessary licences, consents, and permissions for the performance of its obligations under an Agreement (c) it will comply with  laws and regulations applicable to Ethixbase360 in the provision of Services and (d) it takes industry standard steps designed to ensure Services do not contain or introduce any Virus into Customer’s System.

6.2 Remediation will be performed in accordance with the Remediation Methodology.

6.3 Without prejudice to the generality of clause 6.1, Ethixbase360 shall, in connection with the provision of Services: (a) comply with  ESG Laws (b) not engage in activity, practice or conduct which would be an offence under ESG Laws (c) promptly notify Customer if it becomes aware of breach of this clause or has reason to believe that it has received a request or demand for undue financial or other advantage (d) certify to Customer compliance with this clause 6.3 within thirty (30) days of written request.  Breach of this clause is a material breach of an Agreement.

6.4 Ethixbase360 warrants it has not been convicted of offences under ESG Laws or been the subject of proceedings regarding offences or alleged offences in connection with ESG Laws.

6.5 Updates to the Ethixbase360 Platform will be provided to Customer at no additional cost when and to the extent Ethixbase360 makes such updates generally available to its other Customers. Ethixbase360 has the right to modify the features and functionality of Services or Ethixbase360 Data but will not change Services’ fundamental nature without informing Customer through its regular product roadmap communications. Ethixbase360 may add, remove or change Data Providers provided this change does not have a material adverse impact on Services. 

6.6 If Services or Ethixbase360 Data do not conform with an Agreement, Ethixbase360 will, at its sole expense, use reasonable commercial efforts to correct this non-conformance promptly or give Customer an alternative means of accomplishing the desired performance. This correction or substitution is Customer’s sole and exclusive remedy in relation to this non-conformance.

7. Customer’s obligations

7.1 Customer shall: (a) as a condition to Ethixbase360 performing its commitments under an Agreement, provide Ethixbase360 with timely cooperation and information as may reasonably be required by Ethixbase360 to provide Services (b) comply with  applicable laws and regulations with respect to its use of Services and Ethixbase360 Data (c) make sure Permitted Recipients use Services and Ethixbase360 Data in accordance with each Agreement and Ethixbase360’s reasonable instructions (d) maintain  necessary licences, consents, and permissions in relation to Owner Data necessary to enable Ethixbase360 to perform its obligations under an Agreement (e) make sure Customer Systems are compatible with Services.

7.2 If the performance of Services is delayed at Customer’s request or because of Customer’s acts or omissions: (a) time for performance of Ethixbase360’s obligations will be extended to take account of this delay (b) Ethixbase360 will use reasonable commercial endeavours to redeploy its personnel allocated to Professional Services to other engagements and will work with Customer to agree an alternative start date.  If Ethixbase360 cannot redeploy its personnel for any part of the delay, it reserves the right to charge Customer for lost days or part days at its standard Professional Services day rates.

8. Price and payment

8.1 Customer will pay the Price in accordance with the Order and this clause 8.  Customer must provide any purchase order at the time of signature of the Order.

8.2 Customer shall pay the Price within thirty (30) days of receipt of Ethixbase360’s invoice. Invoice disputes must be raised before the due date for payment or the invoice will be considered accepted.

8.3 Ethixbase360 may notify Customer if, at any time in a Year, the Name Limit is exceeded.  Following notification, the Name Limit and corresponding Price for Services will be increased, in accordance with the rates set out in the Order. Such increase will take effect from the start of the first month following receipt of such notice by Customer or such later date as specified by Ethixbase360. 

8.4 Customer can cancel an order for an individual EDD Report by notice by sent by email to [email protected] and upon payment of the following cancellation charges: (a) 100% of the Price payable for the EDD Report if notice of cancellation is received when the EDD Report has entered the quality assurance stage of production (b) 50% of the Price payable for the EDD Report if notice of cancellation is received at least 50% through the estimated turnaround time for the report (c) 25% of the Price payable for the EDD Report if notice of cancellation is received at any other time. Notwithstanding payment of the above cancellation charges, draft or preliminary EDD Reports and working papers will not be shared with the Customer and may be destroyed.

8.5 If Ethixbase360 has not received payment of the Price by the due date, and without prejudice to its other rights and remedies, Ethixbase360 may on not less than 10 days prior written notice to Customer: (a) suspend provision of Services until the Price is paid (b) charge Customer interest on overdue payments at the rate specified in the Contracting Entity Table in Section 18 on the amount overdue (c) retain Owner Data until outstanding amounts have been paid in full and/or (d) terminate an Agreement under clause 13.3.  Customer will be liable for  legal or other reasonable costs incurred by Ethixbase360 in the collection of overdue amounts.

