Consentz Terms and Conditions 

(Terms)
Schedule 1

1.0 INTRODUCTION 

1. Consentz has developed the Software and provides the Services on a subscription basis.
2. Consentz hosts, maintains and supports the Client’s implementation and use of Consentz’s Software.
3. Client wishes to contract with Consentz in order to make use of the Services in its business operations. Consentz has agreed to provide the Services (and any Additional Services as applicable) and Client has agreed to receive and pay for the Services (and any Additional Services as applicable) subject to these Terms and in accordance with the Order Form.
4. This Agreement shall consist of these Terms together with:
   1. the Order Form;
   2. the Service Availability, Maintenance and Support Services (Support Services) description set out in Schedule 2; and
   3. the data protection provisions in Schedules 3 and 4.
5. If there is a conflict between the Terms, the Order Form, the Support Services description, and the data protection provisions, the Order Form shall prevail.

2.0 DEFINITIONS AND INTERPRETATIONS

1. In these Terms (except where the context otherwise requires) the following words and phrases shall have the following meanings:

Additional Services: those additional services selected by the Client as set out in an Order Form, which may include Customisations as referred to in clause 8.

Additional Services Fees: refers to the fees for the Additional Services set out in the Order Form.

Agreement: all the documentation containing the provisions of the Agreement, namely the Order Form, the main body of these Terms and the Schedules, including any amendments to that documentation from time to time.

Authorised Representatives: refers to the Client Authorised Representative and the Consentz Authorised Representative.

Authorised Users: those employees, agents and independent contractors of Client who are authorised by the Client to use the Services and the Documentation.

Business Day: any day which is not a Saturday, Sunday or public holiday in the UK.

Business Hours: the hours of 09:00 to 17:00 GMT/BST on a Business Day.

Claim(s): all demands, claims and liability (actual and consequential and direct and indirect and whether known and unknown, suspected and unsuspected, disclosed and undisclosed, criminal or civil, in contract, tort or otherwise) for all Losses including any other expenses of any nature whatsoever.

Client Account: refers to the online account accessible by way of a Consentz Login, which shall comprise a username and password combination selected by the Client.

Client Authorised Representative: as set out in the Order Form or any replacement notified by the Client in writing to the Consentz Authorised Representative.

Client Data: all the data, works and materials uploaded to or stored on the Platform by the Client, Authorised Users (or supplied by the Client to Consentz for uploading to, transmission by or storage on the Consentz Platform on the Client’s behalf) or generated by the Platform as a result of the use of the Services by the Client (which may or may not constitute Personal Data). 

Client Intellectual Property: Client’s trademarks, business names and branding and all other Intellectual Property Rights owned by or licensed to Client.

Confidential Information: information that is proprietary or confidential and is either clearly labelled as such or identified as Confidential Information in clause 14.

Consentz Authorised Representative: as set out in the Order Form or any replacement notified by Consentz in writing to the Client Authorised Representative.

Consentz Intellectual Property: refers to all Intellectual Property Rights present on or in the Software (including source code), media, other materials and other content within the same, but excluding the Client Intellectual Property.

Consentz Legal Policies: refers to the policies applicable to the Services and the Platform as amended, superseded or replaced by Consentz from time to time.

Consentz Parties/ Party: includes Consentz and its affiliated or related companies and subsidiaries and their respective joint venturers, successors, assigns, directors, sub-contractors, officers, employees and agents.

Consentz Subscriber: refers to a Client who has subscribed to the Services.

Customisation: a customisation of the Services, whether made through the development, configuration or integration of software, or otherwise.

Data: refers to the Client Data and Personal Data.

Documentation: the policies, procedures and/ or written instructions provided by Consentz to Client.

Effective Date: means the date stated in the Order Form or, if none is stated, the date upon which the Parties execute the Order Form.

Fees: includes all fees payable to Consentz, as set out in the Order Form and clause 12.

Force Majeure Event: any happening or event beyond the reasonable control of the Party concerned, which results in a failure or delay in the performance of that Party’s obligations under this Agreement.

Initial Subscription Term: has the meaning given to it in clause 6.1.

Intellectual Property Rights: patents, rights to inventions, copyright and neighbouring and related rights, trademarks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing off or unfair competition, rights in designs, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how and trade secrets) and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

Losses: claims, losses, demands, actions, third party claims, damages, costs (including court costs and legal fees), fines, liabilities, obligations, liens and expenses.

Maintenance Services: the general maintenance of the Platform and Services, and the application of Updates and Upgrades.

Order Form: an online (or hard-copy) order form published (or made available) by Consentz and completed by the parties signed or otherwise agreed by or on behalf of each party, in each case incorporating these Terms by reference.

Patients: refers to patients of the Client.

Personal Data: Personal Data (as defined in Schedule 3 before 25 May 2018, and Schedule 4 after that) pertaining to the Client and its Patients that is processed by Consentz on behalf of the Client in relation to the Agreement.

Renewal Subscription Term(s): has the meaning given to it in clause 6.1.

Platform: refers to the platform managed by Consentz and used by Consentz to provide the Services.

Services: the subscription based, hosted Software as a service provided by Consentz to Client via the Platform under these Terms, which enables Clients to store patient medical data and other information relating to their clinics on-line.

Set-Up Fee: the fees payable for the Set-Up Services as set out in the Order Form, as applicable.

Set-Up Services:  the configuration, implementation and integration Services in accordance with the Order Form, as applicable.

Software: refers to all human readable, machine operable and all other forms of the proprietary software provided to Client as software as a service as part of the Services (incorporating all forms of any modifications made to it by Consentz from time to time).

Support Services: refers to the Service Availability, Maintenance and Support Services set out in Schedule 2.

Subscription Fees: the subscription fees payable by Client to Consentz for use of the Services.

Subscription Term: refers to the Initial Subscription Term together with any subsequent Renewal Subscription Terms.

Support Services: support in relation to the use of, and the identification and resolution of errors in, the Consentz Services, but shall not include the provision of training services.

Terms: refers to these Consentz Terms.

Update: a hotfix, patch or minor version update to any Platform software.

Upgrade: a major version upgrade of any Platform software.

Virus: anything or device (including any software, code, file or programme), which may: prevent, impair or otherwise adversely affect the operation of any computer software, hardware or network, any telecommunications service, equipment or network or any other service or device; prevent, impair or otherwise adversely affect access to or the operation of any programme or data, including the reliability of any programme or data (whether by re-arranging, altering or erasing the programme or data in whole or part or otherwise); or adversely affect the user experience, including worms, trojan horses, viruses and other similar things or devices.

