Terms & Conditions
These terms and conditions shall govern the relationship between us and you and shall prevail despite the existence of any printed or other conditions even if such conditions purport to take precedence. Please read them carefully.
Dedicated and Colocated Service Terms and Conditions
The contract terms available here relate soley to dedicated servers and colocation services.
For terms and conditons that relate to all other services please see our General Terms & Conditions. Currently these terms are available only as a PDF document download.
Please click here for a copy of the current terms currently version 5.0 last updated 17th August 2017.
The GDPR Addendum below also applies to the terms referenced on this page, a copy of which is below and which is supplied for signature for each related service.
GENERAL DATA PROTECTION CONTRACTUAL ADDENDUM
This Addendum dated 3rd May 2018 (the “Addendum”) amends, with effect from and including 25 May 2018 (the “Effective Date”), the General Terms and Conditions between Easyspace Limited (registered in England under company number 03405586) trading as Hosting UK (“Hosting UK”) and you, (“Controller”) and any other agreements entered into between the parties (the “Agreement”). To the extent this Addendum is not consistent with any terms of the Agreement the terms of this Addendum shall prevail. Other than as indicated herein, capitalized terms and definitions contained herein shall have the same meaning as specified in the Agreement.
- (A) As of 25 May 2018 the General Data Protection Regulation (EU) 2016/679 (“GDPR”) will apply in the EEA replacing Directive 95/46/EC and its local implementing legislation in the UK, the Data Protection Act 1998 (“DPA 1998”). Accordingly, the parties can no longer rely on compliance with the DPA 1998 in the UK as being sufficient for controlling, processing or protecting data.
- (B) In order to comply with its legal and regulatory obligations, the parties wish to update the terms of the Agreement to comply with the GDPR on the terms as set out in this Addendum.
- Therefore, the parties, intending to be legally bound, and in consideration of the needs for both parties to comply with their respective obligations under the GDPR, agree that any data controller, processing and protection provisions (and/or any other provisions in the Agreement relating to the DPA 1998) shall, as at the Effective Date, be deleted and the following clause shall be incorporated into the Agreement:
- 1 DATA PROCESSING
- 1.1 For the purposes of this Agreement the following defined terms shall have the following meanings:
“Data Protection Law” shall mean (a) Data Protection Act 1998; or (b) from 25th May 2018, the General Data Protection Regulation ((EU) 2016/679 (“GDPR”), read in conjunction with and subject to any applicable UK national legislation that provides for specifications or restrictions of the GDPR’s rules; or (c) from the date of implementation, any applicable legislation that supersedes or replaces the GDPR in the UK or which applies the operation of the GDPR as if the GDPR were part of UK national law, which may include the Data Protection Act 2017;
- “personal data”, “controller”, “processor”, “data subject”, and “processing” (and other parts of the verb ‘to process’) shall have the meaning set out in the Data Protection Law.
- 1.2 Each party shall comply at all times with Data Protection Law and shall not perform its obligations under this Agreement in such a way as to cause the other to breach any of its applicable obligations under Data Protection Law.
- 1.3 In the context of this Agreement, Hosting UK will act as “processor” to the Controller who may act as either “processor” or “controller” with respect to the personal data. Notwithstanding the foregoing, the parties acknowledge that:
- 1.3.1 where Hosting UK only provides colocation services under the Agreement Hosting UK will not be a Processor; and
- 1.3.2 where personal data is not accessible to Hosting UK it shall not be a Processor, and therefore, in either case, the obligations of clause 1.7 shall not apply to Hosting UK.
- 1.4 The Controller represents and warrants to Hosting UK that with respect to any personal data processed pursuant to this Agreement:
- 1.4.1 all personal data is necessary for the purpose for which it is processed, accurate and up-to-date (and Controller shall at all times comply with Hosting UK’s standard acceptable use policy);
- 1.4.2 taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the Controller has implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk to the personal data;
- 1.4.3 the Controller has obtained all the necessary consents from data subjects to process the personal data and to outsource the processing of any personal data to Hosting UK and the Controller covenants that it shall notify Hosting UK in writing if there are any material changes to these consents or to the personal data that Hosting UK processes under this Agreement; and
- 1.4.4 it is not aware of any circumstances likely to, and will not instruct Hosting UK to process the personal data in a manner that is likely to, give rise to a breach of the Data Protection Law (or any other applicable data protection or privacy laws).