8.6 The Price: (a) is payable in the currency specified in the Order (b) other than as specified in clause 13.7.1, is non-refundable and cannot be applied to a subsequent Year, Renewal Term or Agreement (c) is exclusive of value-added or sales taxes or duties which Customer is responsible for paying (d) must be paid without withholding or deduction. If the law requires Customer to deduct withholding tax from the Price, Customer must pay Ethixbase360 an amount that ensures its net receipt is the same as it would have been if the payment had not been subject to this withholding.

8.7 By providing not less than sixty (60) days’ written notice before: (a) the start of any Year of the Initial Term, Ethixbase360 may notify Customer of the amount by which the Price for a Subscription for that Year will increase in line with any increase in the Consumer Price Index published by the Office for National Statistics (www.ons.gov.uk) for a 12 month period ending before the start of that Year; (b) the start of any Renewal Term, Ethixbase360 may increase the Price for that Renewal Term.

8.8 Ethixbase360 may increase the Price for Services provided on a non-Subscription basis on not less than 30 days’ notice given at any time.

9. Intellectual Property Rights

9.1 Ethixbase360 warrants it has the right to allow Customer to use Services and Ethixbase360 Data in accordance with the terms of each Agreement.

9.2 Ethixbase360 or its licensors own all Intellectual Property Rights in Services, Ethixbase360 Know-How and Ethixbase360 Data, any modifications or derivatives of them, their structure, organisation and associated search and extraction mechanisms.

9.3 An Agreement does not grant Customer rights to Intellectual Property Rights in Services, Ethixbase360 Know-How or Ethixbase360 Data except as stated.

9.4 Customer must not access or use Services, Ethixbase360 Know-How or Ethixbase360 Data in any manner that infringes the Intellectual Property Rights of Ethixbase360, any Data Provider or its or their licensors.

9.5 Customer shall not except as permitted by an Agreement or applicable law incapable of exclusion by agreement: (a) share, republish, or distribute Services or Ethixbase360 Data other than to Permitted Recipients for the Permitted Purpose (b) create derivative works of, adapt, reverse engineer, decompile, disassemble or modify the Ethixbase360 Platform or Ethixbase360 Data (c) make or use Services or Ethixbase360 Data available to or for the benefit of, third parties except Permitted Recipients or (e) access and/or use the Ethixbase360 Platform via mechanical, programmatic, robotic, scripted or other automated search means.

9.6 Ethixbase360 Data may not be used in whole or in part: (a) to develop a substitute for Ethixbase360 Data or to compete with or replace Ethixbase360 Data or Services; or (b) in or with proprietary or third party generative Artificial Intelligence technology (such as ChatGPT or Gemini for Google Workspace), including to train, ground, prompt, or tune large language models, foundation models or other generative Artificial Intelligence technology.

9.7 Customer must store only insubstantial parts of and will not data or text mine, Ethixbase360 Data. Customer will not store or use Ethixbase360 Data (a) in a searchable database created by or on behalf of Customer (b) in a way that allows manual, automated or machine-assisted indexing or classification.  Nothing in this clause prevents Customer from (a) using an Ethixbase360 provided API to extract Reports  into or (b) storing Reports in, Customer Systems in each case for archiving purposes and to comply with Customer’s regulatory or legal obligations.

9.8 Customer will not remove copyright notices, proprietary markings, trademarks or trade names from Services or Ethixbase360 Data.

9.9 Customer or its Authorised Users may submit comments, information, questions, data, ideas, description of processes, or other information to Ethixbase360 in connection with Services (“Feedback”). Ethixbase360 may use, disclose, reproduce, license, create derivative works of or otherwise exploit Feedback without obligation to or restriction from, Customer.

10. Confidentiality

10.1 A party may be given access to the Confidential Information of the other party to perform its obligations or exercise its right under an Agreement. A party’s Confidential Information shall not include information that: (a) is or becomes publicly known other than through act or omission of the receiving party (b) was in the receiving party’s lawful possession before the disclosure (c) is lawfully disclosed to the receiving party by a third party without known restriction on disclosure or (d) is independently developed by the receiving party without use of the disclosing party’s Confidential Information, which independent development can be shown by written evidence.

10.2 Subject to clauses 10.3 and 10.4, each party shall take steps no less stringent than the steps it takes to protect its Confidential Information (and no less than reasonable steps) to hold the other’s Confidential Information in confidence and shall not use the other’s Confidential Information for purposes other than to exercise its rights or perform its obligations under an Agreement.  Subject to clause 10.3, a party may disclose the other party’s Confidential Information to the receiving party’s officers, employees and service providers or those of its Affiliates to the extent necessary to provide or receive Services.  The disclosing party will make sure these recipients comply with the terms of this clause 10.