3.0 GENERAL 

1. 1. Consentz has agreed to provide the Services and the Client has agreed to take and pay for the Services subject to these Terms.
   2. By using any of the Services or the Platform, the Client expressly agrees to be bound by these Terms and all applicable legislation and codes of practice governing the Services and the Platform. 
   3. These Terms form a legally binding agreement between the Client and Consentz in relation to the Client’s use of the Services.  Unless the Parties expressly agree otherwise in writing, each Order Form shall create a distinct contract under these Terms.
   4. If the Client violates these Terms or any terms in the Agreement, Consentz may terminate its use of the Services and the Platform, bar it from future use of the Services and the Platform and/or take appropriate legal action against it.
   5. Words denoting an obligation on the Client to do any act, matter or thing includes an obligation to procure that it be done and words placing the Client under an obligation or a restriction include an obligation not to permit or allow infringement of the obligation or restriction.

4.0 REGISTRATION 

1. 1. Once the Client has agreed to receive the Services, Consentz will generate the Client Account for it.
   2. All details submitted by the Client must be true, accurate and complete. 
   3. When executing this agreement by way of the Order Form, the individual signing represents and warrants that they have authority to bind the Client to these Terms.
   4. It is in Consentz’s absolute discretion to decide if the Client shall qualify as a Consentz Subscriber for the purposes of gaining access to the Services.  The Client must comply with all requests Consentz may make for proof of identity and business references and/ or financial standing.  Consentz reserves the right to decline any application for a Consentz subscription with or without notice or cause and in its entire sole discretion. 
   5. Upon successful verification, a Client Account will be activated and a Consentz Login will be issued which the Client may change. 
   6. The Client will keep the Consentz Login relevant to the Platform and the Services confidential and will not reveal it to anyone else.  The Client shall be responsible for all activities that are carried out under the Consentz Login.  Consentz will not be liable where a Consentz Login is unlawfully used by another.  The Client agree to notify Consentz immediately by email to care@consentz.com or telephone 01932 481 081 of any such unauthorised use.

5.0 CLIENT RIGHTS

1. 1. Upon being registered by Consentz, Consentz grants to the Client a non-exclusive, non-transferable right to permit the Authorised Users to use the Services and the Documentation during the Subscription Term solely for the Client’s internal business operations.
   2. Consentz is entitled to make any changes to the specification, functionality and features of the Software that it desires at its sole discretion but shall provide notice of the same to the Client where necessary.
   3. The Client will have administration privileges over the accounts of its Authorised Users, and the Client shall ensure that it disables the accounts for Authorised Users, who subsequently terminate their relationship with it.
   4. The Client shall not access, store, distribute or transmit any Viruses, or any other material during the course of its use of the Services that, in Consentz’s sole discretion, is unacceptable or illegal and Consentz reserves the right, without liability or prejudice to its other rights, to disable the Client’s access to any material that breaches the provisions of this clause.
   5. The Client shall not:
      1. except as may be allowed by any applicable law which is incapable of exclusion by agreement between the Client and Consentz, and except to the extent expressly permitted under these Terms: 

1. attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Software and/or Documentation (as applicable) in any form or media or by any means; or
2. attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software;

1. access all or any part of the Services and Documentation in order to build a product or service which competes with the Services and/or the Documentation;
2. use the Services and/or Documentation to provide services to third parties;
3. subject to clause 20, license, sell, rent, lease, transfer, assign, distribute, display, disclose, or otherwise commercially exploit, or otherwise make the Services and/or Documentation available to any third party except the Authorised Users; or
4. attempt to obtain, or assist third parties in obtaining, access to the Services and/or Documentation, other than as provided under this clause 5.

1. The Client shall use all reasonable endeavours to prevent any unauthorised access to, or use of, the Services and/or the Documentation and, in the event of any such unauthorised access or use, promptly notify Consentz.
2. The rights provided under this clause are granted to the Client only, and shall not be considered granted to any subsidiary or holding company.

6.0 TERM 

1. 1. Subject to earlier termination in accordance with clause 15, these Terms shall commence on the Effective Date and shall continue for a period of one (1) year (Initial Subscription Term) and, thereafter, it shall automatically renew for successive one (1) year periods (each a Renewal Subscription Term) unless:
      1. either party notifies the other party of termination, in writing, at least ninety (90) days before the end of the Initial Subscription Term or any Renewal Subscription Term, in which case these Terms shall terminate upon the expiry of the applicable Initial Subscription Term or Renewal Subscription Term; 
      2. either party notifies the other party of termination, in writing, within 30 days of the Effective Date, in which case these Terms shall terminate immediately; or
      3. it is otherwise terminated in accordance with the provisions of these Terms.
   2. The renewal is automatic.  Any Renewal Subscription Term will be in accordance with these Terms (as may be updated or amended from time to time).  The latest contemporary content and features of the applicable Service will apply. 
   3. Should the Client decide not to renew, it must send the notice of non-renewal by email to the Consentz Authorised Representative in accordance with the notice period set out at clause 6.1(a).

7.0 SERVICES

1. 1. Consentz undertakes that the Services and any Additional Services will be performed with reasonable skill and care.
   2. Consentz shall provide the Set-Up Services (if applicable) to the Client promptly and as near to the Effective Date as possible.
   3. The Client acknowledges that a delay in the Client performing its obligations in the Agreement may result in a delay in the performance of the Set-Up Services; and Consentz will not be liable to the Client in respect of any failure to meet the Set-Up Services timetable to the extent that that failure arises out of a delay in the Client performing its obligations under these Terms.
   4. Subject to any written agreement of the parties to the contrary, any Intellectual Property Rights that may arise out of the performance of the Set-Up Services by Consentz shall be the exclusive property of Consentz.
   5. The undertaking at clause 7.1 shall not apply to the extent of any non-conformance which is caused by use of the Services contrary to the Documentation.  If the Services do not conform with such undertaking, Consentz will, at its expense, use reasonable commercial endeavours to correct any such non-conformance in accordance with the Support Services detailed in Schedule 2 and will make reasonable commercial endeavours to provide the Client with an alternative means of accomplishing the desired performance.  Such correction or substitution constitutes the Client’s sole and exclusive remedy for any breach of the undertaking set out in clause 7.1.
   6. These Terms shall not prevent Consentz from entering into similar agreements with third parties, or from independently developing, using, selling or licensing documentation, products and/or services which are similar to those provided under these Terms.

