Terms & Conditions of Purchase
May 2018 Edition
1.1 Definitions. In these Conditions, the following definitions apply:
“Business Continuity Plan” means the Supplier’s plan for continuity of the business in the event of a disaster affecting the operation of the Supplier’s business;
“Business Day” means a day (other than a Saturday, Sunday or a public holiday) when banks in London are open for business.
“Commencement Date” has the meaning set out in clause 2.2.
“Conditions” means these terms and conditions as amended from time to time in accordance with clause 24.8.
“Confidential Information” means any information that relates to the business, affairs, operations, customers, processes, budgets, pricing, policies, product information, strategies, developments, trade secrets, know-how, personnel and suppliers of the disclosing party, together with all information derived by the receiving party from any such information and any other information clearly designated as being confidential (whether or not it is marked “Private”, “Confidential” or “Restricted”) or which ought reasonably to be considered confidential.
“Contract” means the contract between ProCo and the Supplier for the supply of Goods and/or Services comprising the Order and these Conditions.
“Deliverables” means all documents, products and materials developed by the Supplier or its agents, contractors and employees as part of or in relation to the Services in any form or media, including without limitation drawings, diagrams, designs, pictures, computer programs, data, specifications and reports (including drafts).
“GDPR” General Data Protection Regulation 2016.
“Goods” means the goods (or any part of them) set out in the Order.
“Goods Specification” means any specification for the Goods, that is agreed in writing by ProCo and the Supplier in the Order or otherwise.
“Intellectual Property Rights” means all patents, rights to inventions, utility models, copyright and related rights, trade-marks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database right, topography rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world.
“Order” means ProCo’s order for the supply of Goods and/or Services, as set out in ProCo’s purchase order form or as otherwise agreed by the parties.
“Personal Data” shall have the meaning ascribed to it in the GDPR.
“ProCo” means ProCo Print Limited registered in England and Wales with company number 03378837.
“ProCo Data” means all data, information, Confidential Information and Personal Data (as defined in the GDPR), provided to the Supplier by ProCo for the purpose of supplying the Goods and/or Services which may include (but shall not be limited to) data and information supplied by or relating to ProCo’s customers and clients.
“ProCo Materials” has the meaning set out in clause 5.3.10.
“Security Policy” ProCo’s Information Security Policy, a copy of which is contained in Schedule 1.
“Service Levels” means the service levels (if any) in accordance with which the Services are to be provided as detailed in Schedule 2.
“Services” means the services, including without limitation any Deliverables, to be provided by the Supplier under the Contract as set out in the Service Specification.
“Service Specification” means the description or specification for Services agreed in writing by ProCo and the Supplier.
“Supplier” means the person or firm from whom ProCo purchases the Goods and/or Services.
“UK Data Protection Bill” means the UK Data Protection Act 2018
1.2 Construction. In these Conditions, the following rules apply:
1.2.1 a person includes a natural person, corporate or unincorporated body (whether or not having separate legal personality); and
1.2.2 a reference to a statute or statutory provision is a reference to such statute or statutory provision as amended or re-enacted. A reference to a statute or statutory provision includes any subordinate legislation made under that statute or statutory provision, as amended or re-enacted.
2. BASIS OF CONTRACT
2.1 The Order constitutes an offer by the Supplier to supply Goods and/or Services to ProCo in accordance with these Conditions.
2.2 The Order shall be deemed to be accepted when ProCo issues a purchase order in respect of the Order at which point and on which date the Contract shall come into existence (“Commencement Date”).
2.3 These Conditions apply to the Contract to the exclusion of any other terms that the Supplier seeks to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.
2.4 All these Conditions shall apply to the supply of both Goods and Services except where the application to one or the other is specified.
3. SUPPLY OF GOODS
3.1 The Supplier shall ensure that the Goods shall:
3.1.1 correspond with their description and any applicable Goods Specification;
3.1.2 be of satisfactory quality (within the meaning of the Sale of Goods Act 1979) and fit for any purpose held out by the Supplier or made known to the Supplier by ProCo, expressly or by implication, and in this respect ProCo relies on the Supplier’s skill and judgment;
3.1.3 be free from defects in design, materials and workmanship; and
3.1.4 comply with all applicable statutory and regulatory requirements relating to the manufacture, labelling, packaging, storage, handling, processing and delivery of the Goods.
3.2 The Supplier shall ensure that at all times it has and maintains all the licences, permissions, authorisations, consents and permits that it needs to carry out its obligations under the Contract in respect of the Goods.
3.3 ProCo shall have the right to inspect and test the Goods at any time before delivery.
3.4 If, following such inspection or testing, ProCo considers that the Goods do not conform or are unlikely to comply with the Supplier’s undertakings at clause 3.1, ProCo shall inform the Supplier and the Supplier shall immediately take such remedial action as is necessary to ensure compliance.
3.5 Notwithstanding any such inspection or testing, the Supplier shall remain fully responsible for the Goods and any such inspection or testing shall not reduce or otherwise affect the Supplier’s obligations under the Contract, and ProCo shall have the right to conduct further inspections and tests after the Supplier has carried out its remedial actions.