10.3 Customer may disclose Ethixbase360 Data or Reports only to Permitted Recipients to the extent required for the Permitted Purpose. Customer shall ensure Permitted Recipients comply with this clause 10.  

10.4 A party may disclose Confidential Information to the extent such Confidential Information must be disclosed by law, by governmental or other regulatory authorities or by a court or other authority of competent jurisdiction if, to the extent it is legally allowed to do so, it gives the other party prior notice of such disclosure and considers the reasonable requests of the other party about the content of such disclosure.

10.5 At any time during the Term, Customer may perform exports of current Owner Data processed in the Ethixbase360 Platform.

10.6 It is Customer’s responsibility to request in writing that Ethixbase360 disposes of Owner Data at any time during or after the Term in accordance with Customer’s own data retention policies. All requests must be initiated by following the process described in the Ethixbase360 customer support portal found at https://ethixbase.zendesk.com/hc/en-us/requests/new.  Ethixbase360 has no obligation to dispose of Owner Data without such written request except that (a) a Collaborative Report will be disposed of following the expiry of 36 months after its production (b) Owner Data sent by a service email account will be deleted after 6 months.

10.7 Each party has the right to retain copies of the other party’s Confidential Information (a) when required by law; or (b) when securely isolated and protected on back-up systems and deleted in accordance with the retaining party’s standard deletion practises.  Unless requested otherwise in accordance with clause 10.6, Ethixbase360 may keep one copy of each Report for risk management purposes for 6 years following the date of the Report. Retained Confidential Information shall remain subject to this clause 10 and the DPA.

11. Basis of Provision of Services

11.1 Customer is responsible for evaluating the adequacy of the output of Services.

11.2 Customer should not rely only on Services or Ethixbase360 Data when deciding to deal with any person or entity.  The content of Reports should be verified by Customer with the Third Party.  People or entities identified in Reports may not be the same as the person or entity Customer intends to transact business with.

11.3 Customer must make sure Services and Ethixbase360 Data enable it to comply with its legal or regulatory obligations. Services are not the provision of advice of any kind.

11.4 Ethixbase360 takes reasonable steps to ensure the reliability of Data Providers.  Ethixbase360 Data is derived from third-party sources including public domain sanctions lists, law enforcement and regulatory websites and media sources, Data Providers and Third Parties.  Ethixbase360 cannot control whether Ethixbase360 Data is comprehensive, correct or current.  Ethixbase360 will not tell Customer if Ethixbase360 Data changes other than as part of its continuous monitoring service if purchased as part of Services.  Ethixbase360 makes no warranty or representation about and disclaims liability for, the accuracy, completeness or currency of Ethixbase360 Data and its merchantability or fitness for a particular purpose.

11.5 Reports containing environmental, social and governance resilience assessments are based on sentiment published on Third Party websites. Ethixbase360 draws subjective inferences from those sentiments to create a risk score.  Ethixbase360 does not seek to assess the truth or accuracy of those published sentiments or the steps taken by Third Party to implement them in practise.

11.6 Ethixbase360 is not responsible if any person terminates or changes any commercial relationship with a Third Party as the result of Services. Output of Services are not a recommendation, opinion or approval.

11.7 Certain algorithmic risk modules within the Ethixbase360 Platform including the Modern Slavery Module, Tsort and Perceived and Custom Risk Indicators provide indicative risk ratings only. The accuracy of the risk score generated by these modules depends on external factors outside the control of Ethixbase360, including Data Providers and inputs from third parties made at the request of Customer. Risk scores or rankings provided are subjective and a matter of opinion only.  

11.8 While every care has been taken in developing the automated risk modules within theEthixbase360 Platform, automated decision-making poses inherent risks such as potentially inaccurate, biased or otherwise flawed risk scores due to the complexity of the algorithm and reliability of third-party data used. Automated risk scores should be reviewed by Customer to determine their accuracy and suitability for Customer’s risk appetite.

11.9 Ethixbase360 acts in a commercially prudent manner to carry out Services in accordance with dates quoted for performance of Services.  Such dates are estimates only.

11.10 If Ethixbase360 tells Customer Ethixbase360 Data in any Report must be updated or removed to avoid breaching applicable law or third-party rights, (including Data Protection Legislation) Customer will promptly do so.