8.0 ADDITIONAL SERVICES

1. 1. The Client may choose to take Additional Services (as described on the Order Form) for which Additional Services Fees shall be payable as set out in the Order Form.
   2. The Client and Consentz agree that Consentz may design, develop and implement a Customisation or Customisations in accordance with a Statement of Work pursuant to the Order Form or otherwise in writing by the Parties.
   3. All Intellectual Property Rights in the Customisations shall, as between the parties, be the exclusive property of Consentz (unless the parties agree otherwise in writing).
   4. From the time and date when a Customisation is first delivered or made available by Consentz to the Client, the Customisation shall form part of the Platform, and accordingly from that time and date your rights to use the Customisation shall be governed by these Terms.
   5. The Client acknowledge that Consentz may make any Customisation available to any of its clients or any other third party at any time after the end of the period following the making available of the Customisation to the Client.

9.0 SUPPORT SERVICES

1. 1. Consentz shall, during the Subscription Term, provide the Support Services with reasonable skill and care and make available the Documentation to the Client on and subject to the Order Form, these Terms and the Support Services description set out at Schedule 2.  The parties acknowledge and agree that Schedule 2 shall govern the availability of the Services as well as their maintenance and support.
   2. Consentz may suspend the provision of the Support Services if any amount due to be paid by the Client under these Terms is overdue and Consentz has given to the Client at least fourteen (14) days’ written notice, following the amount becoming overdue, of its intention to suspend the Support Services on this basis.

10.0 INTELLECTUAL PROPERTY

1. 1. Consentz and/or its licensors will remain the owners of all Consentz Intellectual Property Rights.  For the duration of the Subscription Term, Consentz grants to the Client a non-exclusive licence to use the Consentz Intellectual Property for the sole purposes of enabling the Client to use the Services.  Except as expressly permitted by this Agreement, the Client may not use any of Consentz’s Intellectual Property Rights without Consentz’s prior written consent and shall have no right to use the source code form of the Software.
   2. The Client shall remain the owner of all Client Intellectual Property Rights.  For the duration of the Subscription Term, the Client grants to Consentz a perpetual, irrevocable, non-exclusive, worldwide, royalty-free licence, to use, reproduce, publish, display and communicate to the public the Client’s content, and to modify, adapt, translate, create derivative works from and/or incorporate the same into other works in any form, media or technology, to the extent that this is necessary to enable Consentz to provide the Services and to perform its obligations under this Agreement.
   3. The Client shall promptly give notice in writing to Consentz in the event that the Client becomes aware of any claim that any of the Client Intellectual Property Rights infringes the rights of any third party. In such an event, Consentz shall, at its absolute discretion, determine what action if any it shall take in respect of the matter (including immediately terminating these Terms) and the Client shall fully indemnify Consentz for and against any damages, losses, costs and expenses (including reasonable legal costs and expenses) or other liabilities incurred by Consentz as a result of such claim.

11.0 CLIENT OBLIGATIONS

1. 1. The Client shall (and where applicable shall procure that Authorised Users shall):
      1. provide Consentz with:

1. all necessary co-operation in relation to these Terms; and
2. all necessary access to such information as may be required by Consentz,

in order to provide the Services, including but not limited to Data, security access information and configuration services as applicable;

1. operate the Client’s business in accordance with good industry practice and in accordance with any applicable codes, regulations or guidance of any governmental, non-governmental or other applicable regulatory organisation;
2. comply with the Consentz Legal Policies (which will be supplied) when using the Platform;
3. carry out all of the Client’s other responsibilities set out in these Terms in a timely and efficient manner.  If there are delays in the Client’s provision of such assistance, Consentz may adjust any timetable or delivery schedule as reasonably necessary;
4. ensure that the Authorised Users use the Services and the Documentation in accordance with these Terms and shall be responsible for any Authorised User’s breach of these Terms;
5. obtain and maintain all necessary licences, consents, and permissions necessary for Consentz, its contractors, agents, partners to perform their obligations under these Terms, including without limitation the Services; and
6. be solely responsible for procuring and maintaining its network connections, internet connections and telecommunications.

12.0 CONSENTZ FEES & PAYMENT 

1. 1. The Client shall pay the Fees promptly as they fall due in accordance with the Order Form.
   2. If Consentz does not receive payment in accordance with these Terms and the Order Form, without prejudice to any other rights and remedies of Consentz:
      1. Consentz may, without liability to the Client, disable its Client Login to its Client Account and access to all or part of the Services and Consentz shall be under no obligation to provide any or all of the Services while the invoice(s) concerned remains unpaid; and
      2. charge the Client interest on the overdue amount at the rate of 8% per annum above the Bank of England base rate from time to time (which interest will accrue daily until the date of actual payment and be compounded at the end of each calendar month).
   3. All Fees payable under these Terms shall be payable in pounds sterling and are non-refundable.
   4. All amounts stated in or in relation to these Terms are, unless the context requires otherwise, stated exclusive of any applicable value added taxes, which will be added to those amounts and payable by the Client to Consentz.
   5. Consentz may elect to vary any element of the Consentz Fees by giving to the Client not less than thirty (30) days’ written notice of the variation, providing that no such variation shall result in an aggregate percentage increase in the relevant element of the Fees during the Subscription Term that exceeds five percent (5%) over the percentage increase, during the same period, in the Retail Prices Index (all items) published by the UK Office for National Statistics.
   6. If there is any invoice dispute, the Client shall pay the amount in full pending the resolution of any dispute and, upon resolution, Consentz shall (if necessary) pay any adjustment due within thirty (30) Business Days. The Client agrees to pay all amounts due in full and the Client shall not, for any reason whatsoever, be entitled to assert any credit, set-off or counterclaim against Consentz in order to justify withholding payment of any such amount in whole or in part.

