By Risk Area

Third-Party Risk Management
Environmental, Social & Governance
Anti-Bribery & Corruption
Modern Slavery & Forced Labor
Supply Chain Due Diligence

By Role

A compilation of articles, highlighting the depth and complexity of this world wide problem. 

A compilation of articles, highlighting the depth and complexity of this world wide problem. 

company

A compilation of articles, highlighting the depth and complexity of this world wide problem. 

Ethixbase360 Terms and Conditions for the Supply of Services

Terms & Conditions active from 27 March 2023 to 29 February 2024. Please see below for previous and current versions.

 

About Ethixbase360

Ethixbase360 supports its customers to manage supplier and other third-party risks with a focus on corporate sustainability and other ESG risk factors including antibribery and corruption, human rights, modern slavery and the environment.

Ethixbase360 services include cloud-based due diligence platforms, risk assessment tools and custom due diligence and certification reports. Risk data is provided by: (a) publicly available information sourced from third party content providers; (b) the entity or individual that is the primary subject of a report; or (c) from Customer’s actual or prospective business partners. 

Data Protection Relationships

Collaborative Reports rely on information provided by the Report Subject.  All other Reports are prepared without interaction between Ethixbase360 and the subject of the report.  A Collaborative Report may be paid for by the Collaborative Report Subject or another Customer.

Ethixbase360 acts as Processor to the Collaborative Report Subject in relation to the Collaborative Report and all personal data provided by the Collaborative Report Subject.  The Collaborative Report Subject is the Controller even if another Customer has paid for the Collaborative Report.   Ethixbase360 may only release a copy of the Collaborative Report to a third party on the written instructions of the Report Subject.

If the Collaborative Report Subject authorises the release of a Collaborative Report to a third party, that third party is an independent Controller of the copy of the Collaborative Report released to it.  Ethixbase360 is the third party’s Processor in relation to (a) any copy of the Collaborative Report released to the third party; and (b) any personal data provided by the third party, in each case while stored on the Ethixbase360 Platform.  

In relation to all other Reports, Ethixbase360 acts as Processor to Customer and Customer is Controller. 

Status of these terms and conditions

These terms and conditions (Terms) and each Order create a separate agreement between Ethixbase360 and Customer in respect of the supply of Services.

If Customer clicks online to indicate acceptance of the Terms, makes payment based on an Order that references the Terms or continues to use Services, Customer has agreed to the Terms. Ethixbase360 is not obliged to accept any order for Services placed by email, but if such order is accepted, it will be subject to the Terms. 

Ethixbase360 does not accept other terms or conditions that Customer attempts to impose including those associated with any Customer purchase order. Such other terms and conditions will not apply to an Order.

Customer must ensure that Permitted Recipients and Authorised Users that access Services or Ethixbase360 Data comply with an Agreement.

Ethixbase 360 shall be entitled to assume that all Customer’s and Permitted Affiliates’ employees, directors and officers who give instructions to Ethixbase360 are authorised to do so and that Ethixbase360 may act on oral instructions.

Generally, the Terms prevail in the case of conflict between the Terms and an Order. However the Order will prevail if it refers to a specific provision of the Terms and an intention to vary it. The DPA will always prevail in relation to the processing of Owner Personal Data.

  1. Interpretation. The definitions and rules of interpretation in this clause apply to an Agreement.

Affiliate: another entity that controls, is controlled by, or is under common control of a party. Control of a party means ownership, whether directly or indirectly, of more than 50% of the entire ownership interest in the party or of the party’s voting stock, or the right and power to direct the party’s affairs.

Agreement: each separate agreement between Ethixbase360 and Customer made up of an Order and the Terms.

Authorised Users: Customer employees and independent contractors while performing services for Customer who are authorised to use Services and Ethixbase360 Data up to any maximum number specified in the Order.

Authorised Recipient: any party to whom Collaborative Report Subject authorises the release of a Collaborative Report.

Certification Date: the date a Certification Report is issued in final form by Ethixbase360.

Certification Report: a Collaborative Report provided on a Subscription basis.

Collaborative Report: a Report that includes information provided to Ethixbase360 by the Collaborative Report Subject.

Collaborative Report Subject: the legal entity or individual(s) that is/are the primary subject of a Collaborative Report; 

Confidential Information: the terms of an Agreement including the Price and information of a party that is proprietary or confidential, including (for Ethixbase360) Ethixbase360 Data and (for Owner) Owner Data, and is either clearly labelled as such or should reasonably be considered confidential by the receiving party.

Content Provider: a third-party provider of any part of Ethixbase360 Data.

Controller”, “Data Subject”, “Personal Data”, “personal data breach” “Processor” and “processing” shall have the meanings attributed to them in the DPA.

Customer: (a) the party ordering Services identified in an Order; and (b) if different in relation to a Collaborative Report, the Collaborative Report Subject.  

Customer Systems: (a) computer or electronic processing equipment; (b) communication networks; (c) the internet; (d) other equipment, applications or software used by Customer, excluding in each case Services.

Data Protection Legislation: has the meaning given in the DPA.

Deliverables: deliverables produced or made available by Ethixbase360 in connection with Services. 

Documentation: documents and materials containing information regarding Services made available by Ethixbase360 from time to time.

DPA: Ethixbase360’s data processing agreement found at https://ethixbase360.com/ethixbase-data-processing-agreement/ .

EDD Reports: Ethixbase360 Enhanced Due Diligence Reports.

ESG Laws: all laws, statutes and regulations applicable to Ethixbase360 in the provision of Services relating to (a) anti-bribery and anti-corruption; (b) anti-slavery and human trafficking; (c) the protection of the environment.

Ethixbase360: the Ethixbase360 entity identified in Section 18.