4. DELIVERY OF GOODS
4.1 The Supplier shall ensure that:
4.1.1 the Goods are properly packed and secured in such manner as to enable them to reach their destination in good, safe and secure condition;
4.1.2 each delivery of the Goods is accompanied by a delivery note which shows the date of the Order, the Order number (if any), the type and quantity of the Goods (including the code number of the Goods (where applicable)), special storage instructions (if any) and, if the Goods are being delivered by instalments, the outstanding balance of Goods remaining to be delivered; and
4.1.3 if the Supplier requires ProCo to return any packaging material for the Goods to the Supplier, that fact is clearly stated on the delivery note. Any such packaging material shall only be returned to the Supplier at the cost of the Supplier.
4.2 The Supplier shall deliver the Goods:
4.2.1 on the date specified in the Order;
4.2.2 to ProCo’s Sheffield premises: Parkway Close, Parkway Industrial Estate, Sheffield, S9 4WJ, or ProCo’s Stansted premises: Units 2&3, M11 Business Link, Parsonage Lane, Stansted CM24 8GF, or such other location as is set out in the Order or as instructed by ProCo before delivery (“Delivery Location”);
4.2.3 during ProCo’s normal hours of business on a Business Day, or as instructed by ProCo.
4.3 Delivery of the Goods shall be completed on the completion of unloading of the Goods at the Delivery Location.
4.4 If the Supplier: delivers more or less than the quantity of Goods ordered, ProCo may reject the Goods and any rejected Goods shall be returnable at the Supplier’s risk and expense. If the Supplier delivers more or less than the quantity of Goods ordered, and ProCo accepts the delivery, a pro rata adjustment shall be made to the invoice for the Goods.
4.5 The Supplier shall not deliver the Goods in instalments without ProCo’s prior written consent. Where it is agreed that the Goods are delivered by instalments, they may be invoiced and paid for separately. However, failure by the Supplier to deliver any one instalment on time or at all or any defect in an instalment shall entitle ProCo to the remedies set out in clause 7.1.
4.6 Title and risk in the Goods shall pass to ProCo on completion of delivery.
5. SUPPLY OF SERVICES
5.1 The Supplier shall from the date set out in the Order and for the duration of this Contract provide the Services to ProCo in accordance with the terms of the Contract.
5.2 The Supplier shall meet any performance dates for the Services specified in the Order or notified to the Supplier by ProCo.
5.3 In providing the Services, the Supplier shall:
5.3.1 co-operate with ProCo in all matters relating to the Services, and comply with all instructions of ProCo;
5.3.2 perform the Services with the best care, skill and diligence in accordance with best practice in the Supplier’s industry, profession or trade;
5.3.3 use personnel who are suitably trained, skilled and experienced to perform tasks assigned to them, and in sufficient number to ensure that the Supplier’s obligations are fulfilled in accordance with this Contract;
5.3.4 ensure that the Services and Deliverables will conform with all descriptions and specifications set out in the Service Specification, and that the Deliverables shall be fit for any purpose explicitly or implicitly made known to the Supplier by ProCo;
5.3.5 provide all equipment, tools and vehicles and such other items as are required to provide the Services;
5.3.6 use the best quality goods, materials, standards and techniques, and ensure that the Deliverables, and all goods and materials supplied and used in the Services or transferred to ProCo, will be free from defects in workmanship, installation and design;
5.3.7 obtain and at all times maintain all necessary licences and consents, and comply with all applicable laws and regulations;
5.3.8 observe all health, safety and environmental rules, regulations and considerations;
5.3.9 observe all security requirements that apply when processing personal data, in line with the ProCo ISO 27001 policies and procedures, GDPR and UK Data Protection Act commitments and obligations;
5.3.10 hold all materials, equipment and tools, drawings, specifications and data supplied by ProCo to the Supplier (“ProCo Materials”) in safe custody at its own risk, maintain ProCo Materials in good condition until returned to ProCo, and not dispose or use ProCo Materials other than in accordance with ProCo’s written instructions or authorisation;
5.3.11 not do or omit to do anything which may cause ProCo to lose any licence, authority, consent or permission upon which it relies for the purposes of conducting its business, and the Supplier acknowledges that ProCo may rely or act on the Services.
6. BUSINESS CONTINUITY
The Supplier shall operate and maintain a Business Continuity Plan which shall be utilised if a disaster occurs which threatens or affects the operation of the Supplier’s business. The Supplier shall produce a copy of the Business Continuity Plan to ProCo on request and shall make any reasonable modifications or changes to the Business Continuity Plan as are requested by ProCo. The Supplier shall test the effectiveness of the Business Continuity Plan no less than once per year.
7. PROCO REMEDIES
7.1 If the Supplier fails to deliver the Goods and/or perform the Services by the applicable date, ProCo shall, without limiting its other rights or remedies, have one or more of the following rights:
7.1.1 to terminate the Contract with immediate effect by giving written notice to the Supplier;
7.1.2 to refuse to accept any subsequent performance of the Services and/or delivery of the Goods which the Supplier attempts to make;
7.1.3 to recover from the Supplier any costs incurred by ProCo in obtaining substitute goods and/or services from a third party;
7.1.4 where ProCo has paid in advance for Services that have not been provided by the Supplier and/or Goods which have not been delivered by the Supplier, to have such sums refunded by the Supplier; and
7.1.5 to claim damages for any additional costs, loss or expenses incurred by ProCo which are in any way attributable to the Supplier’s failure to meet such dates.