13.0 DATA PROTECTION, OWNERSHIP & DATA LOSS

1. 1. In respect of any Data processed by Consentz on behalf of the Client pursuant to these Terms, the Parties shall carry out the obligations contained in Schedule 3 prior to 25 May 2018, and Schedule 4 thereafter.
   2. Client shall own all right, title and interest in and to all of the Data including that inputted and uploaded by Client or its Patients to or via the Platform and Client shall have sole responsibility for the legality, reliability, integrity, accuracy, quality and use of the Data.  However, Consentz shall be entitled to use anonymised Data for the purposes of evaluating and improving the Services. 
   3. The Client hereby grants to Consentz a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Data to the extent reasonably required for the performance of the Services, together with the right to sub-license these rights to its hosting, connectivity and telecommunications service providers to the extent reasonably required for the performance of the Services and the exercise of Consentz’s rights hereunder.
   4. The parties acknowledge that Consentz’s Service incorporates a standard data protection notice given on behalf of the Client, which is updated from time to time (the current version being set out in Schedule 5), that Patients are given the opportunity to consent to.  Such data protection notice may be amended by agreement between the parties.  Client warrants to Consentz that it will not use the Data outside of the scope of that data protection notice.  The Client further warrants that use of the Data by Consentz in accordance in accordance with these Terms will not:
      1. breach the provisions of any law, statute or regulation;
      2. infringe the Intellectual Property Rights or other legal rights of any person; or
      3. give rise to any cause of action against Consentz in each case in England & Wales.
   5. Consentz shall create a back-up copy of the Data at least daily, shall ensure that each such copy is sufficient to enable Consentz to restore the Services to the state they were in at the time the back-up was taken.  Consentz shall retain and securely store: a daily (end of day) back-up copy of the Data for seven days, a weekly back-up copy of the Data for four weeks, and a monthly back-up of the Data for 12 months.  In the event of any loss or damage to Data, Client’s sole and exclusive remedy shall be for Consentz to use reasonable commercial endeavours to restore the lost or damaged Data from the latest back-up of such Data. Client acknowledges that this process will overwrite the Data stored on the Platform prior to the restoration. Consentz shall not be responsible for any loss, destruction, alteration or disclosure of Data caused by any third party (except those third parties sub-contracted by Consentz to perform services related to Data maintenance and back-up).

14.0 CONFIDENTIALITY 

1. 1. Save as is otherwise required by law or any regulatory authority, each party undertakes to the other that during the Subscription Term and thereafter it shall keep secret and shall not without the prior written consent of the other party disclose to any third party (except to its legal and professional advisors) any Confidential Information learned by the recipient party or disclosed to the recipient party by such other party pursuant to, or otherwise in connection with these Terms, except to the extent that any Confidential Information:
      1. is (otherwise than by breach of these Terms) in the public domain; or,
      2. is already known by the recipient party other than pursuant to disclosure from the other party;
      3. is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.
   2. To the extent that it is necessary to give effect to these Terms, the recipient party may disclose Confidential Information to its employees as may reasonably be necessary provided that the recipient party shall:
      1. before disclosure, make such employees aware of their obligations of confidentiality under these Terms;
      2. at all times procure compliance with such obligations of confidentiality; and
      3. if requested by the disclosing party, procure named employees to execute a confidentiality agreement directly in favour of the disclosing party.
   3. Neither party shall issue any press release or other public announcement relating to the subject matter of these Terms without the prior written consent of the other party.
   4. This clause 14 shall survive termination of these Terms howsoever arising.

15.0 TERMINATION

1. 1. Either party may terminate this Agreement with immediate effect without liability by service of written notice on the other and without prejudice to its other rights, if the other party:
      1. is in material breach of this Agreement where the breach is incapable of remedy;
      2. is in material breach of this Agreement where the breach is capable of remedy and fails to remedy that breach within thirty (30) days after receiving written notice of such breach or other default from the non-defaulting party; or
      3. if any of the following events occur:

1. it is, or is deemed for the purposes of any applicable law to be, unable to pay its debts as they fall due for payment; 
2. a petition is presented or documents filed with a court or any registrar or any resolution is passed for its winding-up, administration or dissolution or for the seeking of relief under any applicable bankruptcy, insolvency, company or similar law; 
3. any liquidator, trustee in bankruptcy, judicial custodian, compulsory manager, receiver, supervisor, administrative receiver, administrator or similar officer is appointed in respect of it or any of its assets; or
4. any event analogous to the events listed in (i) to (iii) above takes place in respect of it in any jurisdiction.

1. Clause 15.1(c) i-iv above does not apply to a petition for winding-up presented by a creditor which is being contested in good faith and with due diligence and which is discharged or struck out within twenty-one (21) days.
2. Consentz may suspend access to the Services with immediate effect at any time during the Subscription Term if Client is in material breach of any obligation in this Agreement which shall include, but is in no way limited to, where any delinquent payment is not received by Consentz within fifteen (15) calendar days after notice to Client. Client will continue to be charged for and be liable for all Fees during any period of suspension. Where either Party initiates termination of this Agreement in accordance with clause 15, Client will continue to be obligated to pay all balances lawfully due and payable.
3. On termination of these Terms for any reason:
   1. all rights granted under these Terms shall immediately terminate;
   2. each party shall return and make no further use of any property including any Intellectual Property Rights (and all copies of them) belonging to the other party;
   3. Consentz may destroy or otherwise dispose of any of the Data in its possession unless Consentz receives, no later than fifteen (15) days after the effective date of the termination of these Terms, a written request for the delivery to Client of the then most recent back-up of the Data. Consentz shall use reasonable commercial endeavours to deliver the back-up to Client within thirty (30) days of its receipt of such a written request, provided that Client has, at that time, paid all Fees outstanding at, and resulting from, termination (whether or not due at the date of termination). Client shall pay all reasonable expenses incurred by Consentz in returning or disposing of Data; and
   4. the accrued rights of Consentz or Client as at termination, or the continuation after termination of any provision expressly stated to survive or implicitly surviving termination shall not be affected or prejudiced.