Ethixbase360 Data: data and information including alerts, reports, text, photographs, audio, video and graphics provided by Ethixbase360 through Services, including such data and information sourced from Content Providers.  Ethixbase360 Data does not include Owner Data.

Ethixbase360 Platform: any cloud-based platform provided by Ethixbase360 on a Subscription basis.

Force Majeure: an event or sequence of events beyond a party’s reasonable control (after exercise of reasonable care to put in place information security, back-up and disaster recovery arrangements) preventing or delaying it from performing its obligations under an Agreement but excluding any circumstances resulting in Customer’s inability to pay the Price.

High Risk Data: information and data of the type described at the following location https://9464230.fs1.hubspotusercontent-na1.net/hubfs/9464230/Website/Legal%20Docs/Ethixbase360%20High%20Risk%20Information%20Categories.pdf

Initial Term: the initial term of an Agreement for a Service starting on the Order Start Date and ending on the expiry of the number of months from the Order Start Date specified in the Order. The Initial Term specified in an Order may be different for different Services.

Intellectual Property Rights: trade secrets, patents and patent applications, trade marks (registered or unregistered, including goodwill accruing thereto), service marks, trade names, business names, internet domain names, copyrights, moral rights, database rights, design rights, rights in inventions, all other intellectual property and proprietary rights (registered or unregistered), and other equivalent or similar rights which may subsist anywhere in the world, and any application for the foregoing.

Order: an Ethixbase360 ordering document, statement of work or online order or registration form specifying Services to be provided by Ethixbase360.

Order Start Date: the start date specified in an Order (or if no such date is specified the date of the last signature of an Order) or, in relation to an online Order, the date the Order is placed.

Owner: the owner of all rights including Intellectual Property Rights in Owner Data identified in clause 4.1.

Owner Data: (a) the information and data identified in clause 4.1; (c) other Owner Confidential Information; (d) Owner Personal Data.

Owner Personal Data: has the meaning given in the DPA.

Modern Slavery Module: the Modern Slavery Due Diligence module provided on a Subscription basis.

Permitted Affiliate: an Affiliate of Customer identified as such in the Order.

Permitted Purpose: as defined within clause 2.1.

Permitted Recipients: (a) Authorised Users; (b) to the extent necessary for the Permitted Purpose, Customer’s officers, employees, regulators and professional advisors; (c) other third parties agreed by Customer and Ethixbase360.

Platform Allocation:  if you have a Research Subscription, the amount of the Price if any allocated to the Ethixbase360 Platform as set out in the Order.

Price: the price or charges for Services specified in the Order or agreed between Customer and Ethixbase360 in writing from time to time.

Project Services: professional or other services provided by Ethixbase360 as set out in an Order.

Release:  a written instruction from Collaborative Report Subject to disclose a Collaborative Report to a third party in Ethixbase360’s standard form.

Released Report: any copy of a Collaborative Report released to an Authorised Recipient.

Renewal Term: has the meaning specified in clauses 13.1 and 13.2.

Reports: any due diligence report provided to Customer as part of Services including through the Ethixbase360 Platform.

Research Carry Over: up to 25% of the Research Subscription Price paid for the Year prior to a Renewal Term.

Research Discount: the amount of discount for any Year specified in a Research Subscription Order.

Research Subscription Price: the Price paid for a Research Subscription for any Year as set out in the Order excluding any Platform Allocation, Research Discount, Research Carry Over or value added or other sales tax.

Research Subscription:  EDD Reports provided on a Subscription basis.

Services: the Ethixbase360 services ordered by Customer as specified in an Order and associated Deliverables and Documentation.

Start Date: the earlier of the Order Start Date or the date on which Ethixbase360 begins to provide Services.

Subscription: Services bought  by Customer on a recurring basis as identified in an Order. 

Term: the total period of an Agreement.

Training Bundle: means the modules of online training Services selected by Customer as identified in an Order;

Virus:  any program which contains malicious code or infiltrates or damages a computer system or is designed to do so or which is hostile, intrusive or annoying and has no legitimate purpose.

Voucher: any voucher or pre-paid credit bought by Customer to be redeemed against the future cost of Services.

Website: Ethixbase360’s websites including https://Ethixbase360.com/, https://eb2.Ethixbase360.com/index? and other web domains owned by Ethixbase360 or its Affiliates as updated from time to time.

Year: each successive 12 month period of the Term starting on the Start Date or, in the case of a Certification Report, starting on the Certification Date.

1.2. Clause, schedule and paragraph headings shall not affect the interpretation of an Agreement. References to clauses and schedules are to the clauses and schedules of an Agreement.

1.3. A person includes an individual and an incorporated or unincorporated body.

1.4. Unless the context otherwise requires, words in the singular include the plural and vice versa. A reference to one gender includes all genders.

1.5. A reference to a statute or statutory provision is a reference to it as it is in force as at the date of an Agreement and includes subordinate legislation made as at the date of an Agreement under that statute or statutory provision.

1.6. If the word “including” or similar words are used before describing items, such items are examples only and should not be regarded as an exhaustive list.

  1. Licence and Usage Restrictions

2.1. Ethixbase360 grants Customer a non-exclusive, non-transferable right to use Services and Ethixbase360 Data during the Term solely for the purposes of managing Customer’s internal, legal or regulatory compliance obligations with respect to (a) supply chain sustainability or ESG risk factors  (b) regulatory and suspicious activity reporting (c) sanctions (d) embargoes (e) financial crime (f) other regulatory risks and associated obligations (the “Permitted Purpose”). 

2.2 Customer may not allow any Affiliate (other than a Permitted Affiliate) to use, access or benefit from the Services or the Ethixbase360 Data. No Permitted Affiliate shall be entitled to a separate instance of the Ethixbase360 Platform and EthixBase360’s obligations under clause 10 and DPA shall be interpreted accordingly.