- 1.5 The Controller acknowledges and agrees that pursuant to its obligation under Article 28(1) of the GDPR to only appoint processors providing sufficient guarantees to implement appropriate technical and organisational measures to meet the requirements of the GDPR, it has assessed Hosting UK’s applicable technical and organisational measures and considers them to be sufficient, taking into account the nature, scope, context and purpose of the processing undertaken pursuant to the Agreement.
- 1.6 Controller acknowledges and agrees that it is responsible for ensuring the compliance of any of its businesses, affiliates or subsidiaries located in a territory outside the EEA with Data Protection Law in relation to transfers of personal data from Hosting UK to Controller.
- 1.7 Where Hosting UK processes personal data on behalf of Controller, with respect to such processing, Hosting UK shall:
- 1.7.1 process the personal data only in accordance with the Agreement (as amended by this Addendum) and the documented instructions of the Controller given from time to time. The Controller acknowledges that Hosting UK is under no duty to investigate the completeness, accuracy or sufficiency of such instructions and any additional instructions outside the scope of this Agreement (as amended by this Addendum) require prior written approval between Hosting UK and Controller (including agreement on any fees payable by Controller to Hosting UK for carrying out such instructions);
- 1.7.2 only permit the personal data to be processed by persons who are bound by enforceable obligations of confidentiality and take steps to ensure such persons only act on Hosting UK’s instructions in relation to the processing;
- 1.7.3 protect the personal data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure. These measures shall be appropriate to the harm and risk which might result from any unauthorised or unlawful processing, accidental loss, destruction or damage to the personal data and having regard to the nature of the personal data which is to be protected (and the Controller shall notify Hosting UK immediately if the nature of such personal data changes in a material way);
- 1.7.4 remain entitled to appoint third party sub-processors. Where Hosting UK appoints a third party sub-processor, it shall, with respect to data protection obligations:
- (a) ensure that the third party is subject to, and contractually bound by, at least the same obligations as Hosting UK; and
- (b) remain fully liable to Controller for all acts and omissions of the third party, and all sub-processors engaged by Hosting UK as at the effective date of this Addendum shall be deemed authorized;
- 1.7.5 in addition to the sub-processors engaged pursuant to paragraph 1.7.4 (above), be entitled to engage additional or replacement sub-processors, subject to:
- (a) the provisions of paragraph 1.7.4(a) and 1.7.4(b) being applied; and
- (b) Hosting UK notifying the Controller of the additional or replacement sub-processor,and where Controller objects to the additional or replacement sub-processor, the parties shall discuss the objection in good faith;
- 1.7.6 notify Controller without undue delay after becoming aware that it has suffered a personal data breach;
- 1.7.7 at Controller’s cost and not more than once in any 12 month period permit Controller (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit (during business hours and on reasonable notice) Hosting UK’s data processing activities to enable Controller to verify and/or procure that Hosting UK is complying with its obligations under clause 1.2. Controller shall ensure that its adheres to any applicable Hosting UK site and security policies in the performance of such audit or inspection;
- 1.7.8 on Controller’s reasonable request and at Controller’s cost, assist Controller to respond to requests from data subjects who are exercising their rights under the Data Protection Law (insofar as it is reasonable for Hosting UK to do so);
- 1.7.9 save where such countries have been deemed by the European Commission to be providing an adequate level of protection pursuant to the relevant provisions of Data Protection Law, not process personal data outside the EEA without the prior written consent of Controller and, where Controller consents to such transfer, to comply with any reasonable instructions notified to Hosting UK by it. Notwithstanding the foregoing, Hosting UK is expressly permitted to and instructed by Controller that it may transfer personal data to any Hosting UK subsidiary and any Hosting UK subcontractor, subject to first ensuring that adequate protections are in place to protect the personal data consistent with the requirements of Data Protection Law;
- 1.7.10 on Controller’s reasonable request and at Controller’s cost, assist (insofar as it is reasonable to do so, taking into account the nature of the information available to the Hosting UK and any restrictions on disclosing the information, such as confidentiality) Controller to comply with the Controller’s obligations pursuant to Articles 32-36 of the GDPR (or such corresponding provisions of the Data Protection Law), comprising (if applicable): (a) notifying a supervisory authority that Controller has suffered a personal data breach; (b) communicating a personal data breach to an affected individual; (c) carrying out an impact assessment; and (d) where required under an impact assessment, engaging in prior consultation with a supervisory authority; and
- 1.7.11 unless applicable law requires otherwise, upon termination of the Agreement delete or return all personal data provided by Controller to Hosting UK (except to the extent this is not reasonably technically possible or prohibited by law).
