Terms of service

TRAITS COMPETENCIES SKILLS PTY LTD (ACN 653 063 560) AND ITS AFFILIATES (COLLECTIVELY, “TCS” OR ‘WE”) IS WILLING TO PROVIDE CERTAIN ONLINE SERVICES TO YOU AS THE INDIVIDUAL, THE COMPANY, OR THE LEGAL ENTITY (REFERENCED BELOW AS “YOU” OR “YOUR” OR “CUSTOMER”) THAT ENTERS INTO A WRITTEN OR ONLINE ORDER OR SIMILAR DOCUMENT WITH TCS THAT REFERENCES THESE TERMS AND CONDITIONS OR THAT OTHERWISE PURCHASES ONLINE SERVICES ON TCS’S WEBSITE ONLY ON THE CONDITION THAT YOU ACCEPT ALL OF THESE TERMS AND CONDITIONS (“AGREEMENT”). READ THIS AGREEMENT CAREFULLY BEFORE PURCHASING ANY SERVICES FROM TCS. THIS IS A LEGAL AND ENFORCEABLE CONTRACT BETWEEN YOU AND TCS. BY ENTERING INTO A WRITTEN OR ONLINE ORDER OR SIMILAR DOCUMENT WITH TCS THAT REFERENCES THIS AGREEMENT OR BY PURCHASING SERVICES ON OUR WEBSITE, YOU AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT.

FOR THE SAKE OF CLARITY, IF YOU ARE ENTERING INTO THIS AGREEMENT ON BEHALF OF (AND FOR USE ON BEHALF OF) A COMPANY OR OTHER ENTITY (A “CORPORATE ENTITY”), YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH CORPORATE ENTITY TO THE TERMS OF THIS AGREEMENT AND YOU ACKNOWLEDGE THAT THE TERM “YOU” OR “CUSTOMER” REFERENCED BELOW REFERS TO SUCH CORPORATE ENTITY.

1. DEFINITIONS

In these Terms of Service unless the context requires otherwise:

(a) “Content” means Personal Data and all other text, files, images, graphics, illustrations, information, data (including audio, video, photographs and other content and material), in any format, provided by Customer or End Users that are uploaded, reside in, run on or run through, the Subscription Environment;

(b) “Data Protection Addendum” means TCS’s Data Protection Addendum attached as Addendum A and incorporated by reference into these Terms of Service.

(c) “Data Protection Laws” mean any data protection or privacy laws of any country which apply to the processing by TCS of Personal Data, including (to the extent applicable):

(i) the Australian Privacy Act 1988 (Cth);
(ii) the Data Protection Act 2018 (UK);
(iii) the Californian Consumer Privacy Act 2018;
(iv) the Canadian Privacy Act 1983;
(v) the Chinese Personal Information Protection Law 2021;
(vi) the General Data Protection Regulation (EU) 2016/679 of the European Parliament (“GDPR“); and
(vii) the UK version of the GDPR as it forms part of the law of each applicable jurisdiction of the United Kingdom pursuant to the European Union (Withdrawal) Act 2018.

(d) “Documentation” means material describing the functional processes, assumptions, specifications and principle operations of the Platform which has been designated by TCS as the official documentation for the Platform;

(e) “Effective Date” means the date the online order or similar document is received and approved by TCS;

(f) “End Users” means employees or contractors of the Customer who are authorised to access the Online Services under the Customer’s Subscription.

(g) “Feedback” means all suggestions, comments, opinions, code, input, ideas, reports, information, know-how or other feedback provided by Customer (whether in oral, electronic or written form) to TCS related to the Online Services;

(h) “Initial Subscription Period” means the period specified in clause 13(a) of these Terms of Service;

(i) “Intellectual Property Rights” means all intellectual property rights throughout the world including but not limited to the following rights: copyright rights (including copyrights, copyright registration and copy rights with respect to computer software, software design, software code, software architecture, firmware, programming tools, graphic user interfaces, reports, dashboard, business rules, use cases, screens, alerts, notifications, drawings, specifications and databases); moral rights; trade secrets and other rights with respect to confidential or proprietary information; know-how; other rights with respect to inventions, discoveries, ideas, improvements, techniques, formulae, algorithms, processes, schematics, testing procedures, technical information and other technology; and any other intellectual and industrial property rights, whether or not subject to registration or protection; and all rights under any licence or other arrangement with respect to the foregoing.

(j) “Internal Purposes” means internal business use within Customer’s systems, networks and devices.

(k) “Log-In Credentials” means sign-in identification and password or other method of access which TCS provides to Customer in order for Customer and End Users to access the Subscription;

(l) “Malicious Code” means, without limitation, code, files, scripts, agents or programs intended to do harm, including without limitation viruses, worms, time bombs and trojan horses;

(m) “Online Services” means any and all of the services, Software and other offerings provided by TCS pursuant to these Terms of Service, including the Subscription, the offerings provided through the Website, any mobile applications and APIs provided by TCS, and all such services and software labelled as alpha, beta, pre-release, trial, preview or otherwise. Online Services may include any enhancements, updates, upgrades, derivatives or bug fixes to such services, software, and offerings, and any documentation, add-ons, templates and sample data sets;

(n) “Order” means an order for the Online Services submitted by the Customer through the Website and accepted by TCS, which specifies the Subscription, including, without limitation and as applicable, the type or quantity of items, including the number of End Users, and the fees payable for such items and any additional terms applicable to the use of such items;

(o) “Payment Date” means the recurrent date (monthly or annual) for payment of the Subscription Fees as specified in the Order;

