ACCESS SCREENING - PRODUCT SPECIFIC TERMS

1. Unless the context otherwise requires or there is express wording to define otherwise within these terms, the words and expressions used herein will have definitions ascribed to them within the Access Group Standard Terms and Conditions. For the purpose of these product specific terms, the following terms shall be assigned the following definitions:

Activity or Activities
means the processes provided by the Screening SaaS including employment references, personal references, academic references, checking identities, validating and checking passports and driving licences, and criminal record checks.
Candidate
means a person who is the subject of an Activity.
Candidate Portal
means a public portal for Candidates to submit data and documents.
Consent
means the Candidate electronically or in a written form agreeing to the completion of all checks to be performed.
Disclosure
means the online or paper certificate issued by Disclosure Scotland or Disclosure Barring Service which details an individual’s criminal conviction or, where appropriate, non-conviction information or warrants that no such information is attributed to an individual.
Disclosure Result
means the result(s) of one or more of the checks carried out by Disclosure Barring Service or Disclosure Scotland or other third-party criminal record check.
Data Protection Legislation
takes on the definition prescribed in the relevant Data Processing Addendum.
DBS
means Disclosure Barring Service.
DS
means Disclosure Scotland.
Footprint
means the record of any checks and searches undertaken in respect of a Candidate, including identification checks, credit checks, credit references and debt collection matters.
IDVT Check(s)
means the identity check which is carried out using identity document validation technology (IDVT).
IDVT Use Policy(s)
means the following policy which we may update from time to time and which is available here: https://aspiredigitalgroup.com.au//IDVT-Use-Policy.html
Operator Portal
means a web portal within the Software used by Your Screening Users to access the Screening SaaS.
Konfir Use Policy
means the following policy which we may update from time to time and which is available here: https://aspiredigitalgroup.com.au//Konfir-Use-Policy.html
Our Materials
means any items provided to You by Us in connection with this Agreement and includes Screening Output.
Partners
means organisations that supply, host or process data to or for Us in connection with the provision of the Services. We may at Our discretion use alternative Partners.
Responsible Body
means an organisation approved and registered with DBS or DS and/or any other third party carrying out criminal record checks as being authorised to apply for disclosures on behalf of staff, volunteers or associates, or where the Responsible Body is also a Responsible ‘umbrella body’, also authorised to apply for disclosures on behalf of third party customer organisations in respect of their staff, volunteers, or associates, or the checks of DS, DBS or other third parties, as applicable.
Screening Output
means any electronic or other data, information, scores, records or material derived, prepared or generated by Us and Our Partners as part of the Screening SaaS.
Screening Charges
means the fees (as applicable) set out the statement of work for the Screening SaaS.
Screening SaaS
means the Screening SaaS described in the Screening Charges table in the Statement of Work and selected by You from time to time. The Screening SaaS will be delivered via the Operator Portal.
Screening User
means Your employee or a person You have authorised to access the Screening SaaS and who is trained on Your obligations under the agreed terms and conditions with respect to the use of the Screening SaaS.
Territory
means the United Kingdom or any of the following territories (if specified in the Statement of Work): New Zealand, Australia, the European Union, and Singapore.

2. The Screening SaaS utilises services and databases licensed to Us by our Partners. It is a condition of such licences that You agree to certain terms in this Agreement that are imposed by the Partners. Without limitation, You will comply with the i) IDVT Use Policy where IDVT Checks are included in your Statement of Work; and ii) Konfir Use Policy where Konfir Services (as defined in the Konfir Use Policy) are provided to You.. Notwithstanding any other term of this Agreement, You agree that We shall be entitled by Notice in writing to You to amend the Agreement to take account of any such term that a Partner requires to be included in the Agreement.

3. In the event that any Partner is unable to continue to provide a Screening SaaS or database to Us, We will use reasonable endeavours to source an equivalent or similar service or database. You agree that We will have no responsibility and liability for the discontinuation of any Partner service or database.

4. We grant to You a non-exclusive licence to use any Screening Output provided to You as part of the Screening SaaS in the Territory in accordance with this Agreement.

