1. Basis of Engagement

1.1. The Supplier shall provide the Services to the Customer on the terms and conditions of this agreement.

1.2. The Supplier shall provide the Services for the Initial Period and thereafter this agreement shall remain in force unless terminated in accordance with this agreement.

2. Supply of Services

2.1. The Supplier shall supply the Services and deliver the Deliverables to the Customer, in accordance with this agreement and the Service Levels.

2.2. The Supplier warrants that all it will provide services in accordance with the Customer instructions. The Supplier agrees to assess the need and if in agreement, follow the referral instruction including the appointment of suitably qualified individuals where appropriate.

2.3. The Supplier shall:

(a) Meet the Service Levels as required by the Customer;
(b) Perform its obligations under this agreement in accordance with reasonable professional standards and with due care and skill;
(c) Secure and maintain any and all licences, authorisations, permissions, approvals and / or memberships of any regulatory body;
(d) Be solely responsible for the conduct and performance of its employees, treatment suppliers and agents who carry out the Services;
(e) Ensure that the membership of each employee, where applicable, with his or her accrediting body remains valid at all material times, including any continuing professional development obligations;
(f) Maintain full and accurate records of this agreement including the Services supplied under it, all expenditure reimbursed by the Customer and all payments made by the Customer and any other documents as the Customer may reasonably require throughout the period of this agreement for at least 7 years from the termination of this agreement;
(g) Comply with all reasonable standards of health and safety and comply with all health and safety legislation in force from time to time and all guidance issued by the Health and Safety Executive at the premises where the Services are provided;
(h) Comply with all applicable laws, regulations and sanctions relating to anti-bribery and anti-corruption including but not limited to the Bribery Act 2010;
(i) Not engage in any activity, practice or conduct which would constitute an offence under sections 1, 2 or 6 of the Bribery Act 2010 if such activity, practice or conduct had been carried out in the UK; and
(j) Comply with the Code of Conduct Policy (as shall be amended from time to time).

2.4. If the Supplier’s performance of its obligations under this agreement is prevented or delayed by any act or omission of the Supplier, its agents, treatment suppliers, consultants or patients, the Customer shall not be liable for any costs, charges or losses sustained or incurred by the Supplier that arise directly or indirectly from such prevention or delay.

3. Parties Obligations

3.1. The parties shall co-operate with each other in all matters relating to the Services.

3.2. The Supplier shall:

(a) Provide, in a timely manner, such In-put Material and other information as the Customer may reasonably require, and ensure that it is accurate in all material respects; and
(b) Obtain and maintain all necessary licences and consents and comply with all relevant legislation in relation to the Services.

3.3. The Supplier shall not, without the prior written consent of the Customer, at any time from the date of this agreement to the expiry of 12 months after the termination of this agreement, solicit or entice away from the Customer or employ or attempt to employ any person who is, or has been, engaged as a key employee of the Customer and whom the Supplier has directly had dealing with as part of the supply of the Services by the Supplier. For the avoidance of doubt, this restriction shall not restrict the Supplier from employing or engaging any employee of the Customer following a bona fide recruitment process where a public advertisement has been placed to seek to recruit new employees or staff.

3.4. Through out the duration of the Services both parties shall: 

3.4.1 Comply with all applicable laws, regulations, codes and sanctions relating to anti-bribery and anti-corruption including but not limited to the Bribery Act 2010 (Relevant Requirements;
3.4.2 Not engage in any activity, practice or conduct which would constitute an offence under sections 1, 2 or 6 of the Bribery Act 2010 if such activity, practice or conduct had been carried out in the UK;
3.4.3 Comply with the Company’s code of conduct and anti-bribery and anti-corruption policies, in each case as the Company or the relevant industry body may update them from time to time (Relevant Policies
3.4.4 Have and shall maintain in place throughout the term of this agreement its own policies and procedures, including but not limited to adequate procedures under the Bribery Act 2010, to ensure compliance with the Relevant Requirements, the Relevant Policies and this clause 10, and will enforce them where appropriate; 
3.4.5 Promptly report to the Company any request or demand for any undue financial or other advantage of any kind received by the Consultant in connection with the performance of this agreement;
3.4.6 Immediately notify the Company if a foreign public official becomes an officer or employee of the Consultant or acquires a direct or indirect interest in the Consultant (and the Consultant warrants that it has no foreign public officials as officers, employees or direct or indirect owners at the date of this agreement);
3.4.7 Ensure that all persons associated with the Consultant or other persons who are performing services in connection with this agreement comply with this clause 3.4; and
3.4.8 Breach of this clause 3.4 shall be deemed a material breach of this agreement.
3.4.9 For the purpose of this clause 3.4, the meaning of adequate procedures and foreign public official and whether a person is associated with another person shall be determined in accordance with section 7(2) of the Bribery Act 2010 (and any guidance issued under section 9 of that Act), sections 6(5) and 6(6) of that Act and section 8 of that Act respectively.
3.4.10 Failure to comply with this clause 3.4 may result in the immediate termination of this agreement.9.  