12. Limitation of liability

12.1 EXCEPT AS EXPRESSLY PROVIDED IN AN AGREEMENT: (A) ALL WARRANTIES, REPRESENTATIONS, CONDITIONS AND ALL OTHER TERMS OF ANY KIND WHATSOEVER IMPLIED BY STATUTE OR COMMON LAW INCLUDING IN RELATION TO NONINFRINGEMENT, MERCHANTABLE QUALITY OR FITNESS FOR PURPOSE, OR IMPLIED FROM COURSE OF PERFORMANCE, COURSE OF DEALING, OR USAGE OF TRADE ARE, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EXCLUDED FROM EACH AGREEMENT (B) SERVICES AND ETHIXBASE360 DATA ARE PROVIDED TO CUSTOMER ON AN “AS IS/AS AVAILABLE” BASIS. THE UNITED NATIONS CONVENTION ON CONTRACTS FOR THE INTERNATIONAL SALE OF GOODS SHALL NOT APPLY TO AN AGREEMENT (C) AN AGREEMENT AND THE PROVISION OF SERVICES CREATES NO DUTY OF CARE TO CUSTOMER ON THE PART OF ETHIXBASE360 OR DATA PROVIDERS.

12.2 NOTHING IN AN AGREEMENT EXCLUDES OR LIMITS A PARTY’S LIABILITY FOR: (A) DEATH OR PERSONAL INJURY CAUSED BY A PARTY’S NEGLIGENCE  (B) FRAUD OR FRAUDULENT MISREPRESENTATION (C) GROSS NEGLIGENCE, RECKLESSNESS, OR WILFUL MISCONDUCT (D) NON PAYMENT OF THE PRICE (E) MISUSE OR MISAPPROPRIATION OF THE OTHER PARTY’S INTELLECTUAL PROPERTY RIGHTS OR (F) MATTERS FOR WHICH IT WOULD BE UNLAWFUL FOR THE PARTIES TO EXCLUDE OR LIMIT LIABILITY.

12.3 SUBJECT TO CLAUSE 12.1 AND CLAUSE 12.2:

12.3.1 A PARTY IS NOT LIABLE WHETHER IN TORT (INCLUDING FOR NEGLIGENCE OR BREACH OF STATUTORY DUTY), CONTRACT, MISREPRESENTATION, RESTITUTION OR OTHERWISE FOR LOSS OF PROFITS, LOSS OF BUSINESS, DEPLETION OF GOODWILL, WASTED EXPENDITURE, LOSS OF REPUTATION OR SIMILAR LOSSES OR LOSS OR CORRUPTION OF DATA OR INFORMATION, OR PURE ECONOMIC LOSS, OR FOR SPECIAL, INDIRECT OR CONSEQUENTIAL LOSS, COSTS, DAMAGES, CHARGES OR EXPENSES HOWEVER ARISING UNDER AN AGREEMENT

12.3.2 ETHIXBASE360’S TOTAL AGGREGATE LIABILITY IN CONTRACT, TORT (INCLUDING NEGLIGENCE OR BREACH OF STATUTORY DUTY), MISREPRESENTATION, RESTITUTION OR OTHERWISE ARISING IN CONNECTION WITH AN AGREEMENT AND SERVICES IS LIMITED TO THE TOTAL PRICE PAID BY CUSTOMER FOR SERVICES GIVING RISE TO THE LIABILITY DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE DATE ON WHICH THE LIABILITY AROSE. 

12.4 ETHIXBASE360 DOES NOT GUARANTEE THAT CUSTOMER’S USE OF SERVICES OR ETHIXBASE360 DATA WILL BE UNINTERRUPTED OR ERROR FREE.  ETHIXBASE360 SHALL HAVE NO LIABILITY FOR BREACH OF AN AGREEMENT.

TO THE EXTENT CAUSED BY (A) CUSTOMER SYSTEMS OR THE INTERNET, (B) USE OF SERVICES OR ETHIXBASE360 DATA CONTRARY TO ETHIXBASE360’S INSTRUCTIONS, (C) MODIFICATION OR ALTERATION OF SERVICES OR ETHIXBASE360 DATA BY OR ON BEHALF OF CUSTOMER OTHER THAN ETHIXBASE360 OR (D) USE OF THIRD-PARTY PRODUCTS OR SERVICES IN CONJUNCTION WITH SERVICES OR ETHIXBASE360 DATA.

12.5 A PARTY MAY NOT BRING AN ACTION AGAINST THE OTHER UNDER OR IN CONNECTION WITH AN AGREEMENT MORE THAN 12 MONTHS AFTER THE CLAIMING PARTY BECAME AWARE OF THE CAUSE OF ACTION OR EVENT GIVING RISE TO THE CLAIM.  A PARTY IS ENTITLED TO RECOVER FROM OTHER PARTY ITS REASONABLE ATTORNEY’S AND OTHER COSTS AND EXPENSES INCURRED IN RELATION TO SUCCESSFUL CLAIMS UNDER AN AGREEMENT.