2.3. Customer shall not when using Services or Ethixbase360 Data access, store, distribute or transmit any (a) Virus; or (b) material that (i) is illegal, harmful, threatening, defamatory, obscene, infringing, harassing or offensive; (ii) is invasive of another’s privacy, intellectual property or other legal rights; (iii) High Risk Data.

2.4. Customer shall not except as permitted by an Agreement or applicable law incapable of exclusion by agreement: (a) share, republish, or distribute any portion of Services or Ethixbase360 Data; (b) creative derivative works of, adapt, reverse engineer, decompile, disassemble or modify any portion of Services or Ethixbase360 Data; (c) access any part of Services or Ethixbase360 Data for competitive purposes; (d) commercially exploit, or otherwise make Services or Ethixbase360 Data available to any third party; (e) attempt to obtain, or assist third parties to attempt to obtain, access to Services or Ethixbase360 Data other than as permitted by an Agreement; or (f) access and/or use the Ethixbase360 Platform via mechanical, programmatic, robotic, scripted or other automated search means, other than approved by Ethixbase360.

2.5. Customer shall: (a) implement reasonable measures (and no less stringent than its own information security measures) to ensure only Authorised Users can access Services and Ethixbase360 Data; (b) ensure that passwords or other security credentials are kept secure and not shared by Authorised Users; (c) make only the number of copies of Reports as are needed for the Permitted Purpose; (d) immediately notify Ethixbase360 and take steps to investigate and mitigate the impact of unauthorised use of, access to or transmission of Services or Ethixbase360 Data and cooperate with Ethixbase360 accordingly; (e) not probe, scan, penetrate or test the vulnerability of Services; (f) not breach the Ethixbase360 security or authentication measures, whether by passive or intrusive techniques.

2.6 To ensure the normal performance of the Ethixbase360 Platform during the performance of any benchmark tests by Customer or on its behalf, Customer must not carry out any such tests without reasonable, prior consultation with Ethixbase360. If requested, Customer must provide Ethixbase360 with access to and the co-operation of, any third party Customer intends to use to perform benchmark tests.  The results of any benchmark tests must be for Customer’s internal use only and not for external publication.

2.7  Customer must attribute Ethixbase360 Data to the original source identified within Reports and not to Ethixbase360 or any Content Provider.

2.8  Customer shall indemnify Ethixbase360 against all liabilities, losses, damages, costs and expenses suffered or reasonably incurred by Ethixbase360 in connection with any claim by any Content Provider due to a breach of an Agreement by Customer.

  1. Use of Services in relation to Individuals

3.1. Customer shall not use Services or Ethixbase360 Data in whole or in part (a) to establish an individual’s eligibility for credit, insurance, other financial services, government benefits or licences; (b) to evaluate an individual for employment, promotion, reassignment or retention as an employee; (c) for debt collection purposes; or (d) to determine whether an individual continues to meet the terms of the credit or prepayment risks associated with an existing account.

3.2  Customer may use Services or Ethixbase360 Data in connection with an investigation of its employees relating to (a) suspected misconduct relating to employment; (b) compliance with the law or regulations, the rules of a self-regulatory organisation, or pre-existing written employment policies of the employer.

3.3. Information obtained from Services or Ethixbase360 Data and used in accordance with clause 3.2  will not be: (a) used for the purpose of investigating a consumer’s credit worthiness, credit standing, or credit capacity; (b) provided to any person except: (i) to the employer or an agent of the employer, (ii) to any state or local government officer, agency, or department, (iii) to any self-regulatory organisation with regulatory authority over the activities of the employer or employee, (iv) as otherwise required by law.

3.4. Nothing in this clause 3 will limit Customer’s right to use Services or Ethixbase360 Data for the Permitted Purpose.

3.5 Customer shall indemnify Ethixbase360 against all liabilities, losses, damages, costs and expenses suffered or reasonably incurred by Ethixbase360 in connection with a breach of this clause 3.

  1. Owner Data

4.1. The Owner is identified in the table below.  Ethixbase360’s responsibilities for Owner Data are owed solely to the Owner. 

Type of Service

Owner and Owner Data

Collaborative Report

Collaborative Report Subject is the Owner of the Collaborative Report (other than the Released Report), all data and information (including Personal Data) provided by Collaborative Report Subject to Ethixbase360, all output from research undertaken by Ethixbase360.

Authorised Recipient is the Owner of the Released Report, all data and information (including Personal Data) provided by Authorised Recipient to Ethixbase360.

All other Services

Customer paying for the Services.

4.2 Owner owns all Intellectual Property Rights in Owner Data (excluding Ethixbase360 Data within Reports) and has sole responsibility for the legality, reliability, integrity, accuracy and quality of Owner Data. Owner must keep back-up copies of Owner Data.

4.3. If Owner Data is lost or damaged by Ethixbase360, as Customer’s sole and exclusive remedy, Ethixbase360 will use reasonable commercial endeavours to restore the lost or damaged Owner Data from the latest back-up maintained by Ethixbase360 in accordance with its internal policies. Ethixbase360 is not responsible for loss, destruction, alteration or disclosure of Owner Data caused by any third party (except those third parties sub-contracted by Ethixbase360 to perform services related to Owner Data maintenance and back-up).

4.4. The terms of the DPA are incorporated by reference and apply to the processing of Owner Personal Data as defined in the DPA.

4.5 Ethixbase360 may use, share and retain anonymised Owner Data and other data relating to Customer’s use of the Services.  Once anonymised, Ethixbase360 may use such data for its own purposes including for (a) statistical and trend analysis and reporting; (b) machine learning; (c) product and service improvements; (d) new product development. Ethixbase360 owns the Intellectual Property Rights in such anonymised data and the output from usage of that data.