7.2 If the Supplier has delivered Goods that do not comply with the undertakings set out in clause 3.1, then, without limiting its other rights or remedies, ProCo shall have one or more of the following rights, whether or not it has accepted the Goods:
7.2.1 to reject the Goods (in whole or in part) whether or not title has passed and to return them to the Supplier at the Supplier’s own risk and expense;
7.2.2 to terminate the Contract with immediate effect by giving written notice to the Supplier;
7.2.3 to require the Supplier to repair or replace the rejected Goods, or to provide a full refund of the price of the rejected Goods (if paid);
7.2.4 to refuse to accept any subsequent delivery of the Goods which the Supplier attempts to make;
7.2.5 to recover from the Supplier any expenditure incurred by ProCo in obtaining substitute goods from a third party; and
7.2.6 to claim damages for any additional costs, loss or expenses incurred by ProCo arising from the Supplier’s failure to supply Goods in accordance with clause 3.1.
7.3 These Conditions shall extend to any substituted or remedial services and/or repaired or replacement goods supplied by the Supplier.
7.4 ProCo’s rights under this Contract are in addition to its rights and remedies implied by statute and common law.
8. CUSTOMER’S OBLIGATIONS
8.1 provide the Supplier with reasonable access at reasonable times to ProCo’s premises for the purpose of providing the Services; and
8.2 provide such information as the Supplier may reasonably request for the provision of the Services and ProCo considers reasonably necessary for the purpose of providing the Services.
9. CHANGE CONTROL
9.1 If either party requests a change to the scope, specification or execution of the Goods and/or Services to be supplied, the Supplier shall, within a reasonable time, provide a written estimate to ProCo of:
9.1.1 the likely time required to implement the change;
9.1.2 any necessary variations to the Supplier’s charges arising from the change;
9.1.3 any other impact of the change on the Contract.
9.2 If ProCo wishes the Supplier to proceed with the change, the parties shall agree the necessary variations to the charges, the Goods and/or Services and any other relevant terms of the Contract to take account of the change.
10. CHARGES AND PAYMENT
10.1 The price for the Goods and Services shall be the price set out in the Order and shall be inclusive of the costs of packaging, insurance and carriage of the Goods, unless otherwise agreed in writing by ProCo. No extra charges shall be effective unless agreed in writing and signed by ProCo.
10.2 The charges for the Services shall be set out in the Order, and shall be the full and exclusive remuneration of the Supplier in respect of the performance of the Services. Unless otherwise agreed in writing by ProCo, the charges shall include every cost and expense of the Supplier directly or indirectly incurred in connection with the performance of the Services.
10.3 In respect of Goods, the Supplier shall invoice ProCo on or at any time after completion of delivery unless agreed otherwise by the parties. In respect of Services, the Supplier shall invoice ProCo on completion of the Services unless agreed otherwise by the parties. Each invoice shall include such supporting information required by ProCo to verify the accuracy of the invoice, including but not limited to the relevant purchase order number.
10.4 In consideration of the supply of Goods and/or Services by the Supplier, ProCo shall pay the invoiced amounts 60 days after the end of the month of invoice, unless otherwise agreed in writing, provided the invoice is correctly rendered. Payment shall be made to the bank account nominated in writing by the Supplier.
10.5 All amounts payable by ProCo under the Contract are exclusive of amounts in respect of valued added tax chargeable from time to time (“VAT”). Where any taxable supply for VAT purposes is made under the Contract by the Supplier to ProCo, ProCo shall, on receipt of a valid VAT invoice from the Supplier, pay to the Supplier such additional amounts in respect of VAT as are chargeable on the supply of the Goods and/or Services at the same time as payment is due for the supply of the Goods and/or Services.
10.6 If ProCo fails to pay any amount properly due and payable by it under the Contract, the Supplier shall have the right to charge interest on the overdue amount at the rate of 2 per cent per annum above the base rate for the time being of the Bank of England accruing on a daily basis from the due date up to the date of actual payment, whether before or after judgment. This clause shall not apply to payments that ProCo disputes in good faith.
10.7 The Supplier shall maintain complete and accurate records of the time spent and materials used by the Supplier in providing the Services, and the Supplier shall allow ProCo to inspect such records at all reasonable times on request.
10.8 ProCo may, without limiting its other rights or remedies, set off any amount owing to it by the Supplier against any amount payable by ProCo to the Supplier under the Contract.
11. SERVICE LEVELS
11.1 The Supplier shall ensure that the Services meet or exceed the Service Levels at all times from the Commencement Date.
11.2 If required by ProCo the Supplier shall provide ProCo with a monthly report detailing its performance in respect of each of the Service Levels.
11.3 If the Supplier fails to meet the Service Levels, the Supplier shall:
11.3.1 notify ProCo immediately;
11.3.2 provide ProCo with a plan to remedy the failure; and
11.3.3 take remedial action to rectify or to prevent the failure from recurring.
11.4 Senior representatives of both parties shall have regular meetings to monitor and review the performance of this agreement, the achievement of the Service Levels and the provision of the Services.
12.1 The Supplier shall allow ProCo and any auditors of or other advisers to ProCo to access any of the Supplier’s premises, personnel and relevant records as may be reasonably required in order to:
12.1.1 fulfil any legally enforceable request by any regulatory body; or
12.1.2 undertake verification that the Services are being provided and all obligations of the Supplier are being performed in accordance with the Contract; or
12.1.3 undertake verification of the Security Policy.
12.2 ProCo shall use its reasonable endeavours to ensure that the conduct of each audit does not unreasonably disrupt the Supplier or delay the provision of the Services by the Supplier and that, where possible, individual audits are co-ordinated with each other to minimise any disruption.