(p) “Personal Data” means any information relating to an identified or identifiable natural person which is uploaded to the Subscription Environment by or on behalf of the Customer or End Users in connection with the Customer’s use of the Subscription;

(q) “Platform” means the workflow platform located at www.surveyanyplace.com and related services located in the https://tcsinsights.com/ domain and subdomains, including software, code, algorithms, hosted services, third party services and web interfaces, that is comprised of the web-based psychometric testing environment and report generation which are part of the Online Services;

(r) “Privacy Policy” means TCS’s privacy policy available at https://tcsinsights.com/privacy-policy/ as updated from time to time on the Website;

(s) “Software” means any software forming part of the Platform;

(t) “Subscription” means the non-exclusive, non-sublicensable, non-transferable, revocable, limited right and licence to access and use the Platform for an Internal Purpose during the Subscription Period as specified in an Order;

(u) “Subscription Environment” refers to the combination of hardware and software components owned, licensed or managed by TCS from which the Subscription is provided by TCS to Customer;

(v) “Subscription Fee” means the monthly or annual fee for the Subscription set out on the Order, published on the Website from time to time or otherwise communicated to Customer on the Effective Date which Customer must pay in advance to TCS in accordance with clause 4;

(w) “Subscription Period” means the Initial Subscription Period plus any extensions to this period in accordance with clause 13(b); and

(x) “Website” means https://tcsinsights.com/.

2. LICENCE GRANT

The Customer’s Subscription is subject to and governed by the terms and conditions in these Terms of Service, including those in the applicable Order. In the event of a conflict between the terms in an Order and these Terms of Service, the terms in the Order will control with respect the Subscription provided under such Order. The Subscription is granted subject to and conditional on the Customer’s compliance with these Terms of Service and those in the applicable Order and upon payment of the Subscription Fees in accordance with clause 4.

3. USE OF THE SUBSCRIPTION

(a) To receive the Subscription, the Customer must:

(i) use the Log-In Credentials;
(ii) for the duration of the Subscription Period, provide TCS with access to and a right to use, process, and transmit Customer’s Content for the purposes of providing the Subscription and for any other purposes specified in these Terms of Service; and
(iii) follow any operating procedures and use any software as may be specified in the Documentation or as may be notified by TCS from time to time.

(b) The Customer acknowledges that the Customer is responsible for all hardware, software and telecommunications services used to access and use the Subscription.

4. FEES AND PAYMENT

4.1 Fees
The Subscription Fees will be payable by the Customer on or before the Effective Date and on each subsequent Payment Date. All payments must be made in United States dollars or Australian dollars, as specified in the Order, and made via electronic funds transfer, as per TCS’s instructions. TCS will issue an electronic tax invoice upon registration and then prior to each Payment Date.

4.2 Late Payments
If the Customer fails to pay any past due invoice, TCS may revoke or suspend the Subscription until such time as the Customer pays any outstanding amounts. TCS may charge interest on all past due invoices at a rate of 1.5% per month, or the highest rate allowed by applicable law, whichever is lower.

4.3 Taxes
All Subscription Fees are exclusive of all applicable taxes (except for any withholding taxes and taxes solely based on TCS’s net income), duties, imposts, charges, withholdings, rates, levies or other governmental impositions of whatever nature and by whatever authority imposed, assessed or charged including Australian GST (if applicable) (Taxes) and the Customer will be responsible for payment of all such Taxes and any related penalties and interest arising from the payment of or failure to pay such amounts. If the Customer is legally required to withhold any amounts to be paid to TCS, the Customer may deduct such taxes from the amount otherwise owed and pay the tax to the appropriate taxing authority, and must provide to TCS on a timely basis properly executed certificates, receipts or other documentation as evidence of such tax payment to the taxing authority sufficient to permit TCS to establish TCS’s right to a credit for such taxes against TCS’s income tax liability. The Customer must provide TCS with such assistance as TCS may reasonably request in connection with any application by TCS to qualify for the benefit of a reduced rate of withholding taxation under the terms of any applicable income tax treaty.

5. OWNERSHIP AND LICENCE RESTRICTIONS

5.1 Ownership
(a) The Subscription is a temporary right to access and use the Platform and TCS, its suppliers or its licensors, retain and reserve all rights including all Intellectual Property Rights, in and to the Platform and the Subscription Environment. For the avoidance of doubt, TCS will own all rights, including all Intellectual Property Rights, in any features or functionality of the Platform or the Subscription which are the result of Feedback provided to TCS by the Customer and Customer agrees that TCS is free to use, reproduce, modify, adapt, create derivative works from, publicly perform, publicly display, distribute, make, have made, assign, pledge, transfer or otherwise grant rights in such features or functionality in any form and any medium (whether now known or later developed), without credit or compensation to the Customer.

(b) Subject to the licence granted under clause 3(a)(ii), the Customer and its Licensors will retain all Intellectual Property Rights in and to its Content and Applications.

(c) TCS indemnifies the Customer against all direct loss, including damages assessed by a court of competent jurisdiction and reasonable costs and expenses of defending any proceedings, which is suffered or incurred by the Customer arising out of any claim made against the Customer that the Customer’s use of, or receipt of the benefit of, the Subscription is an infringement of a third party’s Intellectual Property Rights.