13. Term and termination

13.1 An Agreement begins on its Start Date.

13.2 A Subscription will continue for its Initial Term.  After the Initial Term, a Subscription will renew automatically for 12 months on each anniversary of the Start Date (each, a Renewal Term) unless terminated by a party giving the other at least 60 days prior written notice to expire on the day before the first day of the next Renewal Term.  

13.3 Without affecting other rights or remedies available to it, Ethixbase360 may terminate any Agreement with immediate effect by giving written notice to Customer if Customer fails to pay amounts due under an Agreement on the due date and remains in default not less than thirty (30) days after being notified in writing of the default.

13.4  Without affecting other rights or remedies available to it, a party may terminate an Agreement with immediate effect by giving written notice to the other party: (a) if the other party commits a material breach of an Agreement which is irremediable or (if the breach is remediable) fails to remedy that breach within 30 days after being notified in writing to do so (b) if the other party suspends, or threatens to suspend, payment of its debts or cannot pay its debts as they fall due or admits inability to pay its debts or is considered unable to pay its debts (c) if the other party suspends or stops, or threatens to suspend or cease, carrying on a substantial part of its business (d) either (i) the use or provision of Services or Ethixbase360 Data may breach the export control or economic sanctions laws and regulations of any jurisdiction including the United States of America, the United Kingdom, the European Union and its Member States and the United Nations or  (ii) if the other party becomes or any of its Affiliates become specially designated or sanctioned under such laws.

13.5 Ethixbase360 can suspend Customer’s rights in relation to Services if (a) Ethixbase360 has the right to terminate such rights (b) to protect Ethixbase360’s systems or security. Suspension will not affect Ethixbase360’s rights to later terminate an Agreement.

13.6 Termination or expiry of an Agreement shall not result in the termination of any other Agreement except that if a party terminates an Agreement under clause 13.3 or 13.4, it may terminate all Agreements.

13.7 On termination of an Agreement:

13.7.1 Ethixbase360 will repay any prepaid amount of the Price that relates to Services that will not be provided after termination if Customer has validly terminated an Agreement in accordance with clause 13.4;

13.7.2 licences granted under an Agreement terminate immediately. Customer shall immediately stop use of Services and Ethixbase360 Data;

13.7.3 neither party shall make any  further use of equipment, property, Confidential Information or other items (and copies) belonging to the other party. Ethixbase360 shall comply with its obligations under clause 10;

13.7.4 rights, remedies, obligations or liabilities of the parties that have accrued up to termination, including the right to claim damages in respect of breach of an Agreement which existed at or before the date of termination shall not be affected or prejudiced;

13.7.5 Provisions of an Agreement which expressly, by implication is intended to or should logically come into or continue in force on or after termination of an Agreement, including clauses 1, 2.8, 4, 8, 9, 10, 12, 13.7 and clauses 16 to 19 shall remain in full force and effect.

14. Force Majeure

14.1 A party shall not be liable if delayed in or prevented from performing its obligations due to Force Majeure if it: (a) promptly tells the other party about the Force Majeure event and its expected duration (b) uses reasonable commercial endeavours to minimise the effects of that event.

14.2 If, due to Force Majeure, a party cannot perform a material obligation for thirty (30) days or more, the other party may terminate an Agreement on immediate notice.

15. Publicity

15.1 A party shall not issue announcements regarding an Agreement without the prior written consent of the other party. 

15.2 Ethixbase360 may not use Customer’s name or  logo  in its marketing (except that Ethixbase360 may reproduce and use Customer’s logo as it is displayed on Customer’s website). Customer will tell Ethixbase360 before publication if there are brand guidelines that Ethixbase360 must follow.

15.3 Provided Customer’s experience of using Services is positive, Customer will give Ethixbase360 a reference and/or case study in connection with Services which Ethixbase360 may use for marketing purposes.

16. General

16.1 Ethixbase360 may update the Terms by updating https://ethixbase360.com/terms-and-conditions/ or the Managed Services Terms by updating the URLs in the Order.  Customer’s continued use of Services after such updates is acceptance of the change.  Use of Ethixbase360 Data may be subject to additional conditions, restrictions and disclaimers imposed by Data Providers on Ethixbase360 from time to time.  Ethixbase360 will give Customer reasonable notice of such additional requirements before they take effect.

16.2 Ethixbase 360 has the right to assume that  Customer’s and Permitted Affiliates’ employees, directors and officers who instruct Ethixbase360 are authorised to do so. Ethixbase360 may act on oral instructions.

16.3 No failure or delay by a party to exercise rights or remedies provided under an Agreement or by law shall be a waiver of that or other rights or remedies, nor shall it prevent or restrict the further exercise of that or other rights or remedies. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or other rights or remedies.