12.3 Subject to ProCo’s obligations of confidentiality, the Supplier shall provide ProCo (and its auditors and other advisers) with all reasonable co-operation, access and assistance in relation to each audit.
13. INTELLECTUAL PROPERTY RIGHTS
13.1 In respect of the Goods and any goods that are transferred to ProCo as part of the Services under this Contract, including without limitation the Deliverables or any part of them, the Supplier warrants that it has full clear and unencumbered title to all such items, and that at the date of delivery of such items to ProCo, it will have full and unrestricted rights to sell and transfer all such items to ProCo.
13.2 The Supplier assigns to ProCo, with full title guarantee and free from all third party rights, all Intellectual Property Rights in the products of the Services, including for the avoidance of doubt the Deliverables.
13.3 The Supplier shall obtain waivers of all moral rights in the products, including for the avoidance of doubt the Deliverables, of the Services to which any individual is now or may be at any future time entitled under Chapter IV of Part I of the Copyright Designs and Patents Act 1988 or any similar provisions of law in any jurisdiction.
13.4 The Supplier shall, promptly at ProCo’s request, do (or procure to be done) all such further acts and things and the execution of all such other documents as ProCo may from time to time require for the purpose of securing for ProCo the full benefit of the Contract, including all right, title and interest in and to the Intellectual Property Rights assigned to ProCo in accordance with clause 13.2.
13.5 All ProCo Materials are the exclusive property of ProCo.
14.1 The Supplier shall keep ProCo indemnified in full against all costs, expenses, damages and losses (whether direct or indirect), including any interest, fines, legal and other professional fees and expenses awarded against or incurred or paid by ProCo as a result of or in connection with:
14.1.1 any claim made against ProCo by a third party for death, personal injury or damage to property arising out of, or in connection with, defects in Goods, to the extent that the defect in the Goods is attributable to the acts or omissions of the Supplier, its employees, agents or subcontractors;
14.1.2 any claim made against ProCo by a third party arising out of, or in connection with, the supply of the Goods or Services, to the extent that such claim arises out of the breach, negligent performance or failure or delay in performance of the Contract by the Supplier, its employees, agents or subcontractors; and
14.1.3 any claim made against ProCo for actual or alleged infringement of a third party’s Intellectual Property Rights arising out of, or in connection with, the manufacture, supply or use of the Goods, or receipt, use or supply of the Services.
14.2 For the duration of the Contract and for a period of six years thereafter, the Supplier shall maintain in force, with a reputable insurance company, professional indemnity insurance, product liability insurance and public liability insurance to cover the liabilities that may arise under or in connection with the Contract and shall, on ProCo’s request, produce both the insurance certificate giving details of cover and the receipt for the current year’s premium in respect of each insurance.
14.3 This clause 14 shall survive termination of the Contract.
15. DATA PROTECTION
The GDPR and the UK Data Protection Act impose legal obligations on both Data Controller and Processor to formalise their working relationship.
Aside from the legal requirements, this makes practical and commercial sense, as by having a contract in place both parties are:
complying with the GDPR and UK Data Protection Act
protecting the personal data of customers, employees, and others
clear about their role in respect of the personal data that is being processed – and that there is evidence of this
Data subjects may be reassured by the fact that a formal contract exists between those handling their personal data, setting out their obligations, responsibilities and liabilities.
15.1 In so far as the Supplier processes any ProCo Data on behalf of ProCo, the Supplier shall:
15.1.1 process the ProCo Data only on behalf of ProCo, only for the purposes of performing the Contract, and only in accordance with instructions contained in the Contract or received from ProCo from time to time;
15.1.2 not otherwise modify, amend or alter the contents of the ProCo Data or disclose or permit the disclosure of any of the ProCo Data to any third party unless specifically authorised in writing by ProCo;
15.1.3 implement appropriate technical and organisational measures to protect the ProCo Data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure;
15.1.4 take reasonable steps to ensure the reliability of any of the Supplier’s personnel who have access to the ProCo Data;
15.1.5 obtain prior explicit, written consent from ProCo before transferring the ProCo Data to any sub-contractors in connection with the provision of the Services;
15.1.6 notify ProCo (within twenty-four hours) if it receives:
126.96.36.199 a request from a Data Subject to have access to that person’s data; or
188.8.131.52 a complaint or request relating to ProCo’s obligations under the GDPR and/or UK Data Protection Act; or
184.108.40.206 any other communication relating directly or indirectly to the processing of any ProCo Data in connection with the Contract;
15.1.7 Co-operate fully with ProCo and assist in relation to any complaint or request made in respect of any ProCo Data, including by:
220.127.116.11 providing ProCo with full details of the complaint or request;
18.104.22.168 complying with a Data Subject Access Request within the relevant timescales set out in the GDPR and/or UK Data Protection Act and strictly in accordance with ProCo’s instructions;
22.214.171.124 providing ProCo with any Personal Data it holds in relation to a Data Subject making a complaint or request within the timescales required by ProCo; and
126.96.36.199 providing ProCo with any information requested by ProCo;
15.1.8 permit ProCo or its external advisers (subject to reasonable and appropriate confidentiality undertakings) to inspect and audit the Supplier’s data processing activities and those of its agents, subsidiaries and sub-contractors and comply with all reasonable requests or directions by ProCo to enable ProCo to verify and procure that the Supplier is in full compliance with its obligations under the Contract; and
15.1.9 not transfer ProCo Data outside the European Economic Area without the prior written consent of ProCo.