5.2 Licence Restrictions
(a) Restrictions: Except as expressly authorised in these Terms of Service or by TCS in writing, the Customer must not, and must not permit any third party to:

(i) access or use the Subscription for any purpose other than the Internal Purposes (including for any competitive analysis, commercial, professional, or other for-profit purposes);
(ii) copy any materials provided as part of the Subscription (except as required to run the Subscription and for reasonable backup purposes);
(iii) modify, adapt, or create derivative works of any Software;
(iv) rent, lease, loan, resell, transfer, sublicense, display or distribute the Subscription to any third party;
(v) use or offer any functionality of the Subscription on a service provider, service bureau, hosted, software as a service, or time-sharing basis, provide or permit other individuals or entities to create Internet “links” to the Subscription, or “frame” or “mirror” the Subscription on any other server, or wireless or Internet-based device;
(vi) decompile, disassemble, translate or reverse-engineer any Software or otherwise attempt to derive source code, algorithms, methods or techniques used or embodied in the Subscription;
(vii) disclose to any third party the results of any benchmark tests or other evaluation of the Subscription,
(viii) remove, alter, obscure, cover or change any trademark, copyright or other proprietary notices, labels or markings from or on the Subscription;
(ix) interfere with or disrupt servers or networks connected to any website through which the Subscription is provided;
(x) use the Subscription to build a similar or competitive product or service;
(xi) use the Subscription to transmit Malicious Code;
(xii) use the Subscription for any illegal, unauthorised or otherwise improper purposes;
(xiii) attempt to download the Software;
(xiv) modify or alter the Software or Documentation; or
(xv) except as permitted under clause 6.2, provide, or make the Website, available in any manner to a third party.

(b) Other Parties: Any employee, consultant, contractor or agent hired to perform services for the Customer may operate the Subscription on the Customer’s behalf solely under these Terms of Service, provided that:

(i) the Customer is responsible for ensuring that any such party agrees in a legally enforceable manner to abide by and fully comply with the terms and conditions of these Terms of Service on the same basis as applicable to the Customer;
(ii) such use is only in connection with Customer’s Internal Purposes;
(iii) such use does not represent or constitute an increase in the scope of the licences provided in these Terms of Service; and
(iv) Customer remains fully responsible and liable for any and all acts or omissions by such third parties related to these Terms of Service.

(c) Immediate Termination: Any violation of this clause 5.2 by the Customer will be considered a serious breach of these Terms of Service and TCS may immediately terminate these Terms of Service without notice in the event of such breach.

6. LINKS AND TOOLS

6.1 Linked Sites
(a) The Website may contain links to other websites including, without limitation, social networking, blogging and other similar sites (Linked Sites).

(b) The Linked Sites are provided for the Customer’s convenience only and it is the Customer’s responsibility to make the Customer’s own decisions about the currency, completeness, accuracy, reliability and suitability of information contained in and use of or access to the Linked Sites.

(c) TCS does not endorse, verify, represent or take any responsibility for the content of the Linked Sites.

(d) The Customer acknowledges that the Linked Sites may have different terms of use and privacy policies and the Customer’s use of the Linked Sites is governed by such third party’s site terms of use and privacy policy.

6.2 Link to the Website
(a) Customer may include a link to the Website, but permission is restricted to making a link without any alteration of the relevant Website contents. Permission is not granted to reproduce, frame or reformat the files, pages, images, information and materials from the Website on any other website unless express prior written permission has been obtained from TCS.

(b) In no event is the Customer permitted to use the Website to sell a product or service, or to increase traffic to the Customer’s website for commercial reasons, such as advertising sales.

(c) TCS reserves the right to prevent linking to the Website at any time.

6.3 Third party tools
TCS may provide the use of third party tools on the Website or in connection with Customer’s use of the Subscription (including to conduct surveys of End Users and provide reports). Such tools are provided “as is” and without warranty of any kind.

7. PERSONAL DATA

7.1 Data Processing
TCS will process and use any Personal Data in accordance with the Privacy Policy. To the extent the Personal Data relates to data subjects who are located in the European Union and for whom the Customer is the data controller, TCS will process such personal data in accordance with the Data Protection Addendum attached as Addendum A. In the event of a conflict between any provisions in these Terms of Service and the Data Protection Addendum, the provisions of the Data Protection Addendum will govern and control with regard to the processing of Personal Data. TCS will maintain a security program materially in accordance with industry standards that is designed to protect the security, confidentiality and integrity of the Personal Data.

7.2 Consents
Customer represents, warrants and agrees that Customer has made any disclosures to and obtained any consents from the relevant data subjects which are required under applicable Data Protection Laws in order for the Personal Data to be lawfully uploaded to the Subscription Environment and TCS to process that Personal Information as contemplated by these Terms of Service.

8. CONTENT

8.1 Use of Content
The Customer grants TCS a perpetual, irrevocable, non-exclusive, royalty-free, paid-up, worldwide, sublicensable licence to use, access, transmit, host, store, and display the Content solely for the purpose of providing and improving the Subscription, including rights to extract, compile, aggregate, synthesise, use, and otherwise analyse all or any portion of the Content. TCS may use, publish, share, distribute, or disclose such Content on an aggregate basis or in a de-identified manner that does not allow personal data about the Customer or an End User to be separated from the aggregate data and identified as originating from the Customer.

8.2 Content Warranty and Obligations
The Customer represents, warrants and agrees that the Customer has all rights to provide the Content and other materials that the Customer or an End User provides or makes available to TCS. The Customer acknowledges and agrees that the Customer is solely responsible for all Content and for the Customer’s and its End User’s conduct while using the Subscription.

9. SECURITY, VIRUSES, ERRORS AND AVAILABILITY

(a) Customer acknowledges that:

(i) the internet is an insecure public network which means there are risks that information sent to or from the Online Services may be intercepted, corrupted or modified by third parties; and
(ii) files obtained from or through the Online Services may contain Malicious Code.