4. Charges & Payment

4.1. In consideration of the provision of the Services by the Supplier, the Customer shall pay the charges on submission of an appropriately presented invoice, within the agreed and authorised value. 

4.2. The Customer shall endeavour to pay each undisputed invoice submitted to it by the Supplier, in full and in cleared funds, within the earlier of; the suppliers notified payment terms or 30 calendar days of receipt of the invoice.

4.3. The Customer shall not be obliged to pay invoices submitted to it by the Supplier more than one month after the Services have ceased to be provided in respect of each Instruction.  The Customer shall not be obliged to pay such invoices unless agreed otherwise between the parties.

4.4. Without prejudice to any other right or remedy that it may have, if the Customer fails to pay the Supplier within a reasonable time, the Supplier may:

(a) Charge interest on such sum from the due date for payment at the annual rate of 4% above the base rate from time to time of Barclays Plc, accruing on a daily basis until payment is made, whether before or after any judgment; and
(b) Suspend all Services until payment has been made in full.

4.5. Neither party may, without limiting any other rights or remedies it may have, set off any amounts owed to it by the other party under this agreement against any amounts payable by it to the other party under this agreement.

5. Intellectual Property

5.1. The Supplier shall indemnify the Customer and hold harmless the Customer without limit against any damages (including costs) that may be awarded or agreed to be paid to any third party and any costs of and incidental to the compliance by the Supplier with any injunction or other order of a court in respect of any claim or action that the normal operation possession or use by the Customer of any parts of equipment, software and/or documentation supplied by or on behalf of the Supplier in the provision of the Services during or after the currency of the Contract infringes the patent, copyright, registered design or trade mark rights of that third party (an “Intellectual Property Infringement”) provided that the Supplier: 

5.2. Gives notice to the Supplier of any Intellectual Property Infringement forthwith upon becoming aware of it;

5.3. Gives the Supplier the sole conduct of the defence to any claim or action in respect of any Intellectual Property Infringement and does not at any time admit liability or otherwise attempt to settle or compromise the claim or action except upon the express instructions of the Supplier; and

5.4. Acts in accordance with the reasonable instructions of the Supplier and gives to the Supplier such assistance as it shall reasonably require in respect of the conduct of the defence including the filing of all pleadings and other Court process and the provisions of all relevant documents.

5.5. The Supplier shall reimburse the Customer its reasonable costs (including, without limitation, legal and other professional fees) incurred in complying with the provisions of Clause 7.1.

6. Confidentiality & Customer’s Property

6.1. Each party shall keep in strict confidence all technical or commercial know-how, specifications, databases, inventions, processes or initiatives which are of a confidential nature and have been disclosed to the other party, its employees, agents, consultants or subcontractors and any other confidential information concerning the disclosing party’s business or the Services.

6.2. A party in receipt of confidential information in accordance with clause 8.1 may disclose such information:  

(a) To its employees, officers, representatives, advisers, agents or subcontractors who need to know such information for the purposes of carrying out the Customer’s obligations under this agreement; and 
(b) As may be required by law, court order or any governmental or regulatory authority.

6.3. The Customer and the Supplier shall each ensure that its employees, officers, representatives, advisers, agents or subcontractors to whom it discloses such information comply with this clause 8.

