DM Print Ltd. Terms of Business

If you choose to do business with DM Print Limited your company will be subject to the following agreement:

The Company (“DM Print LTD”, “We”, “Us”)

DM Print Limited, a company registered in England with Company Registration number 0382357 and whose registered address is Digital House, Royd Way, KEIGHLEY, West Yorkshire BD21 3LG and whose VAT registration number is 17982191

DM Print Limited’s General Obligations

DM Print Limited shall comply with its obligations under GDPR when Processing Data Controller Data.

DM Print Limited shall only process data provided by the Data Controller in accordance with the Data Controller’s written, documented instructions.

The Data Controller shall be responsible for specifying to DM Print Limited, in sufficient detail, all information reasonably required to performing the requested Services.

The scope, nature, and purpose of processing by DM Print Limited will be set out in a Data Brief, no Processing will be undertaken by DM Print Limited without a pre-agreed Data Brief.

The duration of the Processing shall be for the term indicated in the Data Brief. The types and categories of personal data, a description of the data, and the Purposes of Processing (as defined in GDPR) must be set out in the Data Brief.

The Data Controller will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of any Personal Data to DM Print Limited for the duration and purposes as set out in the Data Brief.

DM Print Limited shall at all times remain responsible for the acts and omission of its Personnel and Sub Processors.

Access to Data Controller Data

DM Print Limited shall ensure that access to Data Controller Data is limited to Personnel who require access to Data Controller Data to meet DM Print Limited’s obligations.

Security

DM Print Limited shall implement the appropriate technical and organisational security measures to ensure a level of Security appropriate to the risk involved during Processing to protect all Data Controller Data.

The Data Controller may at any time make a written request to see DM Print Limited’s Standards of Control Document detailing DM Print Limited’s information security protocols.

Security Breach Notification

In the event of a Security Breach, DM Print Limited shall at its own cost:

  1. immediately conduct a reasonable investigation of the reasons for and the circumstances of such Security Breach, and take all necessary actions to prevent, contain, and mitigate the impact of such Security Breach and remediate such Security Breach, without delay;
  2. provide notice to the Data Controller without undue delay, and in any event within twenty-four (24) hours, after DM Print Limited or any of its Sub Processors discovered such Security Breach;
  3. comply with all reasonable requests issued by the Data Controller regarding remediating a Security Breach;
  4. promptly, and in no event more than two (2) business days after the date Data Processor discovered a Security Breach, provide a written report to Data Controller providing all relevant details concerning such Security Breach and any information reasonably requested by The Data Controller, including without limitation any security, risk or compliance assessment and security control audit reports; and
  5. provide regular updates to the Data Controller following a Security Breach.

Disclosures of the Data Controller Data

DM Print Limited shall not provide any Sub Processor with access to Data Controller Data or allow any Sub Processor to Process the Data Controller Data unless it has received prior written consent from the Data Controller, unless such access is specifically allowed by the Data Controller in a written agreement.

In all circumstances DM Print Limited shall, in the form of a written contract, impose upon such Sub Processor the same or substantially similar contractual duties as imposed on DM Print Limited with regards to Data Processing and with respect to the security, and confidentiality, integrity or availability of the Data Controller Data.

Where there is a requirement to use a Sub Processor there may be a requirement for the Data Controller to agree to additional conditions such as End User License agreements. DM Print Limited will advise the Data Controller should this be required.

Location of Processing

DM Print Limited shall not, under any circumstances (and shall procure that any Sub Processors performing processing shall not) transfer any Data Controller Data outside the EEA unless authorised in writing by the Data Controller to do so, and in accordance with the requirements required by the Data Controller.

Audit

DM Print Limited shall make available to the Data Controller, all information necessary to demonstrate compliance with the obligations laid down in this Agreement and allow for and co-operate with the provision of audits, including, without limitation, inspections, conducted by the Data Controller or another auditor mandated by the Data Controller.

Records, Notification, and Assistance

DM Print Limited shall at its own cost:

  1. keep a record of any Processing of The Data Controller Data it carries out in a Record of Processing;
  2. immediately inform the Data Controller if, in its opinion, an instruction from the Data Controller or another auditor mandated by the Data Controller, infringes the GDPR
  3. reasonably cooperate and coordinate with the Data Controller concerning the Data Controller's compliance with GDPR

Return and Deletion of Information

Except to the extent specifically prohibited by statute or regulation, when the Data Controller Data is no longer needed by DM Print Limited to provide the services under Agreement with the Data Controller, following termination or expiration of said Agreement, or if requested by the Data Controller, DM Print Limited shall return the Data Controller Data to the Data Controller in a readable format as generated by DM Print Limited, and/or, as directed by the Data Controller, securely delete, overwrite or destroy the Data Controller Data such that it is rendered unusable, unreadable, un-reconstructable and un-identifiable, including without limitation: shredding, permanently erasing and deleting or overwriting, as applicable. Either action to be performed within 30 days of the request.