  1. Content Providers

Customer may require a separate license from a Content Provider to access the full content of Ethixbase360 Data provided by that Content Provider. Ethixbase360 is not a party to and has no responsibility under such license or in relation to any transaction completed with the Content Provider.

  1. Ethixbase360’s obligations

6.1. Ethixbase360 warrants that: (a) Services will be performed with reasonable skill and care; (b) it has and will maintain all necessary licences, consents, and permissions necessary for the performance of its obligations under an Agreement; (c) it will comply with all laws and regulations applicable to Ethixbase360 in the provision of Services; and (d) it will take industry standard steps designed to ensure the Services do not contain or introduce into Customer’s system any viruses, Trojan horses, worms, logic bombs or other harmful code or programs.

6.2. Without prejudice to the generality of clause 6.1, Ethixbase360 shall, in connection with the provision of Services: (a) comply with all ESG Laws; (b) not engage in activity, practice or conduct which would constitute an offence under ESG Laws; (c) notify Customer if it becomes aware of breach of this clause 6.2 or has reason to believe that it has received a request or demand for undue financial or other advantage; (d) certify to Customer compliance with this clause 6.2 within thirty (30) days of written request.  Breach of this clause is a material breach of an Agreement.

6.3. Ethixbase360 warrants that it has not been convicted of any offence under ESG Laws or been the subject of proceedings regarding offences or alleged offences in connection with ESG Laws.

6.4. Ethixbase360 shall use commercially reasonable endeavours to make the Ethixbase360 Platform available 24 hours a day, seven days a week, except for scheduled maintenance.

6.5. Ethixbase360 is entitled to modify the features and functionality of Services or Ethixbase360 Data but will not change their fundamental nature without informing Customer. Ethixbase360 may add, remove or change any Content Provider at any time. 

6.6. If Services or Ethixbase360 Data do not conform with an Agreement, Ethixbase360 will, at its expense, use reasonable commercial endeavours to correct such non-conformance promptly, or provide Customer with an alternative means of accomplishing the desired performance. Such correction or substitution constitutes Customer’s sole and exclusive remedy in relation to such non-conformance.

  1. Customer’s obligations

7.1. Customer warrants and undertakes that it shall: (a) provide Ethixbase360 with all cooperation and information as may be reasonably required by Ethixbase360 to provide Services; (b) comply with all applicable laws and regulations with respect to its use of Services and Ethixbase360 Data including in relation to privacy and confidentiality; (c) carry out all Customer responsibilities in a timely manner; (d) ensure that Authorised Users use Services and Ethixbase360 Data in accordance with Ethixbase360’s reasonable instructions; (e) maintain all necessary licences, consents, and permissions necessary to enable Ethixbase360 to perform its obligations under an Agreement, including in relation to Owner Data; (f) ensure that Customer Systems are compatible with Services.

7.2 If you are a Collaborative Report Subject, you warrant and undertake to Ethixbase360 that all information your provide to Ethixbase360 in connection with the Collaborative Report is and will be true and accurate and not misleading.

7.3. If performance of Project Services is delayed at Customer’s request or because of Customer’s acts or omissions: (a) time for performance of Ethixbase360’s obligations will be extended to take account of such delay; (b) Ethixbase360 will use reasonable commercial endeavours to redeploy its personnel allocated to the Project Services to other engagements and will work with Customer to agree an alternative start date.  If Ethixbase360 is unable to redeploy such personnel for any part of the delay, it reserves the right to charge Customer for lost days at the Prices specified in the Order; (c) if Ethixbase360 can demonstrate that such delay has resulted in an increase in cost to Ethixbase360 of carrying out the Project Services, Ethixbase360 may increase the applicable Prices by an amount not exceeding such cost.  Ethixbase360 may invoice Customer for additional amounts payable within 30 days of providing details of the increase.

  1. Charges and payment

8.1. Customer shall pay the Price in accordance with the Order and this clause 8. 

8.2. Each Year, Customer may use the aggregate amount of the Research Subscription Price and the Research Discount for that Year as credit against the cost of EDD Reports purchased at Ethixbase360’s then prevailing rate card price.  If the Research Subscription enters into a Renewal Term, the amount of the Research Carry Over may be used as credit against the cost of EDD Reports purchased during the first 3 months of the Renewal Term. Otherwise, no amount of the Research Subscription Price or Research Discount is refundable or capable of being applied to a subsequent Year. 

8.3. The Platform Allocation will be allocated to a subscription to the Ethixbase360 Platform for the Initial Term set out in the Order.

8.4. Customer shall pay the Price within thirty (30) days of receipt of Ethixbase360’s invoice or by such other payment method agreed by Ethixbase360 in writing. Customer must tell Ethixbase360 of any payment dispute within 15 days of the date of receipt of the invoice.

8.5. If Ethixbase360 has not received payment of the Price by the due date, and without prejudice to its other rights and remedies, Ethixbase360 may: (a) suspend provision of the Services until the Price is fully paid; (b) charge Customer interest on overdue payments at the rate specified in the Contracting Entity Table in Section 18 on the amount overdue; (c) retain Owner Data until such time as any outstanding amounts have been paid in full; or (d) terminate an Agreement in accordance with clause 13.3.   Customer will not receive the benefit of the Research Discount for any Year if the full amount of the Research Subscription Price for that Year is not paid in full on the due date.  Customer will be liable for any legal or other reasonable costs incurred by Ethixbase360 in the collection of overdue amounts.