6.4. The Supplier shall not use any confidential information for any purpose other than in relation to this agreement. 

6.5. Any materials, information and data supplied by the Supplier to the Customer (including Pre-existing Materials, but excluding any clinical reports or assessments paid for by the Customer) shall at all times, be and remain as between the Supplier and the Customer the exclusive property of the Supplier, but shall be held by the Customer in safe custody at its own risk and kept in good condition by the Customer until returned to the Supplier (at the Suppliers reasonable request) and shall not be disposed of or used other than in accordance with the Supplier’s written instructions or authorisation. The Supplier shall be permitted to confidentially destroy (or retain copies of) any materials or information as required by any law, rule or regulation or by any competent judicial, governmental, supervisory or regulatory body.

7. Limitation of Liability & Insurance

7.1. The Supplier shall, and shall procure that the Clinicians, at all times take out and maintain in full force and effect, throughout the term of this agreement and for six years thereafter, and observe the terms and conditions of, insurance policies at an appropriate level of cover in respect of professional indemnity, medical malpractice, employer’s liability and public liability so as to sufficiently protect the Customer against any loss the Customer may suffer as a result of the operation of this agreement. 

8. Data Protection

8.1. For the purposes of this Agreement, capitalised terms shall have the meanings set out below.

(a) “Data Protection Laws” means (a) the GDPR and laws implementing or supplementing the GDPR and all applicable data protection and privacy legislation in force from time to time in the UK including without limitation the UK GDPR, and (b) any other applicable law regarding protection of Customer Personal Data which applies to the processing to take place under or in relation to this Agreement.
(b) “GDPR” means EU General Data Protection Regulation 2016/679.
(c) “UK GDPR” means all applicable data protection and privacy legislation in force from time to time in the UK including without limitation the UK GDPR; the Data Protection Act 2018 (and regulations made thereunder) (DPA 2018); and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.
(d) “Subprocessor” means any person (including any third party but excluding an employee of Supplier or an employee of its subcontractors) appointed by or on behalf of Supplier to Process Personal Data on behalf of any Customer in connection with the Agreement.
(e) The terms, “Controller“, “Data Subject“, “Personal Data“, “Personal Data Breach“, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR.

8.2. The Supplier acknowledges and agrees that details of the Supplier’s name, address and payment record may be submitted to a credit reference agency.

8.3. The Supplier shall:

(a) Not access or Process Personal Data from outside the United Kingdom;
(b) Process the Personal Data only in accordance with written instructions from the Customer and only to the extent, and in such manner, as is necessary for the provision of the Services, unless processing is required by the Data Protection Laws to which the Supplier is subject, in which case Suppler, to the extent permitted by the Data Protection Laws, shall inform Customer of that legal requirement before the Processing of that Personal Data;
(c) Implement appropriate technical physical and organisation measures to protect the Personal Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure;
(d) Take reasonable steps to ensure the reliability of any employees who access to Personal Data and use all reasonable endeavours to ensure that any Staff have sufficient skills and on-going training in the handling of Personal Data and are subject to written confidentiality undertakings or professional or statutory obligations of confidentiality;
(e) Notify the Customer within 24 hours if it becomes aware of, or suspects, a Data Breach of Personal Data pertaining to the Customer;
(f) Notify the Customer within 5 calendar days if it receives a request from a Data Subject under any Data Protection Law in respect of Customer Personal Data; or
(g) Provide the Customer with full cooperation and assistance in relation to any complaint or request made in respect of Customer Personal Data;
(h) Permit the Customer to inspect and audit its data processing activities and comply with all reasonable directions by the Supplier in respect of the same; and
(i) Comply at all times with the UK GDPR.

9. Termination

9.1. Without prejudice to any other rights or remedies which the parties may have, either party may terminate this agreement for any reason by providing written notice to the other party.

9.2. The agreement may be terminated by either party without liability to the other (save for any charges that are due and payable for services delivered or which remain to be performed) immediately on giving notice to the other if:

(a) The other party fails to pay any amount due under this agreement on the due date for payment and remains in default not less than 14 days after being notified in writing to make such payment; 
(b) The other party commits a material breach of any of the terms of this agreement and (if such a breach is remediable) fails to remedy that breach within 30 days of that party being notified in writing of the breach; 
(c) The other party repeatedly breaches any of the terms of this agreement in such a manner as to reasonably justify the opinion that its conduct is inconsistent with it having the intention or ability to give effect to the terms of this agreement; 
(d) The other party suspends, or threatens to suspend, payment of its debts, is unable to pay its debts as they fall due, admits inability to pay its debts or (being a company) is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986;
(e) The other party commences negotiations with all, or any class of, its creditors with a view to rescheduling any of its debts, or makes a proposal for, or enters into any compromise or arrangement with, its creditors; or
(f) The other party suspends or ceases, or threatens to suspend or cease, to carry on all or a substantial part of its business.