Indemnity

DM Print Limited shall indemnify the Data Controller for any costs, legal fees, fines, penalties, expenses, damages, and any direct losses arising from a data breach or data loss caused by the act or omission of DM Print Limited up to the Maximum Limit of £1,000,000 excepting where the following are valid:

  1. DM Print Limited shall not be liable to the Data Controller in the absence of error or neglect on the part of DM Print Limited or where the Data Controller has approved the Processing carried out by DM Print Limited or where the instruction from the Data Controller has been followed.
  2. Any losses, damages, expenses, demands, costs and other claims made against or incurred by a Sub Processor as a result of a Sub Processor’s breach, act or omission including any loss, damage or claims from any third party supplier or owner of data shall not be indemnified whatsoever by DM Print Limited for the Data Controller.

DM Print’s liability to the Data Controller for any loss or damage of whatsoever nature suffered or incurred by the Data Controller or for any liability of the Data Controller to any other person for any loss or damage of whatsoever nature suffered or incurred by that person shall to the extent permitted by law not exceed £1,000,000 for any one incident or series of related incidents in any one year unless a separate contractual agreement has been reached.

At the point of engagement of a Sub Processor, the Data Controller must agree in writing with the existing Indemnity clauses within the relevant Sub Processors terms & conditions at the time of processing or where there is an on-going requirement then at the commencement of the agreement with the Sub Processor. These will be provided at the time and before any work commences.

General

No assignment: No Party may assign, transfer, charge or part with all or any of its rights or obligations under this Agreement without the prior written consent of the other Party.

Provisions severable: Every provision contained in this Agreement is severable and distinct from every other provision, and if at any time any one or more of such provisions is, or becomes, invalid, illegal or unenforceable, the validity, legality and enforceability of the remaining such provisions will not be affected in any way.

Waiver: No delay or omission of any Party in exercising any right under this Agreement will impair that right, or be construed as a waiver of that right, nor will any single or partial exercise of any right preclude any further exercise of that right, or the exercise of any other rights. The rights and remedies provided in this Agreement are cumulative and not exclusive of any rights or remedies provided by the general law, or by any other agreement or document.

Variations in writing: No provision of this Agreement may be amended, waived, discharged or terminated, and no breach of the provisions of this Agreement may be waived or discharged except (in each case) by an instrument in writing signed by or on behalf of the Party against which enforcement of the amendment, waiver, discharge or termination is sought.

Counterparts: This Agreement may be executed in any number of counterparts and by the Parties on separate counterparts, but shall not be effective until each Party has executed at least one counterpart and each counterpart, when executed, shall be an original of this Agreement and all counterparts shall together constitute one and the same instrument.

Entire Agreement: Except to the extent of any misrepresentation or breach of warranty, which constitutes fraud, this Agreement shall supersede all prior oral or written understandings between the Parties with respect to the subject matter thereof and constitute the entire agreement of the Parties with respect to such subject matter.

This Agreement supersedes any conflicting terms found in any letter of intent, or other oral or written document.

The Parties warrant that they have not entered into this Agreement in reliance wholly or partly on any statement or representations made to them by or on behalf of the other Party, except as contained or referred to herein.

Third Party Rights: No term of this Agreement are enforceable, neither under the Contracts (Rights of Third Parties) Act 1999 of England and Wales nor under similar legislation in any other country, by a person who is not a Party to this Agreement.

Notices: Any notice to a Party under this Agreement shall be addressed to its Group Legal Counsel and may be served by personal delivery or by pre-paid recorded delivery post to its registered office address from time to time and for the purpose of this clause, personal delivery shall include delivery by courier. Any notice served by personal delivery shall be effectively served at the time of delivery. Any notice sent by pre-paid recorded delivery post will be deemed to be effectively served forty-eight hours after it has been placed in the post. In proving service, it will be sufficient to show that the letter containing the notice was properly addressed and posted, and a notice so addressed and posted will be effective notwithstanding that it was not in fact delivered or was returned undelivered.

Governing Law and Jurisdiction

This Agreement shall be governed by, and construed in accordance with, the laws of England & Wales and the Parties submit to the exclusive jurisdiction of the courts of England.

Chat