16.4 If any provision (or part of a provision) of an Agreement is found by a court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

16.5 If an invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever change is necessary to give effect to the commercial intention of the parties.

16.6 An Agreement and the DPA are the entire agreement between Ethixbase360 and Customer in relation to the subject matter of that Agreement and the DPA and supersede previous agreements, promises, assurances, warranties, representations and understandings between them in relation to that subject matter, whether written or oral, relating to its subject matter.

16.7 In entering into an Agreement, no party is relying on and shall have no remedies regarding, statements, representations, assurances or warranties (whether made innocently or negligently) that are not set out in an Agreement.

16.8 Neither party shall, without the prior written consent of the other, assign its rights or obligations under an Agreement other than in connection with any merger, consolidation, sale of all or substantially all of such assigning party’s assets, or other similar transactions, provided, that the assignee: (a) is not a competitor of the non-assigning party (b) can fully perform the obligations under that Agreement and (c) agrees to be bound by that Agreement.  The assigning party will give prior, written notice of such permitted assignment to the other party.

16.9 Ethixbase360 contracts with Customer on its own behalf and as trustee for Data Providers.  Data Providers may enforce rights relating to Ethixbase360 Data against Customer directly.  Other than as stated, an Agreement does not confer rights on any person or party (other than the parties to an Agreement and, where applicable, their successors and permitted assigns) under the Contracts (Rights of Third Parties) Act 1999.

17. Notices

17.1 Notices required to be given under an Agreement must be in writing and delivered by hand, courier or email.  Notices delivered by hand or courier shall be marked for the attention of the CEO of the recipient and sent (in the case of Ethixbase360) to the address specified in clause 18 and (in the case of Customer) to an address specified in the Order. Notices sent by email shall be sent (in the case of Ethixbase360) to [email protected] and (in the case of Customer) to an email address specified in the Order.  Notices delivered by hand or courier shall be considered delivered when left at the correct address.  Notices sent by email shall be considered delivered when sent if no notice of non-delivery is received.

17.2 A party may update its address or email address by giving notice to the other party in accordance with this clause.

18 Contracting Entity

18.1 In the table below, “Customer Location” refers to where Customer is located (as determined by Customer’s business address on the Order, if specified) and determines which table row applies to Customer.

Contracting Entity Table
Customer LocationContracting EntityOverdue PaymentsGoverning Law, Venue & Jurisdiction
AmericasEthixbase360, Inc. registered in Maryland, USA FEIN 41-2260954, Corporate Address – 1910 Towne Centre Boulevard, Suite 250, Annapolis, Maryland 21401.3% per year above the Federal Reserve Board interest rateState of Maryland, USA
APACEthixbase 360 Pte. Limited incorporated and registered in Singapore with company number 201131414M whose registered office is at 600 North Bridge Road, #23-01 Parkview Square, Singapore 188778.3% per year above the Monetary Authority of Singapore Base rateSingapore
Rest Of WorldEthixbase UK Limited incorporated and registered in England & Wales with company number 10651805 whose registered office is at 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX3% per year above Bank of England Base rateEngland & Wales

18.2 An Agreement and disputes or claims relating to an Agreement (including non-contractual disputes or claims) is governed by and construed under the law of the jurisdiction specified in the Contracting Entity Table.  The courts of that jurisdiction shall have non-exclusive jurisdiction to settle such disputes or claims.

19 English Language

If an Agreement is translated into a language other than English, the English-language version of an Agreement shall take precedence in the event of conflicts in interpretation or translation.

Ethixbase360 Terms and Conditions for the Supply of Services – Part 2

The Terms in this Part 2 apply to the provision of Collaborative Reports in addition to the Terms set out in Part 1.  In the case of conflict between Part 1 and Part 2 of the Terms, Part 2 prevails in relation to Collaborative Reports.

Data Protection Relationships

Collaborative Reports rely on information provided to Ethixbase360 by the Collaborative Report Subject.  Collaborative Report Subject is the Controller of Collaborative Report Data. Ethixbase360 includes Collaborative Report Data in a Report on the written instructions of the Collaborative Report Subject.

A Collaborative Report may be paid for by the Collaborative Report Subject or another Customer. Customer paying for a Collaborative Report is the Controller of that Report.

If Customer allows the release of a Collaborative Report to a third party (including to a Collaborative Report Subject) that third party is an independent Controller of the copy of the Collaborative Report released to it.

Ethixbase360 acts as Processor to Customer and, in if different, to Collaborative Report Subject in respect of Collaborative Report Data.

1. Interpretation. The additional definitions in this paragraph apply to the provision of Collaborative Reports. If a definition in this part 2 duplicates a definition in Part 1, the definition in this Part 2 will instead apply in Part 1 in relation to Collaborative Reports.