- 2 INDEMNITY
- 2.1 Controller shall indemnify and hold harmless on demand Hosting UK for any loss, damage, liabilities, penalties, expenses or fines incurred (whether foreseeable or unforeseeable or direct or indirect) (“Losses”) as a result of:
- 2.1.1 the Controller breaching its obligations under clause 1 (Data Processing);
- 2.1.2 any unsuccessful claim by a data subject when such claim holds both Controller and Hosting UK as jointly and severally liable under the Data Protection Laws.
- 2.2 Where under Data Protection Law (including without limitation Article 82 of the GDPR) Hosting UK and Controller incur joint and several liability (as Controller and Processor with any other person) and, as such, Hosting UK incurs Losses (other than for damage caused by processing where it has not complied with obligations under Data Protection Law specifically directed to Processors or where it has acted outside or contrary to Controller’s lawful instructions under the Agreement), Controller shall indemnify Hosting UK on demand against all such Losses, save for such liability as corresponds directly to Hosting UK’s part of the responsibility for the damage caused by Hosting UK’s breach of the obligations of Data Protection Law or under this Agreement.
- 3 LIMITATION OF LIABILITY
- 3.1 Neither party excludes or limits liability to the other party for any matter for which it would be unlawful for the parties to exclude liability.
- 3.2 Subject to Clause 3.1, with respect to any claim relating to a breach of Data Protection Law or a breach of this Addendum, Hosting UK shall not in any circumstances be liable to the Controller whether in contract, tort (including for negligence and breach of statutory duty howsoever arising), misrepresentation (whether innocent or negligent), restitution or otherwise, for:
- 3.2.1 any loss (whether direct or indirect) of profits, business, business opportunities, revenue, turnover, reputation or goodwill; and
- 3.2.2 any loss or corruption (whether direct or indirect) of personal data or information;
- 3.3 Subject to Clause 3.1, Hosting UK’ total aggregate liability to the Controller in contract, tort (including negligence and breach of statutory duty howsoever arising), misrepresentation (whether innocent or negligent), restitution or otherwise, arising in connection with a breach of Data Protection Laws or a breach of this Addendum or any collateral contract shall in all circumstances be limited to the greater of:
- 3.3.1 the Charges paid or payable by Controller to Hosting UK under the relevant Agreement in the Initial Term; or
- 3.3.2 the total Charges paid or payable by the Controller to Hosting UK under the relevant Agreement in the contract year concerned.
- 4 GOVERNING LAW AND JURISDICTION
- This Addendum and any dispute or claim arising out of or in connection with it, or its subject matter or formation (including non-contractual disputes or claims) shall be governed by, and construed in accordance with, the laws of England. The parties agree that the courts of England will have exclusive jurisdiction to settle any dispute (whether contractual or non-contractual) arising from or in connection with the Addendum.
Further information from Hosting UK
If there is any information you can't find on our web site or that we have not included here please ask by either calling 01745 586070 or submit a queryContact Us Today