10. Security, Back-up & Data Separation

10.1. The Supplier shall maintain and implement security standards that are of a standard and quality equivalent to the Customer Security Standards (See Schedule 4) and/or aligned to ISO27001 standards.

10.2. In accordance with the standards and procedures referred to above, the supplier shall store Customer data in a manner that enables it to be:

10.2.1 Easily identified as proprietary to the Customer and each Customer Service Partner, as the case may be; and
10.2.2 Independently extracted, copied, deleted or otherwise transferred from any storage media on which it is kept, and shall keep the Customer informed as to the location of such stored the Customer data.  The supplier shall comply with any additional standards and procedures that may be mutually agreed by the parties in writing from time to time in respect of any of the Customer’s Business Associates.

10.3. In the event of any loss, corruption or destruction of Customer data resulting from the negligence of the supplier or any supplier personnel, the supplier shall, as soon as and to the extent reasonably practicable, reconstruct any such lost, corrupted or destroyed Customer data without charge to Customer and agrees to indemnify and keep the Customer indemnified in respect of any actual loss or corruption of the Customer data.

10.4. The Supplier acknowledges that the Customer data is the property of the Customer. To the extent that any Customer data is held or processed by the Supplier, the Supplier shall supply such Customer data to the Customer as may be requested by the Customer from time to time in the format specified by the Customer. 

Schedule 1:
Specification the Services & Service Levels

1. Services

The Supplier agrees to assess the need in relation to the referral instruction and associated paperwork and agree the most appropriate treatment pathway including the appointment of suitably qualified clinicians where appropriate. All clinicians have to be registered and/or accredited with their relevant professional bodies.

The Supplier agrees to work only within the level authorised by the customer at any point in time and will be held fully responsible for any costs not authorised by the customer.    

The supplier agrees to inform the customer of any DNA appointments or late cancellations as soon as practically possible but within 24 hours of the arranged appointment. 

The Supplier will put any authorised treatment on hold following any event of DNA or cancellation until further instructions have been provided by the customer.  

2. Service Level Agreement

The following SLAs will be applied across the noted categories of rehabilitation treatment unless specified otherwise.  

Physiotherapy

Activity – Acknowledge of receipt of instruction
Service Level^* – 1 day

Activity – Assessment date (initial & final)
Service Level^* – 7 days

Activity – Report issued (from assessment date)
Service Level^* – 7 days

Other treatment services

Activity – Acknowledge of receipt of instruction
Service Level^* – 1 day

Activity – Assessment date (initial & final)
Service Level^* – 14-30 days (depending on treatment)

Activity – Report issued (from assessment date)
Service Level^* – 7 days

^*Calendar days from instruction received.

3. Complaints

The Supplier is required to operate a complaints management process.

The Supplier must maintain a database of complaints in a secure manner. 

Definition of Complaint:
Any oral or written expression of dissatisfaction, whether justified or not, from, or on behalf of, a person  about the provision of, or failure to provide, a financial service which: (a) alleges that the complainant has suffered (or may suffer) financial loss, material distress or material inconvenience; and (b) relates to an activity of that respondent, or of any other respondent with whom that respondent has some connection in marketing, or providing financial services or products, which comes under the jurisdiction of the Financial Ombudsman Services.

New complaints must be notified to the Customer within 24 hours.

4. Premises

The Supplier will maintain appropriate premises for the professional provision of the services.  

Schedule 2:
Minimum Security Standards

The objective of this schedule is to define to the Supplier, its employees and any sub-contractors, responsibility with regards to IT Security.