15.2 The parties shall, and the Supplier shall procure that any sub-contractors approved in advance by ProCo shall comply at all times with the GDPR and/or UK Data Protection Act and shall not perform their obligations under the Contract in such a way as to cause either party to risk breaching any of its obligations under the GDPR and/or UK Data Protection Act. The Supplier shall immediately, and in any case no more than twenty-four hours, notify ProCo if it becomes aware of any breach of the GDPR and/or UK Data Protection Act by the Supplier or any of its sub-contractors in connection with the Contract either by telephone or by emailing the Data Protection Officer:
15.3 The Supplier shall, at all times during and after the term of the Contract, indemnify ProCo and keep ProCo indemnified against all losses, damages, costs or expenses and other liabilities (including legal fees) incurred by, awarded against or agreed to be paid by ProCo arising from any breach of the Supplier’s obligations under this clause 15 except and to the extent that such liabilities have resulted directly from ProCo’s instructions.
16. PROCO DATA
16.1 The Supplier shall take all necessary steps to ensure that any ProCo Data which comes into its possession or control in the case of providing the Goods and/or Services is protected in accordance with the ProCo Security Policy and requirements of the GDPR and/or UK Data Protection Act, and in particular the Supplier shall not further use the ProCo Data or reproduce the ProCo Data in whole or in part in any form except as may be required by this Contract.
16.2 The parties shall ensure that any ProCo Data transferred to the other in the course of the Contract is transferred in a secure and safe manner. The Parties shall not (unless they agree otherwise in writing) transfer any ProCo Data using any portable media.
16.3 Where the Parties transfer ProCo Data electronically, they shall ensure that such ProCo Data is properly encrypted prior to transfer using an encryption method agreed by the parties.
16.4 The parties shall ensure that any user identifications, passwords, codes or keywords required to access ProCo Data are made available only to those personnel who need to know such details for the purpose of providing the Goods and/or Services and that such personnel do not disclose such user identifications, passwords, codes or keywords to unauthorised personnel.
16.5 The parties shall ensure that any personnel involved in the transfer, processing or handling of ProCo Data are appropriately trained and are aware of the importance of ensuring the security of the ProCo Data as well as being appropriately trained and aware of the processes and methods used for maintaining the security of such ProCo Data.
16.6 If either party believe that there has been a breach of this clause 16, it shall notify the other immediately. Both parties shall take appropriate steps to identify and remedy the breach which may or may not involve temporarily suspending or permanently removing personnel access to ProCo Data. The reporting of a breach or a suspected breach shall be communicated within twenty-four hours to the ProCo Data Protection Officer by email:
16.7 Both parties shall maintain a list of their respective personnel with access to ProCo Data in relation to the Contract.
17.1 Except to the extent set out in this clause 17, or where disclosure is expressly permitted elsewhere in the Contract, each party shall:
17.1.1 treat the other party’s Confidential Information as confidential; and
17.1.2 not disclose the other party’s Confidential Information to any other person without the owner’s prior written consent.
17.2 Clause 17.1 shall not apply to the extent that:
17.2.1 such information was in the possession of the party making the disclosure, without obligation of confidentiality, prior to its disclosure; or
17.2.2 such information was obtained from a third party without obligation of confidentiality; or
17.2.3 such information was already in the public domain at the time of disclosure otherwise than through a breach of this agreement; or
17.2.4 such information was independently developed without access to the other party’s Confidential Information.
17.3 The Supplier may only disclose ProCo’s Confidential Information to the Supplier’s personnel who are directly involved in the provision of the Goods and/or Services and who need to know the information. The Supplier shall ensure that such Supplier’s personnel are aware of, and comply with, these confidentiality obligations.
17.4 The Supplier shall not, and shall procure that the Supplier’s personnel do not, use any of ProCo’s Confidential Information received otherwise than for the purposes of the Contract.
17.5 The Supplier undertakes (except as may be required by law or in order to instruct professional advisers in connection with the Contract) not to:
17.5.1 disclose or permit disclosure of any details of the Contract to the news media or any third party other than any sub-contractors approved in advance by ProCo; or
17.5.2 disclose that ProCo is a customer or client of the Supplier; or
17.5.3 use ProCo’s name or brand in any promotion or marketing or announcement without the prior written consent of ProCo.
17.6 Nothing in this clause 17 shall prevent either party from using any techniques, ideas or know-how gained during the performance of the Contract in the course of its normal business to the extent that this use does not result in a disclosure of the other party’s Confidential Information or an infringement of Intellectual Property Rights.
18. SECURITY REQUIREMENTS
18.1 The Supplier shall comply with the ProCo Security Policy and shall ensure that all its personnel involved in the provision of Goods and/or Services to ProCo receive proper training or awareness regarding the Security Policy and are aware of its importance.
18.2 ProCo shall notify the Supplier of any changes or proposed changes to the Security Policy.
18.3 Each party shall advise the other as soon as it becomes aware of any breach, or potential breach, of the Security Policy or any other breach, or potential breach, of security which may adversely affect the Services. Contact the ProCo Data Protection Officer within twenty-four hours by email
18.4 ProCo shall have the right, in its absolute discretion, to require the Supplier not to use specified individuals employed or engaged by the Supplier, or by a sub-contractor, in the performance of specified elements of the Services. ProCo shall not exercise this right in breach of any law.