(b) Customer bears the risks and responsibility for any loss or damage caused, directly or indirectly, by the risks described in this clause 9, and TCS accepts no liability for any interference with, or damage to, Customer’s computer system, device, software, Content or other data occurring in connection with Customer’s access or use of the Online Services.

(c) Notwithstanding the foregoing, TCS will take all commercially reasonable steps to maintain the security and the integrity of the Online Services. Specifically, TCS will:

(i) implement appropriate administrative, physical and technical safeguards to protect Customer’s Content; and
(ii) as soon as it becomes aware that Malicious Code is contained in or affects the Online Services and/or that any of Customer’s Content has, or may have been, subject to unauthorised access, immediately notify Customer and take all reasonable steps to remedy the problem, secure the Content and remove the Malicious Code, as applicable.

10. WARRANTIES, DISCLAIMERS AND EXCLUSIVE REMEDIES

(a) No representation or warranty (express or implied) is made as to the currency, completeness, accuracy, reliability, suitability, and / or availability of any information on the Website.

(b) Subject to clause 10(e) and 10(f), TCS will use commercially reasonable efforts to ensure that the Subscription will operate in accordance with the applicable Documentation.

(c) Each party represents and warrants that it has full right, power, and authority to enter into these Terms of Service and to perform its obligations and duties under these Terms of Service, and that the performance of such obligations and duties does not conflict with or result in a breach of any other agreement of such party or any judgment, order or decree by which such party is bound.

(d) If the Subscription (including the functionality of the Platform) fails to operate in accordance with the applicable Documentation during the Subscription Period and Customer notifies TCS in writing of this failure, TCS, at its cost, will correct the failure provided that TCS may decline to correct the failure if such correction cannot be completed in a commercially reasonable manner but in such event Customer may terminate these Terms of Service and recover a pro-rata portion of the Subscription Fees paid by Customer that are attributable to the failed Service. This clause 10(d) states TCS’s sole liability and Customer’s exclusive remedy for any breach of clause 10(b).

(e) The warranty in clause 10(b) will not apply if the failure of the Subscription resulted from improper use or a defect in or failure of any device, communications link or software used to access the Subscription.

(f) EXCEPT AS SET FORTH IN CLAUSE 10(b) AND 10(c), TCS DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, TITLE, QUIET ENJOYMENT AND WARRANTIES ARISING OUT OF COURSE OF DEALING, USAGE OR TRADE PRACTICE, OR BY STATUTE OR IN LAW. TCS SPECIFICALLY DOES NOT WARRANT THAT THE SUBSCRIPTION WILL MEET CUSTOMER’S REQUIREMENTS, THE OPERATION OR OUTPUT OF THE SUBSCRIPTION WILL BE ERROR-FREE, VIRUS-FREE, SECURE, ACCURATE, RELIABLE, COMPLETE OR UNINTERRUPTED.

11. CONFIDENTIALITY

11.1 Definitions:
In this clause:
(a) “Confidential Information” means information disclosed by a party in connection with the provision or use of the Online Services that either:

(i) is designated as confidential by the Discloser at the time of disclosure; or
(ii) would reasonably be understood by the Recipient, given the nature of the information or the circumstances surrounding its disclosure, to be confidential, including without limitation, Discloser’s product designs, product plans, data, software and technology, financial information, marketing plans, business opportunities, proposed terms, pricing information, discounts, inventions and know-how disclosed by Discloser to Recipient, whether in writing, verbally or otherwise, and whether prior to, on or after the Effective Date. TCS’s Confidential Information also includes the Platform, the Subscription and terms and conditions upon which TCS is providing the Online Services to the Customer;

(b) “Discloser” means a party which discloses Confidential Information to the other party; and

(c) “Recipient” means a party which receives Confidential Information disclosed by the other party.

11.2 Use of Confidential Information
A Recipient may not use Confidential Information in any way for its own benefit or the benefit of any third party except as expressly permitted by, or as required to implement, these Terms of Service or as otherwise authorised in writing by the Discloser.

11.3 Disclosure of Confidential Information
A Recipient must:
(a) hold Confidential Information in strict confidence and take reasonable precautions to protect and secure such Confidential Information (such precautions to include, at a minimum, all precautions a Recipient employs with respect to its own Confidential Information); and

(b) not divulge any Confidential Information to any third party (other than to employees or contractors as set forth below). Any employee or contractor given access to any Confidential Information must have a legitimate “need to know” such Confidential Information for use specified in clause 11.2 and a Recipient will remain responsible and liable for each such person’s compliance with these Terms of Service.

11.4 Confidentiality Period
Irrespective of any termination of these Terms of Service, a Recipient’s obligations with respect to Confidential Information under these Terms of Service expire 5 years from the date of receipt of the Confidential Information (except with respect to any trade secrets where such obligations will be perpetual).
(a) Exclusions: These Terms of Service impose no obligations with respect to information which:

(i) was in a Recipient’s possession before receipt from a Discloser;
(ii) is or becomes a matter of public knowledge through no fault of a Recipient;
(iii) was rightfully disclosed to a Recipient by a third party, who has no restriction on disclosure; or
(iv) is developed by a Recipient without use of the Confidential Information as can be shown by documentary evidence. A Recipient may make disclosures to the extent required by law or court order, provided a Recipient makes reasonable efforts to provide a Discloser with notice of such disclosure as promptly as possible and uses diligent efforts to limit such disclosure and obtain confidential treatment or a protective order, and has allowed a Discloser to participate in the proceeding.

(b) Return or Destruction of Confidential Information: Upon termination of these Terms of Service or written request by Discloser, the Recipient must:

(i) cease using the Confidential Information; and
(ii) return or destroy the Confidential Information and all copies, notes or extracts thereof to Discloser within seven (7) business days of such request or termination.