16.0 WARRANTIES AND INDEMNITIES 

1. 1. The Client hereby warrants, represents and undertakes to Consentz that these Terms constitute its valid, legal and binding agreement, enforceable in accordance with the Terms.
   2. Consentz shall defend the Client against any Claim that the Software, Services or Documentation infringes any patent, copyright, trade mark, database right or right of confidentiality, and shall indemnify the Client for any amounts awarded against the Client in judgment or settlement of such Claims, provided that:
      1. Consentz is given prompt notice of any such Claim;
      2. the Client provides reasonable co-operation to Consentz in the defence and settlement of such Claim, at  Consentz’s expense; and
      3. Consentz is given sole authority to defend or settle the Claim.
   3. In no event shall any Consentz Party be liable to the Client to the extent that the alleged infringement is based on:
      1. a modification of the Software, Services or Documentation by anyone other than Consentz;
      2. the Client’s use of the Software, Services or Documentation in a manner contrary to the instructions given to the Client by Consentz; or
      3. the Client’s use of the Software, Services or Documentation after notice of the alleged or actual infringement from Consentz or any appropriate authority.
   4. Clause 16 states the Client’s sole and exclusive rights and remedies and the entire obligations and liability of the Consentz Parties, for infringement of any patent, copyright, trade mark, database right or right of confidentiality.
   5. The Client acknowledges that complex software is never wholly free from defects, errors and bugs (and security vulnerabilities); and subject to the other provisions of these Terms, Consentz gives no warranty or representation that the Services will be wholly free from defects, errors and bugs (or will be wholly secure).
   6. The Client acknowledges that the Services are designed to be compatible only with that software and those systems specified as compatible by Consentz; and Consentz does not warrant or represent that the Services will be compatible with any other software or systems.
   7. The Client acknowledges that Consentz will not provide any legal, health, financial, accountancy or taxation advice under these Terms or in relation to the Services; and, except to the extent expressly provided otherwise in these Terms, Consentz does not warrant or represent that the Services or the use of the Services by the Client will not give rise to any legal liability on the part of the Client or any other person.

17.0 LIMITATION OF LIABILITY 

1. 1. This clause 17 sets out the entire financial liability of Consentz (including any liability for the acts or omissions of its employees, agents and sub-contractors) to the Client:
      1. arising under or in connection with these Terms;
      2. in respect of any use made by the Client of the Software, Services and Documentation or any part of them; and
      3. in respect of any representation, statement or tortious act or omission (including negligence) arising under or in connection with these Terms.
   2. Subject to clause 17.4, Consentz shall not be liable to the Client in contract, misrepresentation, restitution or otherwise for any loss of profits, loss of business, depletion of goodwill and/or similar losses or loss or corruption of data or information, or pure economic loss, or for any special, indirect or consequential loss, costs, damages, charges or expenses however arising under these Terms.
   3. Consentz’s total aggregate and maximum liability, in contract (including in respect of the indemnity at clause 16.2), tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise, arising in connection with the performance or contemplated performance of these Terms shall be limited to the total Subscription Fees paid to Consentz during the three (3) continuous months immediately preceding the date on which the Claim arose.
   4. Nothing in this clause 17 shall however exclude or restrict Consentz’s liability for 
      1. fraudulent misrepresentations;
      2. any liability where the law does not permit such exclusion of liability; and 
      3. death or personal injury arising from negligence.
   5. Consentz shall not be in breach of any of its obligations under these Terms which arise or occur due to the act, omission, and default of the Client or your failure to comply with any of its obligations under these Terms.
   6. Except as expressly set out in these Terms:
      1. no conditions, warranties or other terms, including any implied terms relating to satisfactory quality or fitness for any purpose, will apply to the Software, Documentation, Services  or to anything supplied or provided by Consentz under this Agreement which are all provided to the Client on an ‘as is’ basis. The Client acknowledges that the service may be subject to limitations, delays and other problems inherent in the use of such communications facilities;
      2. the Client assume sole responsibility for the results obtained from the use of the Services and the Documentation and for conclusions drawn from such use; and
      3. all warranties, representations, conditions and all other terms of any kind whatsoever implied by statute or common law are, to the fullest extent permitted by applicable law, excluded from these Terms.
   7. No action arising out of or in connection with these Terms may be brought by the Client more than twelve (12) months after the date of the event from which the Claim (or last of a series of related Claims) arose. 

18.0 FORCE MAJEURE 

1. 1. Consentz shall have no liability to Client under these Terms if it is prevented from or delayed in performing its obligations under these Terms, or from carrying on its business, by one or more Force Majeure Events provided that the Client is notified of such and the expected duration.

19.0 NOTICES 

1. 1. Any notice given or made under these Terms shall be in writing and in English and signed by or on behalf of the party giving it and shall be:
      1. delivered by hand (which shall be deemed to have been received when delivered, or if delivery is not in business hours, at 9 am on the first business day following delivery);
      2. sent by pre-paid first-class post or recorded delivery post to the other party at its address set out in these Terms, or such other address as may have been notified by that party for such purposes (which shall be deemed to have been received at the time at which it would have been delivered in the normal course of post); or
      3. by email to your Authorised Representative at Consentz, at care@consentz.com (which shall be deemed to be received as verified by automated receipt or electronic log).
   2. Client and Consentz agree that the provisions of this clause shall not apply in relation to the service of any process in any legal action or proceedings arising out of or in connection with these Terms or the legal relationships established by these Terms.

20.0 GENERAL

1. 1. These Terms shall be binding on and inure to the benefit of each of Client and Consentz and their respective successors and assigns. Client shall not assign or sub-contract any of its rights or obligations under these Terms (in whole or in part) without the prior written consent of Consentz.  Consentz shall be entitled to assign or subcontract any of its rights or obligations under these Terms in whole or in part.
   2. If any one or more of the provisions of these Terms should be held to be invalid, illegal or unenforceable in any respect, the validity and enforceability of the remaining provisions contained in these Terms shall not in any way be affected or impaired and Client and Consentz shall amend these Terms to add a new provision having an effect as near as legally permissible to the one held to be invalid, illegal or unenforceable.
   3. These Terms (which include by reference the applicable Order Form and the Schedules) constitutes the entire agreement and understanding between Client and Consentz with respect to the subject matter of these Terms and supersedes any and all prior contracts, licences, arrangements and understandings relating to the matters provided for herein. Client and Consentz acknowledge that they have not relied on any oral or written representations made by the other party or the other party’s representatives in entering into these Terms, including any information or material provided by Consentz personnel and will have any remedy in respect of any misrepresentation (whether written or oral) made to it upon which it relied in entering into the Agreement.
   4. These Terms are not intended to create any partnership or joint venture relationship between Consentz and Client or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name of, or on behalf of, or otherwise to bind the other in any way.
   5. Consentz may subcontract any of its obligations under the Agreement, providing that Consentz shall remain responsible to the Client for the performance of any subcontracted obligations.  Notwithstanding any other provision of these Terms, the Client acknowledges and agrees that Consentz may subcontract to any reputable third party hosting business the hosting of the Consentz Platform and the provision of related Support Services.
   6. Save as expressly provided in these Terms, no variation to, or notice or consent under these Terms shall be effective unless it is in writing and signed by an authorised signatory of each party.  A waiver by any party of any of the terms or conditions of these Terms in any instance shall not be deemed or construed to be a waiver of such term or condition for the future, or of any subsequent breach thereof.  No waiver of any right shall constitute a waiver of any other right or be effective unless made in writing and signed by an authorised signatory of the party making the waiver. 
   7. Save for a Consentz Party, a person who is not a party to these Terms has no right under the Contracts (Rights of Third Parties) Act 1999 to enforce these Terms.