5. You agree that You will use the Screening Output and Our Materials in accordance with this Agreement.

6. Except as provided within this Agreement, You will:

(a) not sell, transfer, sub-license, distribute, commercially exploit or otherwise make available to, or use for the benefit of, any third party any of the Screening Output and/or Our Materials;

(b) not (and will not allow any third party to) adapt, alter, modify, reverse engineer, de-compile or otherwise interfere with the Screening Data and/or Our Materials without Our prior written consent or as otherwise permitted by law;

(c) only take such copies of the Screening Output and/or Our Materials as are reasonably required for the use of the Screening SaaS.

7. As We and Our Partners are collating data from third party sources, We do not give any warranty or make any representation as to the accuracy, reliability or fitness for purpose of the Screening Output. We and our Partners are not able to verify accuracy of the data transferred to it by third parties. We shall not be liable for any inaccuracies, faults or omissions in the Screening Output except to the extent caused by Our negligence or wilful default.

8. The obligations of Us, DS and DBS when providing the Disclosure element of the Screening SaaS shall be to act in accordance with Criminal Record Checks (below).

9. Regardless of the Governing Law, each of the Partners may enforce pursuant to the Contracts (Rights of Third Parties) Act 1999 any of the term of this Agreement that is specifically stated to be for the benefit of the Partners. Other than the Partners, each party confirms its intent not to confer any rights on any third parties by virtue of this Agreement and accordingly (as may be applicable), the application of the Contracts (Rights of Third Parties) Act 1999 shall not apply to this Agreement.

PROCESSING NOTICES AND LAWFUL BASIS FOR PROCESSING

10. You may only use the Screening SaaS and the Screening Output for legitimate purposes. You warrant that before using the Screening SaaS You will either obtain consent for searches or that You have a legal basis under applicable Data Protection Legislation for conducting the searches. You will indemnify Us for any loss We suffer as a result of a breach of this warranty.

11. Taking into account the nature of processing of personal data to be carried out in relation to the Activities performed under these Terms and Conditions, You shall comply with all applicable laws and regulations including the Data Protection Legislation in relation to providing individuals (including Candidates) with information (including issuing appropriate fair processing notices) explaining in concise, transparent, intelligible, easily accessible, clear and plain language, amongst other things your purposes for processing their personal data, your retention periods for that personal data, and who it will be shared with. You will ensure that such information includes information which describes the lawful basis for processing as a controller, and for instructing Us to process personal data (including Candidate personal data) on Your behalf. You warrant that the type and scope of Activities carried out is appropriate in the circumstances. Where You warrant You have a legal basis You will indemnify Us for any loss We suffer as a result of a breach of this warranty.

SEARCH OBLIGATION

12. If the use of any of the Screening SaaS relates to an individual’s application or agreement or vetting, You shall comply with the notification requirements (where appropriate) in the Data Protection Legislation (once applicable) and notify the individual in writing that: (i) the information which they give to You may be disclosed to a credit reference or fraud prevention agency which may keep a record of that information (Footprint); and (ii) the agency may disclose that information, and the fact that a search was made, to its other customers for the purposes of assessing the risk of giving credit, to prevent fraud and to trace debtors.

ADDITIONAL SECURITY REQUIREMENTS

13. Due to the nature of Our and Our Partner’s businesses, particularly with regard to providing criminal record checks and county court judgements or other vetting data, We and Our Partners require) to follow the similar high standards in relation to security around Screening SaaS.

14. We require that You follow these additional security requirements at all times in relation to the Screening SaaS.

15. These Security Requirements apply to any means through which You order or access the Software including, without limitation, systemto-system, direct access terminal, personal computer or the Internet.

16. These obligations are in addition to any requirements imposed by any applicable law which may apply to the Your use of the Screening SaaS (which may or may not include personal data).