12. LIMITATION OF LIABILITY

TO THE EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL TCS BE LIABLE TO CUSTOMER FOR ANY SPECIAL, INDIRECT, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY OR PUNITIVE DAMAGES, OR FOR ANY LOSS OF USE, DATA, CONTENT, APPLICATIONS, GOODWILL OR PROFITS, BUSINESS INTERRUPTION, OR COSTS OF PROCURING SUBSTITUTE SOFTWARE OR SERVICES, ARISING OUT OF OR IN CONNECTION WITH THESE TERMS OF SERVICE OR THE USE OR PERFORMANCE OF THE SUBSCRIPTION. WITHOUT LIMITING THE FOREGOING, TCS WILL HAVE NO LIABILITY OR RESPONSIBILITY FOR ANY BUSINESS INTERRUPTION OR LOSS OF DATA, CONTENT OR APPLICATIONS ARISING FROM THE AUTOMATIC TERMINATION OF THE LICENCE RIGHTS GRANTED HEREIN AND ANY ASSOCIATED CESSATION OF THE PLATFORM OR SUBSCRIPTION, ITS FUNCTIONS, ANY UNANTICIPATED OR UNSCHEDULED DOWNTIME FOR ANY REASON OR ANY DELETION, CORRUPTION OR DAMAGE OF DATA, CONTENT OR APPLICATIONS ON OR THROUGH THE PLATFORM OR SUBSCRIPTION.

TO THE EXTENT PERMITTED BY APPLICABLE LAW, TCS’S TOTAL CUMULATIVE LIABILITY TO CUSTOMER, FROM ALL CAUSES OF ACTION AND ALL THEORIES OF LIABILITY IN CONNECTION WITH THESE TERMS OF SERVICE, INCLUDING ALL ORDER FORMS, AT ANY TIME WILL BE LIMITED TO AND WILL NOT EXCEED THE FEES ACTUALLY PAID BY CUSTOMER TO TCS FOR THE SUBSCRIPTION IN THE 12 MONTH PERIOD IMMEDIATELY PRECEDING THE DATE OF THE EVENT THAT GAVE RISE TO SUCH CAUSE OF ACTION (LIABILITY CAP). HOWEVER, THIS LIABILITY CAP WILL NOT APPLY WITH RESPECT TO:

(a) THE INDEMNITY UNDER CLAUSE 5.1(c); OR

(b) LIABILITY FOR:

(i) DEATH OR PERSONAL INJURY;
(ii) LOSS OF OR DAMAGE TO TANGIBLE PROPERTY; OR
(iii) FRAUD.

THE FOREGOING LIMITATIONS, EXCLUSIONS AND DISCLAIMERS SHALL APPLY REGARDLESS OF WHETHER SUCH LIABILITY ARISES FROM ANY CLAIM BASED UPON CONTRACT (INCLUDING UNDER ANY INDEMNITY), WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, AND WHETHER OR NOT THE PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. INSOFAR AS APPLICABLE LAW PROHIBITS ANY LIMITATION ON LIABILITY HEREIN, THE PARTIES AGREE THAT SUCH LIMITATION WILL BE AUTOMATICALLY MODIFIED, BUT ONLY TO THE EXTENT SO AS TO MAKE THE LIMITATION COMPLIANT WITH APPLICABLE LAW. THE PARTIES AGREE THAT THE LIMITATIONS ON LIABILITIES SET FORTH HEREIN ARE AGREED ALLOCATIONS OF RISK AND SUCH LIMITATIONS WILL APPLY NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY.

TCS LIMITS ITS LIABILITY FOR ANY FAILURE TO COMPLY WITH A CONSUMER GUARANTEE UNDER THE AUSTRALIAN CONSUMER LAW TO, AT ITS OPTION, SUPPLYING THE RELEVANT SERVICES AGAIN OR PAYING THE COST OF HAVING THE SERVICES SUPPLIED AGAIN.

13. SUBSCRIPTION PERIOD AND TERMINATION

(a) Unless earlier terminated in accordance with these Terms of Service, the Initial Subscription Period will commence on the Effective Date and end 12 months after that date.

(b) The Initial Subscription Period will automatically renew for additional periods of 12 months, unless a party provides written notice to the other party of its intention not to renew at least thirty (30) days prior to expiration of the Initial Subscription Period or any subsequent 12-month period, as appropriate.

(c) Without limiting any other right or remedy TCS may have against Customer arising out of or in connection with these Terms of Service, TCS may, at its option, terminate Customer’s Subscription with immediate effect by giving TCS prior written notice if:

(i) Customer commits a material breach of any terms in these Terms of Service where that breach is not capable of remedy; or
(ii) Customer breaches any other provision of these Terms of Service and fails to remedy that breach within 14 days after receiving notice requiring Customer to do so.

(d) If Customer’s Subscription is terminated under clause 13(c), TCS will not be liable and Customer will not be entitled to any refund of any part of the Fees previously paid.

(e) Immediately upon termination of these Terms of Service:

(i) all Orders and licences granted under these Terms of Service will immediately terminate and Customer must immediately cease all use of the Subscription;
(ii) Customer must destroy or, upon TCS’s request, return to TCS the Confidential Information that is in Customer’s possession or control; and
(iii) any and all of Customer’s payment obligations under each Order will immediately become due. Upon TCS’s request, Customer must certify in writing that it has returned or destroyed all copies of TCS’s Confidential Information.

(f) Clauses 1, 5, 7, 9 – 14, will survive termination of these Terms of Service.