21.0 GOVERNING LAW & JURISDICTION 

1. 1. These Terms and any dispute or claim arising out of or in connection with it or its subject matter, whether of a contractual or non-contractual nature, shall be governed by and construed in accordance with the laws of England and Wales. The parties agree to submit to the exclusive jurisdiction of the English courts in respect of any dispute arising out of or in connection with these Terms.

SCHEDULE 2

Service Availability, Maintenance and Support Services (‘Support Services’)

Part 1: Service Availability

1. 1. Consentz shall use reasonable endeavours to ensure that the uptime for the Services is at least 99.5% during each calendar month.
   2. Consentz shall be responsible for measuring uptime, and shall do so using any reasonable methodology.
   3. Downtime caused directly or indirectly by any of the following shall not be considered when calculating whether Consentz has met the uptime guarantee given in paragraph 1.1:
      1. a Force Majeure Event;
      2. a fault or failure of the internet or any public telecommunications network;
      3. a fault or failure of the Client’s computer systems or networks;
      4. any breach by the Client of the Agreement; or
      5. scheduled maintenance carried out in accordance with the Agreement.

Part 2: Maintenance Services

1. 1. Consentz shall where practicable give to the Client prior written notice of scheduled Maintenance Services that are likely to affect the availability of the Consentz Services or are likely to have a material negative impact upon the Consentz Services, without prejudice to Consentz’s other notice obligations under this Part 2 of Schedule 2.
   2. Consentz shall provide all scheduled Maintenance Services outside Business Hours.
   3. Consentz shall give to the Client written notice of the application of any security Update to the Platform and prior written notice of the application of any non-security Update to the Platform.
   4. Consentz shall apply Updates to the Platform as follows:
      1. third party security Updates shall be applied to the Platform promptly following release by the relevant third party, providing that Consentz may acting reasonably decide not to apply any particular third party security Update;
      2. Consentz’s security Updates shall be applied to the Platform promptly following the identification of the relevant security risk and the completion of the testing of the relevant Update; and
      3. other Updates shall be applied to the Platform in accordance with any timetable notified by Consentz to the Client or agreed by the parties from time to time.
   5. Consentz shall give to the Client prior written notice of the application of an Upgrade to the Platform.

Part 3: Support Services

1. 1. Consentz shall make available to the Client a helpdesk in accordance with the provisions of this Part 3 of Schedule 2.
   2. Consentz shall ensure that the helpdesk is accessible by telephone, email and using Consentz’s web-based notification system.
   3. Consentz shall ensure that the helpdesk is operational and adequately staffed during Business Hours during the Term. In addition, Consentz shall provide a special telephone number for the Client to report critical issues outside of Business Hours.
   4. The Client shall ensure that all requests for Support Services that it may make from time to time shall be made through the helpdesk.
   5. Issues raised through the Support Services shall be categorised as follows:
      1. critical: the Services are inoperable or a core function of the Services is unavailable;
      2. serious: a core function of the Services is significantly impaired;
      3. moderate: a core function of the Services is impaired, where the impairment does not constitute a serious issue; or a non-core function of the Services is significantly impaired; and
      4. minor: any impairment of the Services not falling into the above categories; and any cosmetic issue affecting the Services.
   6. Consentz shall determine, acting reasonably, into which severity category an issue falls.
   7. Consentz shall use reasonable endeavours to respond to requests for Support Services promptly, and in any case in accordance with the following time periods:
      1. critical: 1 Business Hour;
      2. serious: 4 Business Hours;
      3. moderate: 1 Business Day; and
      4. minor: 5 Business Days.
   8. Consentz shall ensure that its response to a request for Support Services shall include the following information (to the extent such information is relevant to the request): an acknowledgement of receipt of the request, where practicable an initial diagnosis in relation to any reported error, and an anticipated timetable for action in relation to the request.
   9. Consentz shall use reasonable endeavours to resolve issues raised through the Support Services promptly, and in any case in accordance with the following time periods:
      1. critical: 4 Business Hours;
      2. serious: 12 Business Hours;
      3. moderate: 8 Business Days; and
      4. minor: 30 Business Days.
   10. The Support Services shall be provided remotely, save to the extent that the parties agree otherwise in writing.
   11. If the total hours spent by the personnel of Consentz performing the Support Services during any calendar month exceed 10, then:
       1. Consentz will cease to have an obligation to provide Support Services to the Client during the remainder of that period; and
       2. Consentz may agree to provide Support Services to the Client during the remainder of that period, but the provision of those Support Services will be subject to additional Fees.
   12. Consentz shall have no obligation to provide Support Services in respect of any issue caused by:
       1. the improper use of the Services by the Client; or
       2. any alteration to the Services made without the prior consent of Consentz.

SCHEDULE 3

Data Protection Clauses (Pre 25 May 2018)

1. INTERPRETATION
   1. In this Schedule:

Act means the Data Protection Act 1998, as in force from time to time;

Data Privacy Laws means the Act and the Privacy and Electronic Communication Regulations 2003, any amendment, consolidation or re-enactment thereof, any legislation of equivalent purpose or effect enacted in the United Kingdom, or, where relevant, the European Union, and any orders, guidelines and instructions issued under any of the above by relevant national authorities, a judicial authority in England and Wales or, where relevant, a European Union judicial authority; and

Personal Data has the meaning given to it by the Data Protection Act 1998, but shall only include personal data to the extent that such personal data, or any part of such personal data, is processed in relation to the services provided under this Agreement.

1. Words and phrases with defined meanings in the Act have the same meanings when used in this Schedule, unless otherwise defined in this Schedule.