8.6. The Price is: (a) payable in the currency specified in the Order; (b) non-refundable; (c) exclusive of value-added or sales taxes or duties which Customer is responsible for paying; (d) must be paid without withholding or deduction. If the law requires Customer to deduct withholding tax from the Price, Customer must pay Ethixbase360 an amount that ensures its net receipt is the same as it would have been if the payment had not been subject to such withholding.

8.7. By providing not less than ninety (90) days written notice prior to the start of any Year, Ethixbase360 may increase the Price for Services for that Year by any increase in the Consumer Price Index published by the Office for National Statistics  (www.ons.gov.uk) for a 12 month period ending prior to the start of that Year.  

8.8.  No part of the Price paid is refundable or capable of being applied to a subsequent Renewal Term or new agreement if Customer does not: (a) order the number of Reports specified in a Research Subscription Order; or (b) redeem the full value of a Voucher within 12 months of it being bought.  A Training Bundle will expire and cannot be used on the expiry of the period set out in the Order.

  1. Intellectual Property Rights

9.1. Ethixbase360 warrants it is entitled to allow Customer to use Services and Ethixbase360 Data in accordance with the terms of an Agreement.

9.2. Ethixbase360 owns all Intellectual Property Rights in Services and the Website. Content Providers and/or their licensors own all Intellectual Property Rights in Ethixbase360 Data provided by them and the compilation of such Ethixbase360 Data.

9.3. Except as expressly stated, an Agreement does not grant Customer any rights to Intellectual Property Rights in Services, Ethixbase360 Data or its compilations or the Website.

9.4. Customer must not access or use Services or Ethixbase360 Data in any manner that infringes the Intellectual Property Rights of Ethixbase360, any Content Provider or its or their licensors.

9.5.  Customer must store only insubstantial portions of and will not data or text mine Ethixbase360 Data. Customer will not store or use any portion of Ethixbase360 Data (a) in a searchable database created by or on behalf of Customer; (b) in a manner that allows manual, automated or machine-assisted indexing or classification.  Nothing in this clause will prevent Customer from storing Reports in its ordinary, internal document management and storage systems for archiving purposes and to comply with Customer’s regulatory or legal obligations.

9.6. Customer will not remove copyright notices, proprietary markings, trademarks or trade names from Services or Ethixbase360 Data.

9.7. Customer or its Authorised Users may, from time to time, submit comments, information, questions, data, ideas, description of processes, or other information to Ethixbase360 (“Feedback”). Ethixbase360 is free to use, disclose, reproduce, license, create derivative works of or otherwise exploit Feedback without obligation to or restriction from, Customer.

  1. Confidentiality

10.1. A party may be given access to the Confidential Information of the other party in order to perform its obligations or exercise its right under an Agreement. A party’s Confidential Information shall not include information that: (a) is or becomes publicly known other than through act or omission of the receiving party (provided that Ethixbase360 Data will be treated as Ethixbase360 Confidential Information even if derived from sources in the public domain); (b) was in the receiving party’s lawful possession before the disclosure; (c) is lawfully disclosed to the receiving party by a third party without known restriction on disclosure; or (d) is independently developed by the receiving party, which independent development can be shown by written evidence.

10.2. Subject to clause 10.3 and 10.4, each party shall take reasonable steps (no less stringent than the steps it takes to protect its own Confidential Information) to hold the other’s Confidential Information in confidence and shall not: (a) make the other’s Confidential Information available to any third party; or (b) use the other’s Confidential Information for purposes other than to exercise its rights or perform its obligations under an Agreement.  Subject to clause 10.3, a party may disclose the other party’s Confidential Information to the disclosing party’s officers, employees and service providers or those of its Affiliates to the extent necessary to provide or receive the Services.  The disclosing party will ensure that any such recipient complies with the terms of this clause 10.

10.3. A Collaborative Report Subject may disclose its Collaborative Report without restriction. Subject to that and clause 10.5, Customer may not disclose Ethixbase360 Data or Reports other than to Permitted Recipients to the extent required for the Permitted Purpose. Customer shall ensure Permitted Recipients comply with this clause 10.  

10.4. Ethixbase360 will disclose a Collaborative Report to an Authorised Recipient if instructed to do so in writing by the Collaborative Report Subject.  If Ethixbase360 is unable to complete a Collaborative Report as the result of Collaborative Report Subject’s failure to provide any necessary information or co-operation or due to the identification of unacceptable risks, the Release will apply to the latest draft of the Collaborative Report at the date of such confirmation.  Ethixbase360 is authorised to notify the Authorised Recipient of the reasons for non-completion.  Collaborative Report Subject shall ensure that any Authorised Recipient keeps the Collaborative Report confidential.  Ethixbase360 has no control over the use of a Collaborative Report or any personal data contained within it by Authorised Recipient.  Authorised Recipient is a separate Controller of the Released Report.   Prior to authorising disclosure, it is the responsibility of Collaborative Report Subject to ensure appropriate arrangements are in place with Authorised Recipient governing the confidentiality of a Collaborative Report and the Processing of personal data within it.  Collaborative Report Subject shall indemnify Ethixbase360 against all liabilities, losses, damages, costs and expenses suffered or reasonably incurred by Ethixbase360 in connection with the release by Ethixbase360 of a Collaborative Report or Collaborative Report Subject profile in accordance with an Agreement.  

10.5 Ethixbase360 may keep a public register of Certification Report Subjects.  Published information shall be limited to Certification Report Subject name, Ethixbase360 ID number, whether the Certification Report Subject has identified as woman-owned or minority-owned and Certification Report Subject industry, service, headquarters country, and web address.

10.6. A party may disclose Confidential Information to the extent such Confidential Information is required to be disclosed by law, by any governmental or other regulatory authority or by a court or other authority of competent jurisdiction, provided that, to the extent it is legally permitted to do so, it gives the other party as much notice of such disclosure as possible and takes into account the reasonable requests of the other party in relation to the content of such disclosure.