14. GENERAL

(a) Compliance with Laws: Customer must comply fully with all applicable laws, including all applicable laws relating to bribery or corruption, and export laws and regulations of any country where Customer uses or accesses any portion or functionality of the Subscription.

(b) Assignment and novation: Customer may not assign, delegate or transfer these Terms of Service or give or transfer the Subscription, Documentation or an interest in them to another individual or entity, in whole or in party, by agreement, operation of law or otherwise. Any attempt to assign these Terms of Service other than as permitted herein will be null and void. Customer acknowledges that TCS may assign, subcontract or delegate any of its rights or obligations under these Terms of Service. Subject to the foregoing, these Terms of Service will bind and inure to the benefit of the parties’ permitted successors and assigns.

(c) Entire agreement: These Terms of Service, together with the Privacy Policy, the Data Protection Addendum and Order, if applicable, constitute the entire agreement between the parties in connection with its subject matter and supersedes all previous agreements or understandings between the parties in connection with its subject matter.

(d) Severability: These Terms of Service are declared to be severable. If a court of competent jurisdiction holds any part of these Terms of Service void, invalid or unenforceable, it is severed and will be deemed to be omitted to the extent that it is void, invalid or unenforceable, and the remainder of these Terms of Service will remain in full force and effect, and the provision affected will be construed so as to be enforceable to the maximum extent permissible by law.

(e) Waiver: A waiver by either party in respect of a breach of a term of these Terms of Service by the other party will not be taken to be a waiver in respect of any other breach. The failure to enforce any term of these Terms of Service will not be interpreted as a waiver of that term.

(f) Governing law and jurisdiction: These Terms of Service will be governed by and construed in accordance with the laws of the State of New South Wales, Australia, as if performed wholly within the state and without giving effect to the principles of conflict of law rules of any jurisdiction. The parties agree that any action, proceeding, controversy or claim between them arising out of or relating to these Terms of Service (collectively, an “Action”) must be brought only in a court of competent jurisdiction in Sydney, Australia. Each Party hereby submits to the personal jurisdiction and venue of such courts and waives any objection on the grounds of venue, forum non-conveniens or any similar grounds with respect to any Action.

Addendum A

Data Protection Addendum

Controller to Processor arrangements for processing Personal Data (Art 28 GDPR) and transfers of Personal Data from EEA to a Third Country (Art 46 GDPR)

This Data Protection Addendum (“Addendum“) forms part of the agreement for the provision of online services (“Principal Agreement“) entered into between Traits Competencies Skills Pty Ltd (ACN 653 063 560) (“TCS“) and the “Customer” as identified in the online order or similar document with TCS that references the TCS Customer Terms of Service.

Under this Data Protection Addendum:

(i) TCS is the “Processor“, acting on its own behalf and as agent for each Processor Affiliate; and

(ii) Customer is the “Controller“, acting on its own behalf and as agent for each Controller Affiliate.
The terms used in this Addendum shall have the meanings set forth in this Addendum. Capitalised terms not otherwise defined herein shall have the meaning given to them in the Principal Agreement. Except as modified below, the terms of the Principal Agreement shall remain in full force and effect.

In consideration of the mutual obligations set out herein, the parties hereby agree that the terms and conditions set out below shall be added as an Addendum to the Principal Agreement. Except where the context requires otherwise, references in this Addendum to the Principal Agreement are to the Principal Agreement as amended by, and including, this Addendum.

1. DEFINITIONS

1.1 In this Addendum, the following terms shall have the meanings set out below and cognate terms shall be construed accordingly:

(a) “Applicable Laws” means to the extent applicable and binding on any party: (a) European Union or EU Member State laws with respect to any Controller Personal Data; and (b) any other applicable law with respect to any Controller Personal Data, including laws of the UK;

(b) “Controller Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Controller, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;

(c) “Controller Group Member” means Controller or any Controller Affiliate;

(d) “Controller Personal Data” means any Personal Data Processed by a Contracted Processor on behalf of a Controller Group Member pursuant to or in connection with the Principal Agreement;

(e) “Contracted Processor” means Processor or a Subprocessor;

(f) “Delete” means to remove or obliterate Personal Data such that it cannot be recovered or reconstructed”

(g) “EEA” means the European Economic Area;

(h) “Data Protection Laws” means all laws relating to the protection of personal data and privacy in force from time to time in any jurisdiction as applicable and binding on any party, including (without limitation):

(i) the EU GDPR;
(ii) the UK GDPR;
(iii) the UK Data Protection Act 2018;
(iv) the Privacy and Electronic Communications Directive (EU) 2002/58/EC;
(v) the Privacy and Electronic Communications (EC Directive) Regulations 2003; and
(vi) any laws that implement, replace, extend, re-enact, consolidate or amend any of the foregoing.;

(i) “GDPR” the EU GDPR and/or UK GDPR (as applicable);

(j) “EU GDPR” means the EU General Data Protection Regulation 2016/679;

(k) “Restricted Transfer” means:

(i) a transfer of Controller Personal Data from any Controller Group Member to a Contracted Processor; or
(ii) an onward transfer of Controller Personal Data from a Contracted Processor to a Contracted Processor, or between two establishments of a Contracted Processor,
in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws) in the absence of the Standard Contractual Clauses to be established below;

(l) “Services” means the services and other activities to be supplied to or carried out by or on behalf of Processor for Controller Group Members pursuant to the Principal Agreement;

(m) “Standard Contractual Clauses” means the contractual clauses replacing or amending the existing standard contractual clauses approved for use and applicable as a matter of EU law or UK law (as applicable) from time to time;

(n) “Subprocessor” means any person (including any third party and any Processor Affiliate, but excluding an employee of Processor or any of its sub-contractors) appointed by or on behalf of Processor or any Processor Affiliate to Process Personal Data on behalf of any Controller Group Member in connection with the Principal Agreement;

(o) “Processor Affiliate” means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Processor, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise;

(p) “UK” means the United Kingdom; and

(q) “UK GDPR” means the UK version of the GDPR as it forms part of the law of each applicable jurisdiction of the United Kingdom pursuant to the European Union (Withdrawal) Act 2018.