1. OBLIGATIONS
   1. Each party shall comply with the Data Privacy Laws applicable to it in connection with this Agreement, and shall not cause the other party to breach any of its obligations under Data Privacy Laws.
   2. Where a party, or a sub-contractor of a party, processes Personal Data (as processor) (that party being the Processor) on behalf of the other party or a member of its group (as controller) (that party being the Controller) in connection with this Agreement, the Processor shall, or shall ensure that its sub-contractor shall:
      1. process the Personal Data only on behalf of the Controller, only for the purposes of performing its obligations under this Agreement, and only in accordance with instructions contained in this Agreement or instructions received in writing from the Controller from time to time;
      2. not publish, disclose or divulge any of the Personal Data to any third party (including for the avoidance of doubt the data subject itself), unless directed to do so in writing by the Controller;
      3. as a minimum, take all measures required to comply with the seventh data protection principle, as set out in Schedule 1 of the Act, in accordance with best practice;
      4. only grant access to the Personal Data to persons who need to have access to it for the purposes of performing this Agreement and, to the extent such persons are granted access, that they are only granted access to the part or parts of the Personal Data necessary for carrying out their role in performance of this Agreement;
      5. ensure that all persons with access to the Personal Data are reliable;
      6. not engage another processor (a Sub-Processor) to process the Personal Data on its behalf without specific written consent of the Controller, approving a named Sub-Processor, such consent always subject to:
         1. the Processor binding the Sub-Processor by written agreement, imposing on the Sub-Processor obligations in relation to the Personal Data equivalent to those set out in this Agreement, and an obligation to procure that the Sub-Processor ceases processing without delay on termination of this Agreement; and
         2. the Processor remaining liable to the Controller for the acts and omissions of any Sub-Processor, as if they were the acts or omissions of the Processor;
      7. not transfer Personal Data outside of the European Economic Area without the prior written consent of the Controller. Where the Controller consents to the transfer of Personal Data outside the European Economic Area, the Processor shall comply with:
         1. the obligations of a controller under the eighth data protection principle as set out in Schedule 1 of the Act by providing an adequate level of protection to any Personal Data transferred; and
         2. any reasonable instructions of the Controller in relation to such transfer; and
      8. allow the Controller, or its external advisers (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Processor’s data processing activities and those of its relevant agents, group companies and sub-contractors, and comply with all reasonable requests or directions by the Controller, to enable to Controller to verify that the Processor is in full compliance with its obligations under this Schedule.
   3. Notwithstanding anything in this Agreement, information provided by a Processor to a Controller, whether through audit or otherwise, may be disclosed by the Controller if requested or required generally or specifically by applicable law, a court of competent jurisdiction or a supervisory authority for the purposes of responding to a claim, request for information, inquiry or investigation.

SCHEDULE 4

Data Protection Clauses (25 May 2018 onwards)

1. INTERPRETATION
   1. In this Schedule:

Data Privacy Laws means the GDPR and the Privacy and Electronic Communication Regulations 2003, any amendment, consolidation or re-enactment thereof, any legislation of equivalent purpose or effect enacted in the United Kingdom, or, where relevant, the European Union, and any orders, guidelines and instructions issued under any of the above by relevant national authorities, a judicial authority in England and Wales or, where relevant, a European Union judicial authority;

GDPR means General Data Protection Regulation (EU) 2016/679 as in force from time to time;

Personal Data has the meaning given to it by the GDPR, but shall only include personal data to the extent that such personal data, or any part of such personal data, is processed in relation to the services provided under this Agreement; and

Replacement National Legislation means legislation in the United Kingdom which is enacted to cover, in whole or part, the same subject matter as the GDPR.

1. Words and phrases with defined meanings in the GDPR have the same meanings when used in this Schedule, unless otherwise defined in this Schedule.
2. If the GDPR ceases to apply to the United Kingdom, references to the GDPR, to provisions within it and to words and phrases with defined meanings in it, shall be deemed references to Replacement National Legislation, the nearest equivalent provisions in it and the nearest equivalent words and phrases in it (as the case may be).

1. OBLIGATIONS
   1. Each party shall comply with the Data Privacy Laws applicable to it in connection with this Agreement, and shall not cause the other party to breach any of its obligations under Data Privacy Laws.
   2. Where a party, or a sub-contractor of a party, processes Personal Data (as processor) (that party being the Processor) on behalf of the other party or a member of its group (as controller) (that party being the Controller) in connection with this Agreement, the Processor shall, or shall ensure that its sub-contractor shall:
      1. process the Personal Data only on behalf of the Controller for the duration of this Agreement, only for the purposes of performing its obligations under this Agreement, and only in accordance with instructions contained in this Agreement or instructions received in writing from the Controller from time to time.  The Processor shall notify the Controller if, in its opinion, any instruction given by the Controller breaches Data Privacy Laws or other applicable law;
      2. for the purposes of article 28(3) GDPR:
         1. the subject matter and duration of processing is: recording of medical records;
         2. the nature and purpose of processing is to record medical records for practitioners;
         3. the types of Processed Personal Data is Medical Records; and
         4. the categories of data subjects are personal history and medical records
      3. only grant access to the Personal Data to persons who need to have access to it for the purposes of performing this Agreement and, to the extent such persons are granted access, that they are only granted access to the part or parts of the Personal Data necessary for carrying out their role in performance of this Agreement;
      4. ensure that all persons with access to the Personal Data are:
         1. reliable; and
         2. subject to an obligation of confidentiality or are under an appropriate statutory obligation of confidentiality;
      5. as a minimum, take all measures required pursuant to Article 32 GDPR in accordance with best practice;
      6. not engage another processor (a Sub-Processor) to process the Personal Data on its behalf without specific written consent of the Controller, approving a named Sub-Processor, such consent always subject to:
         1. the Processor binding any Sub-Processor by written agreement, imposing on the Sub-Processor obligations in relation to the Personal Data equivalent to those set out in this Agreement, and an obligation to procure that the Sub-Processor ceases processing without delay on termination of this Agreement; and
         2. the Processor remaining liable to the Controller for the acts and omissions of any Sub-Processor, as if they were the acts and omissions of the Processor;
      7. taking into account the nature of the processing and insofar as is possible, assist the Controller with the fulfilment of the Controller’s obligation to respond to requests for exercising data subject’s rights under the Data Privacy Laws and in responding to any other request, complaint or communication by, but not limited to, providing information requested by the Controller and relevant Personal Data within a reasonable time and in a commonly used electronic format, taking into account the timescales for the Controller complying with the data subject’s request under Data Privacy Laws;
      8. taking into account the nature of the processing and the information available to the Processor, assist the Controller in ensuring compliance with its obligations pursuant to Articles 32 to 36 GDPR inclusive;
      9. at the Controller’s option, delete or return to the Controller the Personal Data, and procure that any party to whom the Processor has disclosed the Personal Data does the same:
         1. when the Controller instructs the Processor to do so, in which case the Processor shall be entitled to treat this as a force majeure event if it is prevented from performing the Agreement as a result; or
         2. after the termination of services under this Agreement which involve processing the Personal Data,

such obligation to include deleting or returning all copies of the Personal Data, unless applicable law requires the Processor to retain the Personal Data. Where the Controller requests the return of Personal Data, the Processor shall use reasonable endeavours to ensure it is in the format and on the media specified by the Controller;