10.7. On termination of an Agreement, Ethixbase360 shall securely dispose of Owner Confidential Information unless, within 30 days of termination, Owner requests Ethixbase360 to return (and thereafter promptly to delete) Owner Data at Owner’s cost.  Following receipt of a request, Ethixbase360 shall use reasonable commercial endeavours to deliver to Owner a copy of the then most recent back-up of Owner Data within 30 days of receipt of such request.  Ethixbase360 shall have no obligation to deliver such copy unless Owner has paid all fees and charges outstanding at or resulting from termination (whether or not due at the date of termination).  Ethixbase360 shall be entitled to retain Customer Confidential Information (a) when required by law; or (b) when securely isolated and protected on back-up systems and deleted in accordance with Ethixbase360’s standard deletion practises.  Ethixbase360 may also keep one copy of each Report for its own internal risk management purposes for 6 years following the date of the Report.  Any retained Customer Confidential Information shall remain subject to the Terms and this clause 10.

10.8 Ethixbase360 is not responsible for loss, destruction, alteration or disclosure of Confidential Information caused by any third party.

  1. Basis of Provision of Services

11.1. Customer assumes sole responsibility for the use of and reliance on results obtained from use of Services and Ethixbase360 Data and for conclusions drawn from such use and reliance.

11.2. Customer should not rely solely upon Services or Ethixbase360 Data when making a decision to deal with any person or entity.  Information provided in Reports is in summary form.  Persons or entities identified in Reports may not be the same as the person or entity you intend to search for.

11.3. Customer must ensure that Services (including any training) and Ethixbase360 Data are sufficient to enable it to comply with its legal or regulatory obligations. Ethixbase360 does not provide legal advice and the provision of Services does not constitute the provision of legal advice.

11.4. Ethixbase360 takes reasonable steps to ensure the reliability of Content Providers.  Ethixbase360 Data is derived from sources in the public domain including sanctions lists, law enforcement and regulatory websites and media sources.  For that reason, Ethixbase360 cannot guarantee that Ethixbase360 Data is comprehensive, accurate or current.  Ethixbase360 will not be obliged to notify Customer if any Ethixbase360 Data changes other than as part of its continuous monitoring service if purchased as part of the Services.  Ethixbase360 makes no warranty or representation about and disclaims liability for the accuracy, completeness or currency of Ethixbase360 Data.

11.5 Collaborative Reports are dependent on the accuracy of information provided to Ethixbase360 by the Collaborative Report Subject.  When possible, Ethixbase360 takes reasonable steps to verify such accuracy.   However in most cases such information is not capable of independent verification and Ethixbase360 is obliged to rely on the information provided by the Collaborative Report Subject.  Ethixbase360 cannot give assurance that such information is comprehensive, accurate or current. Ethixbase360 shall be under no obligation to complete a Collaborative Report if, in Ethixbase360’s discretion, Collaborative Report Subject has not co-operated to the extent necessary or not provided complete and accurate information.

11.6 Ethixbase360 may in its discretion decide not to complete or to revoke a Certification Report or issue and Ethixbase360 ID number.

11.7. Certain algorithmic modules within the Ethixbase360 Platform including the Modern Slavery Module, Tsort and the Perceived Risk Indicator provide  indicative risk ratings only. The accuracy of the risk score generated by the module is dependent on a number of external factors which are outside the control of Ethixbase360, including Content Providers and inputs from third parties made at the request of Customer. Ethixbase360 excludes all liability associated with these external factors and any impact they may have on a risk score. 

11.8.  While every care has been taken in developing the automated risk modules within the Platform, automated decision making poses inherent risks such as potentially inaccurate, biased or otherwise flawed risk scores due to the complexity of the algorithm and reliability of third-party data used. Automated risk scores should be subject to review by Customer to determine their accuracy and suitability for Customer’s risk appetite.

11.9. Ethixbase360 may provide functionality within the Ethixbase360 Platform for Certification Report subject to grant access to its profile information and or Certification Report to third parties.  Certification Report subject will be responsible for the accuracy of such information and for granting such access.

11.10. Any dates quoted for performance of Services are estimates only.

11.11. If Ethixbase360 notifies Customer that Ethixbase360 Data must be updated or removed to avoid breaching applicable law or third-party rights, Customer will promptly do so.

  1. Limitation of liability.

12.1. EXCEPT AS EXPRESSLY PROVIDED IN AN AGREEMENT: (A) ALL WARRANTIES, REPRESENTATIONS, CONDITIONS AND ALL OTHER TERMS OF ANY KIND WHATSOEVER IMPLIED BY STATUTE OR COMMON LAW INCLUDING IN RELATION TO MERCHANTABLE QUALITY OR FITNESS FOR PURPOSE, ARE, TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, EXCLUDED FROM AN AGREEMENT; (B) SERVICES AND ETHIXBASE360 DATA ARE PROVIDED TO CUSTOMER ON AN “AS IS/AS AVAILABLE” BASIS. THE UNITED NATIONS CONVENTION ON CONTRACTS FOR THE INTERNATIONAL SALE OF GOODS SHALL NOT APPLY TO AN AGREEMENT.

12.2. NOTHING IN AN AGREEMENT EXCLUDES A PARTY’S LIABILITY FOR: (A) DEATH OR PERSONAL INJURY CAUSED BY A PARTY’S NEGLIGENCE;  (B) FRAUD OR FRAUDULENT MISREPRESENTATION; (C) GROSS NEGLIGENCE, RECKLESSNESS, OR WILFUL MISCONDUCT; OR (D) ANY MATTER FOR WHICH IT WOULD BE UNLAWFUL FOR THE PARTIES TO EXCLUDE LIABILITY.