All employees and sub-contractors must be familiar and adhere to all applicable laws and regulations, and to any changes that may occur from time to time and must:

• Keep passwords secret. Make them hard to guess, change them as required, especially if they think they are known by someone else, don’t write them down, don’t ever share them with someone else and don’t use someone else’s.
• Use only their own log-in which is valid for their actual job, and don’t let anyone else use it. They are responsible for its adequate use and for the handling of their access rights.
• Lock their screen when they leave their desk.
• Organise their own and company data; be mindful of where they store data.
• Take care in addressing emails to ensure that they are sent to the right person(s).
• Ensure the attachments to emails are adequately protected.
• Only use licenced software.
• Do not store Customer data on a personal portable device or an unencrypted laptop.
• Do not connect private IT equipment (e.g. notebook, organiser, USB devices) to company systems without permission from the IT team.
• Handle company IT equipment with care.
• Report any suspicious activity or unlicensed software to their helpdesk or their IT team.
• The Supplier will have an Information Security Policy that is reviewed at least annually and that is communicated to all employees and sub-contractors. 
• The Supplier will ensure business impact assessment, business continuity and disaster recovery plans are produced for all mission critical information, applications, systems and networks.
• The Supplier will have agreed definitions of acceptable/unacceptable use of and access to customer information and this will be communicated to all employees and sub-contractors.

The Customer reservices the right to audit the Supplier Information Security processes and controls.  

Schedule 3
Data Processing Agreement

1. Parties to the Agreement

The Controller – Proclaim Care Limited as the Instructing Party 

The Processor – The Supplier as the receiving party of the instruction

2. Scope & Roles

2.1.  This agreement applies to the processing of Personal Data, within the scope of the UK GDPR, by the Processor on behalf of the Controller.  

2.2. For purposes of this agreement, Proclaim Care Limited and the supplier of services agree that Proclaim Care Limited is the Controller of the Personal Data and the supplier of services is the Processor of such data. In the case where Proclaim Care Limited acts as a Processor of Personal Data on behalf of a third party, the supplier of services shall be deemed to be a Sub-Processor. 

2.3. These Terms do not apply where the supplier of services is a Controller of Personal Data. 

3. Obligations & Rights of the Processor

3.1. Taking into account the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for the rights and freedoms of natural persons, the Processor shall, in relation to Controller Personal Data, implement appropriate technical and organisational measures to ensure and to be able to demonstrate that Processing is performed in accordance with the UK GDPR. Those measures shall be reviewed and updated where necessary.

3.2. The Processor shall implement appropriate technical and organisational measures for ensuring that, by default, only Personal Data which are necessary for each specific purpose of the Processing are processed. That obligation applies to the amount of Personal Data collected, the extent of their Processing, the period of their storage and their accessibility. In particular, such measures shall ensure that by default Personal Data are not made accessible without the individual’s intervention to an indefinite number of natural persons.

3.3. Process the Personal Data only on documented instructions from the Controller;

3.4. Ensure that persons authorised to process the Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;

3.5. Assist the Controller as far as reasonably practicable in responding to any request from Data Subjects or Supervisory Authority relating to the Personal Data processed by the Processor under this Agreement;

3.6. Assist the Controller as far as reasonably practicable in relation to a Personal Data Breach or data protection impact assessment relating to the Personal Data Processing by the Processor under this Agreement;

3.7. Make available any information as reasonably required to evidence compliance with this clause 3 and allow for and contribute to audits, relating to the Personal Data processed by the Processor under this Agreement, provided the Controller provides the Processor with reasonable notice of such request;

3.8. Inform the Controller if it reasonably considers an instruction by the Controller infringes applicable Data Protection Law;

3.9. The Processor shall ensure that all sub-processors comply with all the terms and conditions of this Agreement (as applicable). The Controller shall be the sole judge of whether a sub-processor is compliant with all the terms of this Agreement and may, acting reasonably, insist that the Processor instructs an alternative sub-processor. 

3.10. The Processor must comply with all applicable Data Protection Laws in the Processing of the Controller Personal Data; and all other applicable privacy legislation, and all reasonable directions of the Controller with regard to the use of and access to Personal Data. On termination or expiry of the Agreement, the Processor must promptly return to the Controller or, if requested by the Controller, destroy all copies of the personal information, in which case any right to use, copy or disclose that Personal Data ceases except where any copy of the information is stored in any automatic electronic archiving or back up system where it is not reasonably practicable to delete the same. Any such copies that are retained in accordance with this provision shall continue to be subject to the confidentiality restrictions contained in this Agreement.

4. Duration

4.1. This Agreement shall continue in effect for so long as the Processor is Processing Personal Data on behalf of the Controller.