Authorised Recipient: a party to whom Collaborative Report Subject allows the release of Collaborative Report Data within a Collaborative Report.

Certification Date: the date a Certification Report is issued in final form by Ethixbase360.

Certification Report: a Collaborative Report purchased on a Subscription basis.

Collaborative Report: a Report that includes Collaborative Report Data.

Collaborative Report Data: information and data (including Personal Data) provided to Ethixbase360 by a Collaborative Report Subject to be included in a Collaborative Report.

Collaborative Report Subject: the Third Party that is the primary subject of a Collaborative Report.

Customer: (a) the party ordering a Collaborative Report identified in an Order and (b) (if different) Collaborative Report Subject in relation to Collaborative Report Data. 

Owner Data: (a) the information and data identified in paragraph 2.1, other Owner Confidential Information including Owner Personal Data processed through the Ethixbase360 Platform.

Released Report: a copy of a Collaborative Report released to an Authorised Recipient.

Renewal Term: has the meaning specified in paragraph 6.1.

Year: each successive 12-month period of the Term starting on the Certification Date.

2. Owner Data

2.1The Owner is identified in the table below.  Ethixbase360’s responsibilities for Owner Data are owed only to the Owner. 

Owner DataOwner/Controller
Collaborative Report DataCollaborative Report Subject
Collaborative Report (including  Collaborative Report Data in Collaborative Report)Customer paying for Report
Released Report (including  Collaborative Report Data in Released Report )Authorised Recipient

3. Customer’s obligations

3.1 Collaborative Report Subject warrants and undertakes to Ethixbase360 that all information it provides to Ethixbase360 in connection with the Collaborative Report is and will be true and accurate and not misleading.

4. Confidentiality

4.1 Certification Report Subject may disclose its Certification Report without restriction.

4.2 Ethixbase360 will disclose Collaborative Report Data in a Report to an Authorised Recipient if instructed to do so in writing by Collaborative Report Subject.  If Ethixbase360 cannot complete a Collaborative Report as the result of Collaborative Report Subject’s failure to provide  necessary information or cooperation or due to the identification of unacceptable reputational risks, the instruction will apply to the latest draft of the Collaborative Report at the date of this confirmation.  Ethixbase360 is authorised to tell the Authorised Recipient about the reasons for non-completion. 

4.3 Ethixbase360 has no control over the use by Authorised Recipient of a Collaborative Report or  Collaborative Report Data within it.  Authorised Recipient is an independent Controller of the Released Report and  Personal Data within it.  

4.4 Collaborative Report Subject shall indemnify Ethixbase360 against liabilities, losses, damages, costs and expenses suffered or reasonably incurred by Ethixbase360 in connection with the authorised release by Ethixbase360 of Collaborative Report Data or Collaborative Report Subject profile in accordance with an Agreement. 

4.5 Ethixbase360 may keep a public register of Certification Report Subjects.  Published information is limited to Certification Report Subject name, Ethixbase360 ID number, whether the Certification Report Subject has identified as woman-owned or minority-owned and Certification Report Subject industry, service, headquarters country, and web address.

5 Basis of Provision of Collaborative Reports

5.1 Collaborative Reports depend on the accuracy of Collaborative Report Data.  When possible, Ethixbase360 takes reasonable steps to verify this accuracy.   In most cases such information is not capable of independent verification and Ethixbase360 must rely on the information from the Collaborative Report Subject.  Ethixbase360 cannot give assurance that this information is comprehensive, correct or current.

5.2 Ethixbase360 does not have to complete a Collaborative Report if, in its reasonable discretion, Collaborative Report Subject has not co-operated to the extent necessary, has not provided complete and accurate information or presents an unacceptable reputational risk.

5.3 Ethixbase360 may decide (a) not to begin or not to complete a Collaborative Report or (b) to revoke a Certification Report or to not issue an Ethixbase360 ID number.

5.4 Ethixbase360 may provide functionality within the Ethixbase360 Platform for Certification Report subject to grant access to its profile information and or Certification Report to third parties.  Certification Report subject is responsible for the accuracy of this information and for granting this access.

6.  Renewal

6.1 Renewal of Certification Report Subscriptions.  A Certification Report Subscription begins on the Certification Date and renews automatically for an additional Year on each anniversary of the Certification Date (each, a Renewal Term) provided that:

6.1.1  information required by Ethixbase360 to update the Certification Report has been provided by the Certification Report Subject and

6.1.2 the Price has been paid by Customer,

by the anniversary of the Certification Date.  Ethixbase360 shall determine whether a Certification Report Subscription has automatically renewed.