1.2 The terms, “Controller“, “Data Subject“, “Personal Data“, “Personal Data Breach“, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

1.3 The word “include” shall be construed to mean include without limitation, and cognate terms shall be construed accordingly.

2. Authority

Processor warrants and represents that, before any Processor Affiliate Processes any Controller Personal Data on behalf of any Controller Group Member, Processor’s entry into this Addendum as agent for and on behalf of that Processor Affiliate will have been duly and effectively authorised (or subsequently ratified) by that Processor Affiliate.

3. Processing of Controller Personal Data

3.1 Processor and each Processor Affiliate shall:

(a) comply with all applicable Data Protection Laws in the Processing of Controller Personal Data; and

(b) not Process Controller Personal Data other than on the relevant Controller Group Member’s documented instructions unless Processing is required by Applicable Laws to which the relevant Contracted Processor is subject, in which case Processor or the relevant Processor Affiliate shall to the extent permitted by Applicable Laws inform the relevant Controller Group Member of that legal requirement before the relevant Processing of that Personal Data.

3.2 Each Controller Group Member:

(a) instructs Processor and each Processor Affiliate (and authorises Processor and each Processor Affiliate to instruct each Subprocessor) to:

(i) Process Controller Personal Data; and
(ii) in particular, transfer Controller Personal Data to any country or territory,
as reasonably necessary for the provision of the Services and consistent with the Principal Agreement; and

(b) warrants and represents that it is and will at all relevant times remain duly and effectively authorised to give the instruction set out in section 3.2(a) on behalf of each relevant Controller Affiliate.

3.3 Annex 1 to this Addendum sets out certain information regarding the Contracted Processors’ Processing of the Controller Personal Data as required by article 28(3) of the GDPR (and, possibly, equivalent requirements of other Data Protection Laws). Controller may make reasonable amendments to Annex 1 by written notice to Processor from time to time as Controller reasonably considers necessary to meet those requirements. Nothing in Annex 1 (including as amended pursuant to this section 3.3 confers any right or imposes any obligation on any party to this Addendum.

4. Processor and Processor Affiliate Personnel

Processor and each Processor Affiliate shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Controller Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Controller Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual’s duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

5. Security

5.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor and each Processor Affiliate shall in relation to the Controller Personal Data implement appropriate technical and organisational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.

5.2 In assessing the appropriate level of security, Processor and each Processor Affiliate shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

6. Subprocessing

6.1 Each Controller Group Member authorises Processor and each Processor Affiliate to appoint (and permit each Subprocessor appointed in accordance with this section 6 to appoint) Subprocessors in accordance with this section 6 and any restrictions in the Principal Agreement.

6.2 Processor and each Processor Affiliate may continue to use those Subprocessors already engaged by Processor or any Processor Affiliate as at the date of this Addendum, subject to Processor and each Processor Affiliate in each case as soon as practicable meeting the obligations set out in section 6.4.

6.3 Processor shall give Controller prior written notice of the appointment of any new Subprocessor, including full details of the Processing to be undertaken by the Subprocessor. If, within 30 (thirty) calendar days of receipt of that notice, Controller notifies Processor in writing of any objections (on reasonable grounds) to the proposed appointment, neither Processor nor any Processor Affiliate shall appoint (nor disclose any Controller Personal Data to) the proposed Subprocessor except with the prior written consent of Controller.

6.4 With respect to each Subprocessor, Processor or the relevant Processor Affiliate shall:

(a) before the Subprocessor first Processes Controller Personal Data (or, where relevant, in accordance with section 6.2) carry out adequate due diligence to ensure that the Subprocessor is capable of providing the level of protection for Controller Personal Data required by the Principal Agreement;

(b) ensure that the arrangement between, on the one hand, (a) Processor, or (b) the relevant Processor Affiliate, or (c) the relevant intermediate Subprocessor; and on the other hand the Subprocessor, is governed by a written agreement including terms which offer at least the same level of protection for Controller Personal Data as those set out in this Addendum and meet the requirements of article 28(3) of the GDPR;

(c) if that arrangement involves a Restricted Transfer, ensure that the Standard Contractual Clauses are at all relevant times incorporated into the agreement referred to in paragraph (b); and

(d) provide to Controller for review such copies of the Contracted Processors’ agreements with Subprocessors (which may be redacted to remove confidential commercial information not relevant to the requirements of this Addendum) as Controller may request from time to time.

6.5 Processor and each Processor Affiliate shall ensure that each Subprocessor performs the obligations under sections 3.1, 4, 5, 7.1, 8.2, 9 and 11.1, as they apply to Processing of Controller Personal Data carried out by that Subprocessor, as if it were party to this Addendum in place of Processor.

7. Data Subject Rights

7.1 Taking into account the nature of the Processing, Processor and each Processor Affiliate shall assist each Controller Group Member by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Controller Group Members’ obligations, as reasonably understood by Controller, to respond to requests to exercise Data Subject rights under the Data Protection Laws.