12.3. SUBJECT TO CLAUSE 12.1 AND CLAUSE 12.2:

12.3.1. A PARTY IS NOT LIABLE WHETHER IN TORT (INCLUDING FOR NEGLIGENCE OR BREACH OF STATUTORY DUTY), CONTRACT, MISREPRESENTATION, RESTITUTION OR OTHERWISE FOR LOSS OF PROFITS, LOSS OF BUSINESS, DEPLETION OF GOODWILL, WASTED EXPENDITURE, LOSS OF REPUTATION OR SIMILAR LOSSES OR LOSS OR CORRUPTION OF DATA OR INFORMATION, OR PURE ECONOMIC LOSS, OR FOR SPECIAL, INDIRECT OR CONSEQUENTIAL LOSS, COSTS, DAMAGES, CHARGES OR EXPENSES HOWEVER ARISING UNDER AN AGREEMENT;

12.3.2. ETHIXBASE360’S TOTAL AGGREGATE LIABILITY IN CONTRACT, TORT (INCLUDING NEGLIGENCE OR BREACH OF STATUTORY DUTY), MISREPRESENTATION, RESTITUTION OR OTHERWISE ARISING IN CONNECTION WITH AN AGREEMENT AND SERVICES IS LIMITED TO THE TOTAL PRICE PAID BY CUSTOMER FOR SERVICES GIVING RISE TO THE LIABILITY DURING THE TWELVE (12) MONTHS IMMEDIATELY PRECEDING THE DATE ON WHICH THE LIABILITY AROSE OR, IF CUSTOMER HAS NOT PAID THE PRICE, $100.00. 

12.4.  ETHIXBASE360 DOES NOT GUARANTEE THAT CUSTOMER’S USE OF SERVICES OR ETHIXBASE360 DATA WILL BE UNINTERRUPTED OR ERROR FREE.  ETHIXBASE360 SHALL HAVE NO LIABILITY FOR BREACH OF AN AGREEMENT CAUSED BY (A) CUSTOMER SYSTEMS OR THE INTERNET, (B) USE OF SERVICES OR ETHIXBASE360 DATA CONTRARY TO ETHIXBASE360’S INSTRUCTIONS, (C) MODIFICATION OR ALTERATION OF SERVICES OR ETHIXBASE360 DATA BY ANY PARTY OTHER THAN ETHIXBASE360 OR (D) USE OF THIRD-PARTY PRODUCTS OR SERVICES IN CONJUNCTION WITH SERVICES OR ETHIXBASE360 DATA.

12.5. A PARTY MAY NOT BRING AN ACTION AGAINST THE OTHER UNDER OR IN CONNECTION WITH AN AGREEMENT AND/OR ANY ORDER MORE THAN 12 MONTHS AFTER THE CLAIMING PARTY BECAME AWARE OF THE CAUSE OF ACTION OR EVENT GIVING RISE TO THE CLAIM.  A PARTY SHALL BE ENTITLED TO RECOVER ITS REASONABLE LEGAL COSTS AND EXPENSES AGAINST THE OTHER PARTY IN RELATION TO ANY SUCCESSFUL CLAIM UNDER AN AGREEMENT.

  1. Term and termination

13.1. an Agreement commences on the Start Date.

13.2. Renewal of Certification Report Subscriptions.  A Certification Report Subscription will commence on the Certification Date and will renew automatically for an additional Year on each anniversary of the Certification Date (each, a Renewal Term) provided that:

13.2.1   all information required by Ethixbase360 to update the Certification Report has been provided by; and

13.2.2 the Price has been paid by or on behalf of,

the Certification Report subject by the next anniversary of the Certification Date.  Ethixbase360 shall in its sole discretion determine whether a Certification Report Subscription has automatically renewed.

13.3 Renewal of all Other Subscriptions.  All other Subscriptions will continue for the Initial Term and will renew automatically for an additional Year on each anniversary of the Start Date (each, a Renewal Term), unless terminated by a party giving the other at least 60 days’ prior written notice to expire before the first day of the next Renewal Term.  Termination of a Research Subscription will not prevent the associated subscription to the Ethixbase360 Platform from entering into a Renewal Period unless specifically stated in the termination notice. 

13.4. Without affecting other rights or remedies available to it, Ethixbase360 may terminate an Agreement with immediate effect by giving written notice to Customer if Customer fails to pay any amount due under any Agreement on the due date for payment and remains in default not less than thirty (30) days after being notified in writing of the default.

13.5.  Without affecting other rights or remedies available to it, a party may terminate an Agreement with immediate effect by giving written notice to the other party: (a) if the other party commits a material breach of any Agreement which is irremediable or (if such breach is remediable) fails to remedy that breach within a period of 30 days after being notified in writing to do so; (b) if the other party suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or is deemed unable to pay its debts; (c) if the other party suspends or ceases, or threatens to suspend or cease, carrying on a substantial part of its business; (d) either (i) the use or provision of Services or Ethixbase360 Data may breach the export control or economic sanctions laws and regulations of any jurisdiction including the United States of America, the United Kingdom and the European Union and its Member States; or  (ii) if the other party becomes or any of its Affiliates become specially designated or sanctioned under such laws.

13.6. Ethixbase360 can suspend Customer’s rights in relation to Services if (a) Ethixbase360 has the right to terminate such rights; (b) to protect Ethixbase360’s systems or security. Suspension will not affect Ethixbase360’s rights to later terminate any Agreement.

13.7. Termination or expiry of one agreement shall not result in the termination of any other Agreement except that if Ethixbase360 terminates an agreement under clause 13.4 or 13.5, it may terminate all Agreements.