Ethixbase360 Terms and Conditions for the Supply of Services – Part 3

The Terms in this Part 3 apply to the provision of Research Subscriptions in addition to the Terms set out in Part 1.  In the case of conflict between Part 1 and Part 3 of the Terms, Part 3 prevails in relation to Research Subscriptions.

1. Interpretation. The additional definitions and rules of interpretation in this paragraph apply to the provision of a Research Subscription. If a definition in this part 3 duplicates a definition in Part 1, the definition in this Part 3 will instead apply in Part 1 in relation to a Research Subscription.

Platform Allocation:  the amount of any amount of the Price for a Research Subscription allocated to the Ethixbase360 Platform as set out in the Order.

Research Discount: any discount for a Year specified in a Research Subscription Order.

Research Subscription Price: the Price paid for a Research Subscription for a Year as set out in the Order excluding any Platform Allocation, Research Discount or value added or other sales tax.

Research Subscription:  EDD Reports or Collaborative Reports provided on a Subscription basis.

2 Using a Research Subscription 

2.1 Each Year, Customer may use the aggregate of the Research Subscription Price and the Research Discount for that Year as credit against the cost of EDD or Collaborative Reports purchased at Ethixbase360’s then prevailing rate card price.  The amount of up to 25% of the Research Subscription Price paid for a Year and unused in that Year may be used as credit against the cost of EDD or Collaborative Reports purchased during the first three (3) months of the next Year. Otherwise, no amount of the Research Subscription Price or Research Discount is refundable or capable of being applied to a subsequent Year. 

2.2 The Platform Allocation will be allocated to a subscription to the Ethixbase360 Platform for the Term. Termination of a Research Subscription will not prevent the associated Subscription to the Ethixbase360 Platform from entering into a Renewal Period unless specifically stated in the termination notice. 

2.3 Customer will not receive the benefit of the Research Discount for a Year if the full Research Subscription Price for that Year is not paid in full on the due date.

Ethixbase360 Terms and Conditions for the Supply of Services – Part 4

The Terms in this Part 4 apply to the provision of Cyber Services in addition to the Terms set out in Part 1.  In the case of conflict between Part 1 and Part 4 of the Terms, Part 4 prevails in relation to Cyber Services.

1 Interpretation.

The additional definitions and rules of interpretation in this paragraph apply to the provision of Cyber Services. If a definition in this part 4 duplicates a definition in Part 1, the definition in this Part 4 will instead apply in Part 1 in relation to Cyber Services.

Assets: all Third Party systems, applications and networks and application URL’s, ISPs and/or other systems in relation to which Cyber Third Party Services are performed.

Authorisation:  written authorisation from Asset’s legal owner(s) to carry out Cyber Third Party Services in Ethixbase360’s standard form.

S-RM: S-RM Intelligence and Risk Consulting Limited or one of its affiliates.

1.1 Cyber Third Party Services are performed by S-RM as subcontractor and sub-processor to Ethixbase360.

1.2 In order to provide certain of the Cyber Third Party Services, Ethixbase360 requires Authorisation. Ethixbase360 will not provide Cyber Active Scan and Monitor Cyber Third Party Services for any Assets without Authorisation.

1.3 Customer shall provide reasonable assistance to obtain Authorisation. Ethixbase360 will perform the Cyber Third Party Services in the belief that it has all appropriate consents, permits and permissions from all Asset owner(s).

1.4 The Cyber Third Party Services are provided utilising industry experts and following Good Industry Practice. However, Ethixbase360 and S-RM do not warrant or represent that the Cyber Third Party Services will detect or identify all security and network threats to Assets, prevent intrusions or damage or will avoid, prevent or resolve a database compromise, data breach, or other security incident.

1.5 Ethixbase360 and S-RM may use aggregated Usage Data relating to Cyber Third Party Services including for (a) statistical, trend analysis and reporting (b) machine learning (c) product and service improvements (d) training (e) new product development provided such use does not identify Customer, Asset owner or any of the Confidential Information of either of them.

1.6 Ethixbase360 and S-RM may use machine learning or generative Artificial Intelligence algorithms to supplement the provision of Cyber Third Party Services, including algorithms provided by third parties. Ethixbase360 recognises the inherent limitations of these algorithms and take reasonable steps to mitigate these risks. Without impacting Ethixbase360’s obligations relating to the security of Owner Data under each Agreement, Customer consents to Ethixbase360’s use of these algorithms.

1.7 Ethixbase360 may terminate or suspend the provision of Cyber Third Party Services or any part thereof if the data required to perform such services becomes unavailable due to a change in law or regulation or is not available to procure on reasonable commercial terms.

On-Demand Webinar: ‘FCPA Trends to Watch: From Incentive Programs to Ephemeral Messaging Communications and Beyond’

Watch Now