Basic Steps You Need To Know

1. Register on site and, once confirmed, upload the scan to us (note that illegible or outsize scans will be rejected under our fair use policy)
2. Analysis will be carried out at a cost of £200 + VAT (subject to our fair use policy)
3. Once complete you will receive email notification with a link to download your report
4. We store data for a period of 14 days following processing so you must ensure you have downloaded your report within this time period

Extended Legal Terms

5. User confirms that all information submitted has been obtained lawfully and with consent, and has the right to share it with supplier
6. User consents to terms inside data being searched remotely on search engines and other databases
7. User accepts that supplier liability in the contract is limited to the fee paid. No consequential loss can be due as the user warrants to check any filtered information against their own data prior to acting in reliance upon the output report
8. User consents to images of single digits, unreadable by OCR, being viewed by human eye. If required this might be undertaken outside the EU
9. Supplier agrees to only use the data for the purpose of producing the output report, keep all information confidential, and not pass to any third party except as required by law
10. Supplier undertakes to not transfer data outside of the EU without consent of user
11. Supplier will immediately notify user in the event of data loss
12. Supplier will maintain a record of all categories of processing activities carried out on behalf of the End User in accordance with GDPR Article 30(2)
13. Supplier shall allow for audits of its Data Processing activity by the End User or the End User’s designated auditor
14. Supplier designates a data protection owner (below)
15. The Data Controller is responsible for ensuring that it complies with all applicable laws relating to privacy and data protection in its use of the Services
16. Supplier is not liable to the End User for breaches of Personal Data stemming from the User's failure to protect such data. Including, but not limited to, inappropriate distribution of reports and emails, disclosure of login credentials
17. The Parties agree to take account of any guidance issued by the Information Commissioner's Office
18. Supplier does not warrant that the Service, the Documentation, or any content, document or feature of the Service will be error-free or uninterrupted, or that any defects or errors or omissions will be corrected
19. The Service is reliant upon the integrity, quality, accuracy and completeness of the Transaction Data, the and other Data Sources provided by Clients. The Supplier does not and cannot verify or confirm the accuracy, integrity or completeness of any Transaction Data, Consumer Data or other Data Sources, and does not provide any warranty in this regard. In particular, The Supplier does not warrant that the Data Sources available to The Supplier provide a complete picture of the financial or other relevant data in respect of any report
20. The Documentation and other materials provided by the supplier could include typographical errors or technical inaccuracies; and output is delivered on an as-is and as-available basis
21. Supplier will not be liable for any loss or damage caused by a distributed denial-of-service attack, Viruses or other technologically harmful material that may infect the User's computer equipment, computer programs, data or other proprietary material due to the User's use of the service or the User's downloading of any material or on any website linked
22. Except to the extent expressly stated in this Agreement, The Supplier makes no warranties of any kind, whether express (other than as expressed in this Agreement), implied, statutory or otherwise, regarding the reports or as to the suitability of the service for any particular purpose, and The Supplier specifically disclaims any implied warranties to the maximum extent permitted by Applicable Law including implied warranties of merchantability or fitness for a particular purpose, except to the extent expressly stated in this Agreement, The Supplier does not warrant that the service will be uninterrupted or error-free
23. User has sole responsibility for the legality, reliability, integrity, accuracy and quality of the input Data
24. For the purposes of the remainder of this clause, the terms "controller", "data subject", "processor" and "processing" shall have the meanings given to those terms in the Data Protection Legislation. The parties acknowledge and agree that in relation to the Consumer Data, where such Consumer Data contains Personal Data (Shared Personal Data), the User and Supplier each act as a controller in their own right. In particular:
25. Supplier shall be responsible as a controller for the Shared Personal Data that it receives, collects and processes for the purpose of complying with its regulatory obligations and retrieving the Data for the provision of the Service to the User; and the User shall be responsible as a controller for the Data that the User receives, collects and processes from The Supplier, for the Permitted Purposes
26. The Supplier shall provide the other party with contact details of at least one employee as a point of contact for all issues arising out of the Data Protection Legislation and relating to this Agreement, including the procedures to be followed in the event of a Data Security breach notify any actual or potential losses of the Data, and any Data Security Breach to the other party as soon as possible and in any event within 48 hours after becoming aware of such breach. Without prejudice to either party's obligations under the Data Protection Legislation or any other Applicable Law to notify any regulator or affected data subjects, the parties shall work together to consider the action required in order to resolve the issue in an expeditious and compliant manner and in accordance with applicable Data Protection Legislation; and promptly and without delay, notify the other party of any requests, communications and / or complaints relating to: the processing of any Data, the sharing of Data in circumstances where the other party is affected, which is made by a regulator (including, without limitation, the ICO), data subject or any other person and the parties shall each cooperate and assist the other in relation to any such request, complaint or communication to enable either or both parties (as applicable) to deal with any such requests, communications and / or complaints. The User shall, and The Supplier shall procure that no party shall transfer any Shared Personal Data outside of the European Economic Area, unless, prior to any transfer taking place, it ensures that a Valid Transfer Mechanism is put in place
27. Each party agrees that it has and will maintain customer data policies and procedures that comply with Data Protection Legislation as they relate to the Open Banking Service
28. Each party warrants and represents that it shall, at all times during the Term, comply with its respective obligations under the Data Protection Legislation
29. The Supplier does not warrant that the User's use of the Service will be uninterrupted or error-free; or that the Service, Documentation and/or the information obtained by the User through the Service will meet the User's requirements; and is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over communications networks and facilities, including the internet, and the User acknowledges that the Service and Documentation may be subject to limitations, delays and other problems inherent in the use of such communications facilities
30. The User shall obtain and maintain all necessary licences, consents, and permissions necessary for The Supplier, its contractors and agents to perform their obligations under this Agreement
31. Except to the extent expressly permitted under this Agreement, any attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Service, the Software and/or Documentation (as applicable) in any form or media or by any means; or attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Software is expressly forbidden