13.8. On termination of an Agreement for any reason:

13.8.1. licences granted under an Agreement shall immediately terminate and Customer shall immediately cease all use of Services and Ethixbase360 Data;

13.8.2. each party shall return and make no further use of equipment, property, Confidential Information, Deliverables, Documentation and other items (and copies) belonging to the other party.  Customer may retain Reports already delivered by Ethixbase360;

13.8.3. rights, remedies, obligations or liabilities of the parties that have accrued up to the date of termination, including the right to claim damages in respect of breach of an Agreement which existed at or before the date of termination shall not be affected or prejudiced;

13.8.4.  Any provision of an Agreement which expressly or by implication is intended to come into or continue in force on or after termination of an Agreement, including clauses 1, 2.8, 3.5, 4, 7.2, 8, 9, 10, 12, this clause and clauses 16 shall remain in full force and effect.

  1. Force Majeure

14.1. A party shall not be liable if delayed in or prevented from performing its obligations due to Force Majeure, provided that it: (a) promptly notifies the other party of the Force Majeure event and its expected duration; (b) uses reasonable commercial endeavours to minimise the effects of that event.

14.2. If, due to Force Majeure, a party is unable to perform a material obligation for thirty (30) days or more, the other party may terminate an Agreement on immediate notice.

  1. Publicity

15.1. A party shall not issue any announcement regarding an Agreement without the prior written consent of the other party.  Customer shall not make representations or statements which may indicate an express or implied endorsement, approval or validation by Ethixbase360 of Customer’s risk management processes.

15.2. Ethixbase360 may display Customer’s name and logo on the Website and on its marketing materials.

  1. General

16.1. Ethixbase360 may not change the Terms during the Initial Term. Ethixbase360 may change the Terms with effect from the start of any Renewal Term by updating the Terms found at https://ethixbase360.com/terms-and-conditions/.  Customer must review Terms before and any such change will be effective from, the start of the next Renewal Term.  Customer’s continued use of Services will constitute acceptance of the change.  Use of Ethixbase360 Data may be subject to additional conditions, restrictions and disclaimers imposed by Content Providers on Ethixbase360 from time to time.  Ethixbase360 will provide Customer with reasonable notice of such additional requirements before they take effect.

16.2. No failure or delay by a party to exercise any right or remedy provided under an Agreement or by law shall constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict the further exercise of that or any other right or remedy. No single or partial exercise of such right or remedy shall prevent or restrict the further exercise of that or any other right or remedy.

16.3. If any provision (or part of a provision) of an Agreement is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

16.4. If any invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.

16.5. an Agreement and the DPA constitute the entire agreement between Ethixbase360 and Customer and supersede previous agreements, promises, assurances, warranties, representations and understandings between them, whether written or oral, relating to its subject matter.

16.6. In entering into an Agreement, no party is relying on and shall have no remedies in respect of, any statement, representation, assurance or warranty (whether made innocently or negligently) that is not set out in an Agreement.

16.7. Customer shall not, without the prior written consent of Ethixbase360, assign, transfer, charge, sub-contract or deal in any other manner with its rights or obligations under an Agreement.  Ethixbase360 may at time assign, transfer, charge, sub-contract or deal in any other manner with any of its rights or obligations under an Agreement.

16.8. Ethixbase360 contracts with Customer on its own behalf and as trustee for Content Providers.  Content Providers may enforce the rights expressed to be for their benefit under an Agreement against Customer directly.  Other than as expressly stated, an Agreement does not confer rights on any person or party (other than the parties to an Agreement and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.

  1. Notices

17.1. Notices required to be given under an Agreement must be in writing and delivered by hand, courier or by email.  Notices delivered by hand or courier shall be marked for the attention of the CEO of the recipient and sent (in the case of Ethixbase360) to the address specified in clause 18 and (in the case of Customer) to an address specified in the Order. Notices sent by email shall be sent (in the case of Ethixbase360) to [email protected] and (in the case of Customer) to an email address specified in the Order.  Notices delivered by hand or courier shall be deemed delivered when left at the correct address.  Notices sent by email shall be deemed delivered when sent as long as no notice of non-delivery is received.

17.2. A party may update its address or email address by giving notice to the other party in accordance with this clause.

  1. Contracting Entity

18.1. In the table below, “Customer Location” refers to where Customer is located (as determined by customer’s business address on the Order, if specified) and determines which table row applies to Customer.

Contracting Entity Table

Customer Location

Contracting Entity

Overdue Payments

Governing Law, Venue & Jurisdiction

Americas

TRACE, Inc. d.b.a. Ethixbase360 – US Corporation, registered in Maryland, FEIN 41-2260954, Corporate Address – 151 West Street, Suite 303, Annapolis, Maryland 21401

3% per annum above the Federal Reserve Board interest rate

State of Maryland, USA

United Kingdom & the EU

Ethixbase UK Limited incorporated and registered in England & Wales with company number 10651805 whose registered office is at 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX

3% per annum above Bank of England Base rate

England & Wales

Rest Of World

Ethixbase 360 Pte. Limited incorporated and registered in Singapore with company number 201131414M whose registered office is at 151 Chin Swee Road, #02-20 Manhattan House, Singapore 169876

3% per annum above the Monetary Authority of Singapore Base rate

Singapore

18.2. An agreement and any dispute or claim arising out of or in connection with an Agreement (including non-contractual disputes or claims) is governed by and construed in accordance with the law of the jurisdiction specified in the Contracting Entity Table.  The courts of that jurisdiction shall have non-exclusive jurisdiction to settle any such dispute or claim.

  1. English Language

In the event that an Agreement is translated into a language other than English, the English-language version of an Agreement shall take precedence in the event of any conflict in interpretation or translation.E