Description of the Processing:

Subject matter & duration of the Processing
The service provider requires access to the data in order to provide treatment and/or services in relation to rehabilitation or associated with the injury rehabilitation for any individual case referred to them by Proclaim Care in order to support rehabilitation/ recovery/ return to work as a result of an accident or injury or an absence. The duration of the processing will be determined by the treatment required by the injured party and authorised by the controller.

Nature & purpose of the Processing

The service provider will make contact with the referred individual and implement the authorised treatment/rehabilitation as instructed by Proclaim Care in order to support the individual’s recovery and/or return to work following accident or injury.

Type of Personal Data & categories of data subjects

The types of Proclaim Care Personal Data to be Processed –

Non-special categories of information, e.g. individual’s name, address, date of birth, etc.
Special categories of information, e.g. medical information.

Injured Party Details:
Name, Address, Post Code, Telephone Number, Email address, Date of Birth, Date of Injury/Accident, Gender, Type of Injury

Proclaim Care Information:
Case reference number, Referrer name, referrer contact number, Referrer email.

Supporting Information:
Claim Type, relevant medical information with consent, relevant treatment information with consent, ultimate customer name.

The categories of Data Subject to whom the Proclaim Care Personal Data relates –

Clients – Individuals who have been referred to Proclaim Care for injury rehabilitation or absence management.

Schedule 4:
Non-disclosure Agreement

As part of the service you provide you may have access to certain confidential technical and commercial information concerning our business, systems, software and services (“the Confidential Information”) and in consideration of such Confidential Information you hereby undertake to us to accept and comply with the following terms and conditions:

1.1. You will maintain the Confidential Information in the strictest confidence and will not divulge any of the Confidential Information to any third party without our prior written permission.

1.2. You will not make use of the Confidential Information other than for the purpose of providing the service (“the Purpose”).

1.3. You will not make use of any of the Confidential Information in connection with any similar service undertaken by you or on your behalf.

1.4. You will restrict access to the Confidential Information only to such of your employees as need to have access to the same for the Purpose and will procure that any employees to whom the Confidential Information is disclosed will keep the same confidential and use it solely for the Purpose.

1.5. You acknowledge our proprietary rights in the Confidential Information and that the disclosure of the Confidential Information shall not be deemed to confer upon you any rights whatsoever in respect of any part thereof.

1.6. You will take only such copies of any document or other material (in whatsoever medium) embodying any of the Confidential Information as are reasonably necessary for the Purpose and shall  forthwith on request at any time return (and procure the return by any third party to whom disclosure of any of the Confidential Information has been made as permitted by this Agreement) to us or as we may direct all or any of the documents or other material containing or embodying the Confidential Information together with all copies thereof and extracts therefrom taken by you.  

1.7. You will confirm to us in writing at any time on request that you have complied with the provisions hereof and if so requested shall provide a statutory declaration to the effect that no Confidential Information (in whatever medium) has been used or disclosed to any third party by you in breach of the terms of this letter.

2. You further acknowledge and confirm as follows:

2.1. Neither we, nor our employees, nor any of our advisers nor any of our agents, officers or employees accept responsibility or liability for or make any representation, statement or expression of opinion or warranty, express or implied, with respect to the accuracy or completeness of the Confidential Information or any oral communication in connection therewith unless and save to the extent that such representation, statement or expression of opinion or warranty is expressly incorporated into any written agreement subsequently entered into between us in connection with the service.

2.2. The provisions of this letter shall continue in effect notwithstanding any decision by either of us not to proceed with the service but shall cease only in accordance with the terms of this letter.

2.3. You acknowledge that:

2.3.1. The Confidential Information is highly confidential and commercially sensitive; 

2.3.2. Disclosure may cause irreparable damage to us and our business;

2.3.3. Any use or outside knowledge of the Confidential Information may be highly damaging to our business and interests; and

2.3.3.1. Damages alone would not be an adequate remedy for any breach by you of the provisions of this letter and, accordingly, without prejudice to any and all other rights or remedies that we may have, we shall be entitled without proof of special damage to the remedies of injunction, specific performance and other equitable relief for any threatened or actual breach of the provisions of this letter.