Charges and Payment

32. The User shall pay the Charges for the Services in accordance with the Terms of Payment as specified in this Agreement
33. The Charges are exclusive of VAT (UK sales tax), which shall be paid by the User where appropriate
34. The Supplier shall be entitled to charge interest in respect of late payment of any sum due under this Agreement, which shall accrue from the date when payment becomes due from day to day until the date of payment at a rate of 4.00% per annum above the base rate of HSBC Bank
35. The Supplier shall use its reasonable endeavours to make the Services available to the User 100% of the time but because the Services are provided by means of computer, telecommunications systems and data providers, the Provider makes no warranties or representations that the Service will be uninterrupted or error-free and the Supplier shall not, in any event, be liable for interruptions of Service, including those caused by lack of availability controlled by the CRA, or downtime of the server
36. Service Outage during Technical Support Hours: On realisation of an issue, an email is sent informing the nominated User contact that there is a disruption in service. The Supplier will provide all information that is known at this point. When there is any news pertaining to recovery of the service or the provision of an alternative service by the Supplier, an email will be sent to the User contact providing updates, information, options or instruction
37. The User warrants and represents to the Service Provider that the Supplier's copying of the User's supplied data in accordance with this Agreement will not infringe the intellectual property rights of any third party
38. All conditions, terms, representations and warranties that are not expressly stated in this Agreement, whether oral or in writing or whether imposed by statute or operation of law otherwise are excluded to the fullest extent permitted by law. In particular and without prejudice to that generality, the Supplier shall not be liable to the User as a result of any viruses introduced or passed on to the User; the Supplier shall be under no liability in respect of any inaccuracies in data produced by the use of the Website
39. The User agrees to indemnify and hold the Supplier and its employees and agents harmless from and against all liabilities, legal fees, damages, losses, costs and other expenses in relation to any claims or actions brought against the Supplier arising out of any breach by the User of the terms of this Agreement or other liabilities arising out of or relating to the Website
40. Nothing in these terms and conditions shall exclude or limit the Supplier's liability for death or personal injury resulting from the Supplier's negligence or that of its employees, agents or sub-contractors
41. The entire liability of the Supplier to the User in respect of any claim whatsoever or breach of this Agreement, whether or not arising out of negligence, shall be limited to the lower of the Supplier's margin within the charges paid for the Services under this Agreement and £200 in respect of which the breach has arisen
42. In no event shall the Supplier be liable to the User for any loss of business, loss of opportunity, loss of profits or for any other indirect or consequential loss or damage whatsoever. This shall apply even where such a loss was reasonably foreseeable, or the Supplier had been made aware of the possibility of the User incurring such a loss
43. Neither party shall be liable for any delay or failure to perform any of its obligations if the delay or failure results from events or circumstances outside its reasonable control, including but not limited to acts of God, strikes, lock outs, accidents, war, fire, the act or omission of government, highway authorities or any telecommunications carrier, operator or administration or other competent authority, the act or omission of any Internet Service Provider, or the delay or failure in manufacture, production, or supply by third parties of equipment or services, and the party shall be entitled to a reasonable extension of its obligations after notifying the other party of the nature and extent of such events