17. You will:

a) ensure that only Authorised Users can have access to the Software and Screening SaaS

b) ensure that Authorised Users do not initiate Activities for personal reasons or provide them to any third party unless expressly permitted by any agreement between the parties;

c) ensure that all devices used by You to access the Operator Portal are placed in a secure location and accessible only by Authorised Users, and that such devices are secured when not in use through such means as screen locks, shutting power controls off, or other reasonable security procedures;

d) take all necessary measures to prevent unauthorised access to the Operator Portal by any person other than an Authorised User for permissible purposes, including, without limitation, limiting the knowledge of Your security codes, any telephone access number(s) We provide and any passwords You may use, to those individuals with a need to know.

e) in no event access the Operator Portal via any unsecured or unauthorised device. Secured wireless connections shall adhere at a minimum to Our encryption standards outlined below in clause 17(g);

f) not use personal computer hard drives or portable and/or removable data storage equipment or media (including but not limited to laptops, zip drives, tapes, disks, CDs, DVDs, software, and code) to store the Screening Output. In addition, data must be encrypted when not in use and all printed Screening Output must be stored in a secure, locked container when not in use, and must be completely destroyed when no longer needed by cross-cut shredding machines (or other equally effective destruction method) such that the results are not readable or useable for any purpose;

g) if You send, transfer or ship any Screening Output, encrypt the data using the following minimum standards, which standards may be modified from time to time by Us: Advanced Encryption Standard (AES), minimum 128-bit key or Triple Data Encryption Standard (3DES), minimum 168-bit key, encrypted algorithms;

h) monitor compliance with the obligations of these Security Requirements, and immediately notify Us if You suspect or know of any unauthorised access or attempt to access the Screening SaaS. Such monitoring will include, without limitation, a review of each of Our invoices for the purpose of detecting any unauthorised activity;

i) not ship hardware or software between Your locations or to third parties without purging all sensitive information;

j) if You use a third-party vendor to establish access to the Screening SaaS, be responsible for the third-party vendor’s use of the Your member numbers, security access codes, or passwords, and You will ensure the third party vendor safeguards Your security access code(s) and passwords through the use of security requirements that are no less stringent than those applicable to You under these Security Requirements; and

k) use best endeavours to assure security when disposing of any personnel vetting information or record obtained from Us in accordance with Data Protection Legislation.

18. We may suspend the Screening SaaS and the supply of Screening Output if, acting reasonably, We believe You have suffered, are suffering or may suffer a breach or attempt to breach its security.

19. During any period of suspension:

a) We will have no liability to You;

b) You will cooperate with Us to address the cause of any concerns; and

c) neither party will issue any public statement regarding the Screening SaaS or the Screening Output and identifying the other party, unless required to do so by applicable law.

d) We will reinstate any suspended services as soon as it is satisfied as to the security of the Screening SaaS and the Screening Output.

20. CRIMINAL RECORD CHECKS – Disclosure Scotland and Disclosure Barring Service

The parties agree to:
a) facilitate the use of the Online Screening Form that is used to carry out the DS, DBS and/or third-party checks; and

b) make available to the You the Disclosure Result electronically on receipt within the Screening SaaS. Original Disclosures can be provided by post where applicable and issued via Disclosure Scotland, at Your cost.

21. We shall not be responsible for clarifying or investigating actual or claimed discrepancies or anomalies identified during the process of, or contained in the results of, the Disclosure Results either with the Candidate or with any third party.

22. We warrant and undertakes that, where DS or DBS checks are provided, at all times during the term of this Agreement that it will ensure these are performed by a Responsible Body and will at all times comply with the relevant Code of Practice for Responsible Bodies.

23. You warrant and undertake that at all times during the term of this Agreement You will ensure that: You will store, handle, retain and dispose of the Disclosure Result strictly in accordance with the DS Code of Practice for Responsible Persons and Other Recipients of Disclosure Information, and the DBS Code of Practice for Registered Persons and Other Recipients of Disclosure Information, and/or with the requirements of any relevant documents issued by third parties.

24. You shall be solely responsible for and liable to obtain or facilitate the receipt of Consent from any Candidate. Where Consent is provided through the Screening SaaS, We shall be deemed to have the right to consider Consent to have been granted. Copies of Consent in respect of any other Candidates shall be made available to Us on request, either from time to time or generally.