1. where reasonably possible, store the Personal Data in a structured, commonly used and machine readable format;
2. not transfer Personal Data outside of the European Economic Area without the prior written consent of the Controller. Where the Controller consents to the transfer of Personal Data outside the European Economic Area, the Processor shall comply with:
   1. the obligations of a controller under Articles 44 to 50 GDPR inclusive by providing an adequate level of protection to any Personal Data transferred; and
   2. any reasonable instructions of the Controller in relation to such transfer;
3. make available to the Controller all information necessary to demonstrate compliance with this Schedule; and
4. allow the Controller, or its external advisers (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit the Processor’s data processing activities and those of its relevant agents, group companies and sub-contractors, and comply with all reasonable requests or directions by the Controller, to enable to Controller to verify and procure that the Processor is in full compliance with its obligations under this Schedule. 

1. Notwithstanding anything in this Agreement, information provided by a Processor to a Controller, whether through audit or otherwise, may be disclosed by the Controller if requested or required generally or specifically by applicable law, a court of competent jurisdiction, a supervisory authority, a certification body (as referred to by Article 43 GDPR) or a monitoring body (as referred to by Article 41(1) GDPR) for the purposes of responding to a claim, request for information, inquiry or investigation.
2. Notwithstanding anything else in this Agreement, the Controller shall at all times provide the Processor with such information as the Processor may require to enable it to comply with Article 30 GDPR and the Controller shall fully indemnify the Processor for and against any damages, losses, costs and expenses (including reasonable legal costs and expenses) or other liabilities incurred by the Processor as a result of the Controller failing to do so.
   

Schedule 5

Standard data protection notice

1. Consent
   1. To facilitate your treatment and to evaluate and improve the services we provide, we (as your clinic) wish to collect, hold and process a variety of personal data about you by means of the “Consentz” service, further details of which are set out below.  If you consent to us doing so, please click on the “Accept” button below.
   2. This statement provides more information about the types of information we will hold, the types of things we will do with it, who will have access to it and how you can exercise your rights in respect of it.
2. Details
   We are your data controller for the purposes of the personal data we will collect.  Our details are as follows:

1. 1. Our name, address and registered number (if any):
   2. Our representative (if any):
   3. Our data protection officer (if any):

     3. The processing

1. 1. Data to be processed:
      The personal data to be processed is as follows:

• • Name
  • Contact details
  • Date of Birth
  • Gender
  • Act of kin
  • Emergency contact
  • Contact preferences – email/ SMS/ push notifications
  • Method of receiving appointment reminders
  • Medical information and records relating to the treatment being undertaken.

Purpose for which the personal data are intended to be processed:

The personal data collected from you will be used for the purposes of: 

• • • facilitating, administering, and recording your current, and any future, treatment by us or third party practitioners, including General Practitioners and Consultants;

• • • to evaluate and improve the services provided by the clinic;

• • • being provided on an anonymised basis to Consentz to allow it to evaluate and improve its services; and

• • • providing you with information, from time to time, about the products and service we offer using the contact channels agreed by means of the contact preferences mentioned above.

In addition, once they are provided, we will also retain (and process) your personal data to the extent necessary to enable us to establish, exercise or defend legal claims.

          2. Basis for the processing:

The processing is being given on the basis of your explicit consent (as given by means of you clicking to “accept” our processing your data on the Consentz service).

Once collected, we will also retain (and process) your personal data for the purport of establishing, excising or defending claims.

             3.Persons with whom we may share you data:

In general, access to your personal data will be restricted to those who have a need to access it in order to carry out their duties (for example, our medical staff and finance teams).

We will also share your personal data with the following external third parties in some circumstances:

• medical regulators such as the GMC, and government authorities such as HMRC or the police, if we are required to do so by law or if the regulator or authority requests it and we regard that request as reasonable;

• our insurers, legal advisers or other third parties who need access to it in the context of managing, investigating or defending claims or complaints; and
• SmartMatter LLC  who provide us with this service by which your personal data are stored and processed.
  
  4. Period for which personal data will be stored:

Seven years or such other period as may be stipulated by the clinic.

            5. Your rights (with effect from 25 May 2018)

The law gives you certain rights in respect of the personal data that we hold, which you should be aware of:

1. You have the right to obtain from us, without undue delay, the rectification of any inaccurate personal data concerning you;
2. Taking into account the purposes of the processing, you shall also have the right to have incompleted personal data completed, by means of providing a supplementary statement;
3. You have the right to require us to erase your personal data without undue delay on certain grounds (including where they are no longer necessary for the purpose for which they were collected or where you withdraw your consent and there is no other legal grounds for the processing);
4. You have the right to require us to restrict the processing of your personal data on certain grounds (including where you contest the accuracy of the personal data; the processing is unlawful, but you request a restriction of the processing rather than erasure; or we (as controller) no longer need the data for the purposes of the processing, but you required them to establish, exercise or defend legal claims);
5. You have the right to withdraw your consent at any time (to do so please email us at: care@consentz.com).  Please note that if you do so, then all personal data (other than that required to be kept to enable us to establish, exercise or defend legal claims) will be immediately deleted;
6. Should you have any complaints or issue with our treatment of your personal data, you may lodge a complaint with the Information Commissioner’s Office (https://ico.org.uk);
7. You have the right to request a copy of any of your personal data held by us.  The first copy will be free of charge, but we reserve the right to charge a small fee for additional requests; and
8. Providing your personal data is not obligatory, but not doing so may mean that we cannot commence or continue with your treatment.