18.5 If the Supplier believes that a change, or proposed change, to the Security Policy will have a material and unavoidable cost implication to the Services, it will notify ProCo as soon as reasonably practicable. The Supplier shall support such request by providing evidence of the cause of any increased costs and the steps that it has taken to mitigate those costs. Any change to the charges shall then be agreed between the parties.
18.6 Unless a change to the charges is agreed by ProCo pursuant to clause 18.5, the Supplier shall continue to perform the Services in accordance with its existing obligations.
18.7 The Supplier shall comply with, and shall procure that each of the sub-contractors complies with, ProCo’s procedures for vetting personnel in respect of all Supplier’s personnel employed or engaged in the provision of the Services.
19.1 Without limiting its other rights or remedies, ProCo may terminate the Contract with immediate effect by giving written notice to the Supplier if:
19.1.1 the Supplier commits a material or persistent breach of the Contract and (if such a breach is remediable) fails to remedy that breach within 14 days of receipt of notice in writing of the breach;
19.1.2 the Supplier suspends, or threatens to suspend, payment of its debts or is unable to pay its debts as they fall due or admits inability to pay its debts or (being a company) is deemed unable to pay its debts within the meaning of section 123 of the Insolvency Act 1986 or (being an individual) is deemed either unable to pay its debts or as having no reasonable prospect of so doing, in either case, within the meaning of section 268 of the Insolvency Act 1986 or (being a partnership) has any partner to whom any of the foregoing apply;
19.1.3 the Supplier commences negotiations with all or any class of its creditors with a view to rescheduling any of its debts, or makes a proposal for or enters into any compromise or arrangement with its creditors;
19.1.4 a petition is filed, a notice is given, a resolution is passed, or an order is made, for or in connection with the winding up of the Supplier (being a company) other than for the sole purpose of a scheme for a solvent amalgamation of the Supplier with one or more other companies or the solvent reconstruction of the Supplier;
19.1.5 the Supplier (being an individual) is the subject of a bankruptcy petition order;
19.1.6 a creditor or encumbrancer of the Supplier attaches or takes possession of, or a distress, execution, sequestration or other such process is levied or enforced on or sued against, the whole or any part of its assets and such attachment or process is not discharged within 14 days;
19.1.7 an application is made to court, or an order is made, for the appointment of an administrator or if a notice of intention to appoint an administrator is given or if an administrator is appointed over the Supplier (being a company);
19.1.8 a floating charge holder over the assets of the Supplier (being a company) has become entitled to appoint or has appointed an administrative receiver;
19.1.9 a person becomes entitled to appoint a receiver over the assets of the Supplier or a receiver is appointed over the assets of the Supplier;
19.1.10 any event occurs, or proceeding is taken, with respect to the Supplier in any jurisdiction to which it is subject that has an effect equivalent or similar to any of the events mentioned in clause 19.1.2 to clause 19.1.9 (inclusive);
19.1.11 the Supplier suspends or threatens to suspend, or ceases or threatens to cease to carry on, all or a substantial part of its business; or
19.1.12 the Supplier (being an individual) dies or, by reason of illness or incapacity (whether mental or physical), is incapable of managing his own affairs or becomes a patient under any mental health legislation.
19.2 Without limiting its other rights or remedies, ProCo may terminate the Contract:
19.2.1 in respect of the supply of Services, by giving the Supplier three months’ written notice; and
19.2.2 in respect of the supply of Goods, with immediate effect by giving written notice to the Supplier, in which case ProCo shall pay the Supplier fair and reasonable compensation for any work in progress on any other Goods at the date of termination but such compensation shall not include loss of anticipated profits or any consequential loss.
19.3 In any of the circumstances in these Conditions in which ProCo may terminate the Contract, where both Goods and Services are supplied, ProCo may instead terminate part of the Contract in respect of the Goods, or in respect of the Services, and the Contract shall continue in respect of the remaining supply.
20. GENERAL CONSEQUENCES OF EXPIRY AND TERMINATION
20.1 Following ProCo serving notice to terminate the Contract for any reason, the Supplier shall continue to provide and/or procure the provision of the Goods and/or Services to the required Service Levels, and shall ensure that there is no degradation in the standards of the Goods and/or the Services until the expiry of the Contract.
20.2 On the date of termination the Supplier shall:
20.2.1 repay to ProCo any amount which it may have been paid in advance in respect of Services not provided or procured by the Supplier as at the date of termination; and
20.2.2 where the Services are terminated, the Supplier shall immediately deliver to ProCo all Deliverables, whether or not then complete, and return all ProCo Materials. If the Supplier fails to do so, then ProCo may without limiting its other rights or remedies enter the Supplier’s premises and take possession of them. Until they have been returned or delivered, the Supplier shall be solely responsible for their safe keeping and will not use them for any purpose not connected with this Contract;
20.2.3 return to ProCo, in a secure and safe manner all ProCo Data that was transferred to the Supplier throughout the duration of the Contract and take all necessary steps to ensure all ProCo Data is removed permanently from the Supplier’s systems.
20.2.4 the accrued rights and remedies of the parties as at termination shall not be affected, including the right to claim damages in respect of any breach of the Contract which existed at or before the date of termination; and
20.2.5 clauses which expressly or by implication have effect after termination shall continue in full force and effect.