44. If any provision of this Agreement is held invalid, illegal or unenforceable for any reason by any Court of competent jurisdiction such provision shall be severed, and the remainder of the provisions hereof shall continue in full force and effect as if this Agreement had been agreed with the invalid illegal or unenforceable provision eliminated
45. Any notice to be given by either party to the other may be sent by either email, fax or recorded delivery to the address of the other party as appearing in this Agreement or such other address as such party may from time to time have communicated to the other in writing, and if sent by email shall unless the contrary is proved be deemed to be received on the day it was sent or if sent by fax shall be deemed to be served on receipt of an error free transmission report, or if sent by recorded delivery shall be deemed to be served 2 days following the date of posting
46. This Agreement contains the entire Agreement between the parties relating to the subject matter and supersedes any previous agreements, arrangements, undertakings or proposals, oral or written. Unless expressly provided elsewhere in this Agreement, this Agreement may be varied only by a document signed by both parties
47. This Agreement shall be governed by and construed in accordance with the law of England and the parties hereby submit to the exclusive jurisdiction of the English courts
48. You agree that you will keep the Confidential Information strictly confidential and not disclose any part of the same to any person except as permitted by or required for the purposes of the receipt of the Services
49. The copyright, database rights and all other intellectual property rights in the software will remain vested in us (or our third-party licensors)
50. If any part of these Terms and Conditions is found to be invalid or unenforceable by any Court or other competent body such invalidity or unenforceability shall not affect the other provisions of these Terms and Conditions and such other provisions shall remain in full force and effect
51. If either party fails to exercise a right or remedy which arises in relation to these Terms and Conditions, such failure shall not prevent the exercise of that right or remedy subsequently in respect of that or any other incident
52. A waiver of any breach of these Terms and Conditions shall only be effective if it is made in writing and signed on behalf of the party who is waiving the breach or provisions. Any waiver of a breach of any terms of these Terms and Conditions shall not be deemed a waiver of any subsequent breach and shall not affect the enforceability of any other of these Terms and Conditions
53. These Terms and Conditions and all matters arising out of them shall be governed by and construed in accordance with the Laws of England. The English Courts shall have exclusive jurisdiction over any claim or matter which may arise out of or in connection with these Terms and Conditions
54. The parties agree that the User is a Data Controller (as defined in the Data Protection Legislation) and that the Supplier is a Data Processor (as defined in the Data Protection Legislation) for the purposes of processing Protected Data pursuant to this Agreement
55. Under EU Regulation 2016/679 General Data Protection Regulation (“the GDPR”) (Article 28, paragraph 3), the User is required to put in place an agreement in writing between the Data Controller and any organisation which processes personal data on its behalf governing the processing of that data
56. The Parties have agreed to enter into this Agreement to ensure compliance with the said provisions of the GDPR in relation to all processing of the Personal Data by the Data Processor for the Data Controller
57. The terms of this Agreement are to apply to all processing of Personal Data carried out for the Data Controller by the Data Processor and to all Personal Data held by the Data Processor in relation to all such processing

Data Protection Contact

The designated data protection contact at PRISM 339 LTD is:

Name: Lee Angus

Title: Data & Privacy Manager

Terms of Payment

Within 14 days of invoice date, by direct transfer to Prism 339's bank account.

Bank name: XXXXXXXX

Account name: XXXXXXXX

Sort code: XXXXXXXX

Account number: XXXXXXXX