3. We both agree that the obligations of confidentiality and non-use imposed pursuant to this letter shall apply for a period of 5 years from the date hereof.

4. Nothing in this letter shall be construed to grant to you any licence or rights in respect of the Confidential Information or in connection with the Project.

5. You accept full liability for and will indemnify and keep us fully indemnified against all and any loss whatsoever and howsoever arising from any disclosure or unauthorised use of the Confidential Information by you or your employees, advisers, agents or representatives or any associated company.

6. The restrictions on use or disclosure of the Confidential Information will not apply to:

6.1. Any information which is generally available to the public (provided this has not happened because of a breach of this Agreement or any other duty of confidentiality);

6.2. Any information received by you from third parties who are not subject to any confidentiality obligations in respect thereof;

6.3. Any information which is required by law to be disclosed pursuant to an Order of a Court or equivalent authority.

7. The foregoing constitutes the entire Agreement between us with respect to the Confidential Information and supersedes and cancels any prior representation, understanding and commitment (whether oral or written) between us with respect to our Confidential Information. The terms of this letter Agreement can only be changed by a written document, agreed upon by both of us and signed by duly authorised persons.  

8. If at any time any provision of this agreement is found to be illegal, unenforceable or invalid in whole or in part then the remaining portions of such provisions and other provisions of this Agreement continues to be binding and in full force and effect.

9. The provisions hereof shall be governed and construed by English law, and by your acceptance hereof you agree to submit to the exclusive jurisdiction of the English Courts.

Schedule 5:
Code of Conduct

This Code of Conduct sets out our expectations and requirements of suppliers or any third parties working with us. We want to work in partnership with each of the companies we approve as suppliers of goods or services to us, developing long term sustainable relationships based on trust, honesty and shared responsibility. 

This document defines the level of professionalism, competence, ethicality and corporate responsibility, which we expect from ourselves, our stakeholders and our suppliers. 

It is implemented to ensure that we receive the best quality service and/or products from you whilst supporting the practice of safe working conditions and, where applicable, ensure that your production, service delivery and procurement processes are responsible and considerate of the environment and the communities around you.

Health & Safety 

As a responsible and professional business, it would be required of you to adopt all current health & safety legislation and regulatory requirements to enable you to provide a safe working environment, and that for all activities which carry a potential risk, you maintain an effective risk management system. 

We would also expect that, to enable the processes to be monitored closely, regular audits and inspections are carried out and any potential hazards are recognised, and adequate controls put in place to minimise the risk. 

Safeguarding

Depending on the service you provide, you will adopt appropriate safeguarding measures, policies and procedures to protect the welfare of any service users and take appropriate steps to assess any risk that may potentially lead to a safeguarding concern. 

Infection Control Policy

It is required of you to have documented infection control procedures in plan which follow regional and national public health guidelines and/or where applicable governmental advice. Any business we engage with is expected to have measures and protocols in place for work spaces to ensure they are safe and that a risk management approach is taken in relation to any individual attending that work space.

Labour Practice & Standards 

We would expect any business we engage to monitor and effectively manage the working conditions of your employees to ensure they are protected from excessive working hours, inadequate welfare facilities and unlawful practices including any discrimination; including but not limited to, age; gender; sexual orientation race; colour; or creed. We envisage that any business we engage would work with us to uphold the principles of Human Rights and Modern Slavery legislation and condemn the use of bonded, compulsory, or child labour. 

Sustainability & Environmental Policy 

We encourage you to consider your environmental impact and follow all environmental and waste disposal best practice guidelines. We also request that methods to enable the minimising of waste, emissions and the impact of material consumption, in the provision of your services, are fully considered. 

Ethicality

We ask that the directors and senior managers working for and with any business we engage to abide by all anticorruption and bribery legislation; and proactively declare any prosecutions, disqualifications, and/or legal proceedings against them personally or as a business entity. 

Insurance & Accreditations 

We request that you hold the necessary insurances to protect both yourselves, your stakeholders and us. These include Employers Liability, Public Liability, Professional Indemnity and hold pertinent Quality Standards relevant to your field of business. 

Reviews, Monitoring & Documentation 

As part of your quality management system, whether formal or informal, records of audits, complaints, events and breaches are to be held, with details of any improvements, corrective actions taken, and changes made to ensure mitigation to you, us or any party we work with collaboratively.