21. EXIT AND SERVICE TRANSFER
21.1 If the Contract terminates or expires for any reason, the Supplier shall co-operate with ProCo and/or the incumbent supplier to the extent reasonably required to facilitate the smooth migration of the provision of Goods and/or Services from the Supplier to ProCo and/or the incumbent supplier.
21.2 ProCo shall pay the Supplier’s charges in respect of the provision of such transitional assistance services, except in circumstances where ProCo has terminated the Contract pursuant to clause 19.1.
22. DISPUTE RESOLUTION PROCEDURE
22.1 The parties shall attempt, in good faith, to resolve any dispute promptly by negotiation which shall be conducted as follows:
22.1.1 the dispute shall be referred, by either party, first to the Senior Managers or Finance Directors of each of the parties for resolution;
22.1.2 if the dispute cannot be resolved by the Senior Managers or Finance Directors of the parties within 14 days after the dispute has been referred to them, each party shall refer the dispute to the Managing Directors of the parties for resolution.
22.2 If the Managing Directors are unable, or fail, to resolve the dispute within 21 days of the dispute being referred to them, either party may refer any dispute for mediation pursuant to this clause 22.2, but neither shall be a condition precedent to the commencement of any court proceedings, and either party may issue and commence court proceedings prior to or contemporaneously with the commencement of mediation.
22.3 If and to the extent that the parties do not resolve any dispute or any issue in the course of any mediation, either party may commence or continue court proceedings in respect of such unresolved dispute or issue.
22.4 Nothing in this clause 22 shall prevent either party from instigating legal proceedings where an order for an injunction, disclosure or legal precedent is required.
22.5 Without prejudice to ProCo’s right to seek redress in court, the Supplier shall continue to provide the Goods and/or Services and to perform its obligations under the Contract notwithstanding any dispute or the implementation of the procedures set out in this clause 22.
23.1 The Supplier shall:
23.1.1 comply with all applicable laws, regulations and sanctions relating to anti-bribery and anti-corruption including but not limited to the Bribery Act 2010 (Relevant Requirements);
23.1.2 have and shall maintain in place throughout the term of the Contract its own policies and procedures, including but not limited to adequate procedures under the bribery Act 2010, to ensure compliance with the Relevant Requirements.
23.1.3 Promptly report to ProCo any request or demand for any undue financial or other advantage of any kind received by the Supplier in connection with the performance of the Contract;
23.1.4 Immediately notify ProCo if a foreign public official becomes an officer or employee of the Supplier or acquires a direct or indirect interest in the Supplier (and the Supplier warrants that it has no foreign public officials as officers, employees or direct or indirect owners at the date of the Contract).
24.1 Force majeure: Neither party shall be liable to the other as a result of any delay or failure to perform its obligations under the Contract if and to the extent such delay or failure is caused by an event or circumstance which is beyond the reasonable control of that party which by its nature could not have been foreseen by such a party or if it could have been foreseen was unavoidable. If such event or circumstances prevent the Supplier from supplying the Goods and/or Services for more than four weeks, ProCo shall have the right, without limiting its other rights or remedies, to terminate this Contract with immediate effect by giving written notice to the Supplier.
24.2 Assignment and subcontracting:
24.2.1 the Supplier shall not assign, transfer, charge, subcontract or deal in any other manner with all or any of its rights or obligations under the Contract without the prior written consent of ProCo.
24.2.2 ProCo may at any time assign, transfer, charge, subcontract, or deal in any other manner with all or any of its rights under the Contract and may subcontract or delegate in any manner any or all of its obligations under the Contract to any third party or agent.
24.3.1 Any notice or other communication required to be given to a party under or in connection with this Contract shall be in writing and shall be delivered to the other party personally or sent by prepaid first-class post, recorded delivery or by commercial courier, at its registered office (if a company) or (in any other case) its principal place of business, or sent by fax to the other party’s main fax number.
24.3.2 Any notice or communication shall be deemed to have been duly received if delivered personally, when left at the address referred to above or, if sent by prepaid first-class post or recorded delivery, at 9.00 am on the second Business Day after posting, or if delivered by commercial courier, on the date and at the time that the courier’s delivery receipt is signed, or if sent by fax, on the next Business Day after transmission.
24.3.3 This clause 24.3 shall not apply to the service of any proceedings or other documents in any legal action. For the purposes of this clause, “writing” shall not include e-mails and for the avoidance of doubt notice given under this Contract shall not be validly served if sent by e-mail.
24.4 Waiver and cumulative remedies:
24.4.1 A waiver of any right under the Contract is only effective if it is in writing and shall not be deemed to be a waiver of any subsequent breach or default. No failure or delay by a party in exercising any right or remedy under the Contract or by law shall constitute a waiver of that or any other right or remedy, nor preclude or restrict its further exercise. No single or partial exercise of such right or remedy shall preclude or restrict the further exercise of that or any other right or remedy.
24.4.2 Unless specifically provided otherwise, rights arising under the Contract are cumulative and do not exclude rights provided by law.
24.5.1 If a court or any other competent authority finds that any provision (or part of any provision) of the Contract is invalid, illegal or unenforceable, that provision or part-provision shall, to the extent required, be deemed deleted, and the validity and enforceability of the other provisions of the Contract shall not be affected.
24.5.2 If any invalid, unenforceable or illegal provision of the Contract would be valid, enforceable and legal if some part of it were deleted, the provision shall apply with the minimum modification necessary to make it legal, valid and enforceable.
24.6 No partnership: Nothing in the Contract is intended to, or shall be deemed to, constitute a partnership or joint venture of any kind between any of the parties, nor constitute any party the agent of another party for any purpose. No party shall have authority to act as agent for, or to bind, the other party in any way.
24.7 Third parties: A person who is not a party to the Contract shall not have any rights under or in connection with it.
24.8 Variation: Any variation, including any additional terms and conditions, to the Contract shall only be binding when agreed in writing and signed by ProCo.
24.9 Governing law and jurisdiction: The Contract, and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims), shall be governed by, and construed in accordance with, English law, and the parties irrevocably submit to the exclusive jurisdiction of the courts of England and Wales.
Information Security Policy
The Board and senior management of ProCo, which operates in the areas of Printing and Direct Mail Services, supported by online Web-to-Print & Campaign Management applications and Storage and Distribution facilities, are committed to preserving the confidentiality, integrity and availability of all the physical and electronic information assets throughout the organisation in order to preserve its competitive edge, cash-flow, profitability, legal, regulatory and contractual compliance and commercial image. Information and information security requirements will continue to be aligned with Organisational goals and the ISMS is intended to be an enabling mechanism for information sharing, electronic operations, e-commerce and reducing information-related risks to acceptable levels.
The Organisation’s current strategic business plan and risk management framework provide the context for identifying, assessing, evaluating and controlling information-related risks through the establishment and maintenance of the ISMS. The risk assessment, Statement of Applicability and risk treatment plan identify how information-related risks are controlled. The Information Security Manager is responsible for the management and maintenance of the risk treatment plan. Additional risk assessments may, where necessary, be carried out to determine appropriate controls for specific risks.
In particular, business continuity and contingency plans, data back-up procedures, avoidance of viruses and hackers, access control to systems and information security incident reporting are fundamental to this policy. Control objectives for each of these areas are contained in the Manual and are supported by specific, documented policies and procedures.
All employees of the Organisation and certain external parties identified in the ISMS are expected to comply with this policy and with the ISMS that implements this policy. All staff, and certain external parties, will receive appropriate training.
The ISMS is subject to continuous, systematic review and improvement.
The Organisation has established an Information Security Management System Team chaired by the Information Security Manager and including other key staff to support the ISMS framework and to periodically review the security policy.
The Organisation’s information security policy is reviewed at planned intervals, or when and if significant changes occur, to ensure its continuing suitability, adequacy, and effectiveness.
In this policy, “information security” is defined as:
This means that management, all full time or part time staff, sub-contractors, project consultants and any external parties have, and will be made aware of, their responsibilities (which are defined in their job descriptions or contracts) to preserve information security, to report security breaches and to act in accordance with the requirements of the ISMS. The consequences of security policy violations are described in the Organisation’s disciplinary policy. All staff will receive information security awareness training and more specialised staff will receive appropriately specialised information security training.
This means that information and associated assets should be accessible to authorised users when required and therefore physically secure. The computer network must be resilient and the Organisation must be able to detect and respond rapidly to incidents (such as viruses and other malware) that threaten the continued availability of assets, systems and information. There are appropriate business continuity plans.
This involves ensuring that information is only accessible to those authorised to access it, thereby preventing both deliberate and accidental unauthorised access to the Organisation’s information and proprietary knowledge and its systems, including its network(s), website(s), extranet(s), and e-commerce systems.
There are four levels of classification to facilitate this:
Private (includes): Board members, Senior management team, finance team, etc
Restricted (includes): “need to know” information, Job Store, customer data, etc
Confidential (includes): all information assets, such as Proco policies & procedures, etc
Public (includes): information security policy, Proco website, Proco social media sites, etc
This involves safeguarding the accuracy and completeness of information and processing methods and therefore requires preventing deliberate or accidental, partial or complete, destruction, or unauthorised modification, of either physical assets or electronic data. There shall be appropriate contingency including for network(s), e-commerce system(s), web site(s), extranet(s) and data back-up plans, and security incident reporting. The Organisation shall comply with all relevant data-related legislation in those jurisdictions within which it operates.
of the physical (assets)
The physical assets of the Organisation, including but not limited to, computer hardware, data cabling, telephone systems, filing systems and physical data files.
and information assets
The information assets include information printed or written on paper, transmitted by post or shown in films, or spoken in conversation, as well as information stored electronically on servers, web site(s), extranet(s), intranet(s), PCs, laptops, mobile phones and tablet devices as well as on CD / DVD, USB sticks, back-up tapes and any other digital or magnetic media, and information transmitted electronically by any means. In this context “data” also includes the sets of instructions that tell the system(s) how to manipulate information (i.e. the software: operating systems, applications, utilities, etc).
of the Organisation
the Organisation and such partners that are part of our integrated network and have signed up to our security policy and have accepted our ISMS.
The ISMS is the Information Security Management System, of which this policy, the Information Security Manual (“the Manual”) and other supporting and related documentation is a part, and which has been designed in accordance with the specification contained in ISO27001:2013.
A SECURITY BREACH is any incident or activity that causes or may cause a break down in the availability, confidentiality or integrity of the physical or electronic information assets of the Organisation.
This schedule will detail any specific Service Level requirements and/or agreements, if relevant, which are in addition to those specified in the contract or Order.