7.2 Processor shall:

(a) promptly notify Controller if any Contracted Processor receives a request from a Data Subject under any Data Protection Law in respect of Controller Personal Data; and

(b) ensure that the Contracted Processor does not respond to that request except on the documented instructions of Controller or the relevant Controller Affiliate or as required by Applicable Laws to which the Contracted Processor is subject, in which case Processor shall to the extent permitted by Applicable Laws inform Controller of that legal requirement before the Contracted Processor responds to the request.

8. Personal Data Breach

8.1 Processor shall notify Controller without undue delay upon Processor or any Subprocessor becoming aware of a Personal Data Breach affecting Controller Personal Data, providing Controller with sufficient information to allow each Controller Group Member to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws. Such notification shall as a minimum:

(a) describe the nature of the Personal Data Breach, the categories and numbers of Data Subjects concerned, and the categories and numbers of Personal Data records concerned;

(b) communicate the name and contact details of Processor’s data protection officer or other relevant contact from whom more information may be obtained;

(c) describe the likely consequences of the Personal Data Breach; and

(d) describe the measures taken or proposed to be taken to address the Personal Data Breach.

8.2 Processor shall co-operate with Controller and each Controller Group Member and take such reasonable commercial steps as are directed by Controller to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

9. Data Protection Impact Assessment and Prior Consultation

Processor and each Processor Affiliate shall provide reasonable assistance to each Controller Group Member with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Controller reasonably considers to be required of any Controller Group Member by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Controller Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

10. Deletion or return of Controller Personal Data

10.1 Subject to sections 10.2 and 10.3 Processor and each Processor Affiliate shall promptly and in any event within 60 (sixty) calendar days of the date of cessation of any Services involving the Processing of Controller Personal Data (the “Cessation Date”), Delete and procure the Deletion of all copies of those Controller Personal Data.

10.2 Subject to section 10.3, Controller may in its absolute discretion by written notice to Processor within 30 (thirty) calendar days of the Cessation Date require Processor and each Processor Affiliate to (a) return a complete copy of all Controller Personal Data to Controller by secure file transfer in such format as is reasonably notified by Controller to Processor; and (b) Delete and procure the Deletion of all other copies of Controller Personal Data Processed by any Contracted Processor. Processor and each Processor Affiliate shall comply with any such written request within 60 (sixty) calendar days of the Cessation Date.

10.3 Each Contracted Processor may retain Controller Personal Data to the extent required by Applicable Laws and only to the extent and for such period as required by Applicable Laws and always provided that Processor and each Processor Affiliate shall ensure the confidentiality of all such Controller Personal Data and shall ensure that such Controller Personal Data is only Processed as necessary for the purpose(s) specified in the Applicable Laws requiring its storage and for no other purpose.

10.4 Processor shall provide written certification to Controller that it and each Processor Affiliate has fully complied with this section 10 within 60 (sixty) calendar days of the Cessation Date.

11. Audit rights

11.1 Subject to section 11.2, Processor and each Processor Affiliate shall make available to each Controller Group Member on request all information necessary to demonstrate compliance with this Addendum, and shall allow for and contribute to audits, including inspections, by any Controller Group Member or an auditor mandated by any Controller Group Member in relation to the Processing of the Controller Personal Data by the Contracted Processors.

11.2 Information and audit rights of the Controller Group Members only arise under section 11.1 to the extent that the Principal Agreement does not otherwise give them information and audit rights meeting the relevant requirements of the Data Protection Laws (including, where applicable, article 28(3)(h) of the GDPR).

11.3 Processor shall immediately inform Controller if, in its opinion, an instruction pursuant to this section 11 (Audit Rights) infringes the Applicable Laws and/or the Data Protection Laws.

12. Restricted Transfers

12.1 Subject to section 12.2, Processor (as “data exporter”) and each Contracted Processor, as appropriate, (as “data importer”) shall enter into the Standard Contractual Clauses in respect of any Restricted Transfer from the Processor to that Contracted Processor.

12.2 Section 12.1 shall not apply to a Restricted Transfer unless its effect, together with other reasonably practicable compliance steps (which, for the avoidance of doubt, do not include obtaining consents from Data Subjects), is to allow the relevant Restricted Transfer to take place without breach of the Data Protection Laws.

13. General Terms

Governing law and jurisdiction

13.1 Without prejudice to clauses 7 (Mediation and Jurisdiction) and 9 (Governing Law) of the Standard Contractual Clauses:

a) the parties to this Addendum hereby submit to the choice of jurisdiction stipulated in the Principal Agreement with respect to any disputes or claims howsoever arising under this Addendum, including disputes regarding its existence, validity or termination or the consequences of its nullity; and

b) this Addendum and all non-contractual or other obligations arising out of or in connection with it are governed by the laws of the country or territory stipulated for this purpose in the Principal Agreement.

Order of precedence

13.2 Nothing in this Addendum reduces Processor’s or any Processor Affiliate’s obligations under the Principal Agreement in relation to the protection of Personal Data or permits Processor or any Processor Affiliate to Process (or permit the Processing of) Personal Data in a manner which is prohibited by the Principal Agreement..

13.3 Subject to section 13.2, with regard to the subject matter of this Addendum, in the event of inconsistencies between the provisions of this Addendum and any other agreements between the parties, including the Principal Agreement and including (except where explicitly agreed otherwise in writing, signed on behalf of the parties) agreements entered into or purported to be entered into after the date of this Addendum, the provisions of this Addendum shall prevail.

Changes in Data Protection Laws, etc.

13.4 Controller may:

(a) by at least 30 (thirty) calendar days’ written notice to Processor from time to time make any variations to, or request replacement of, any Standard Contractual Clauses (including any Standard Contractual Clauses entered into under section 12.1, as they apply to Restricted Transfers which are subject to a particular Data Protection Laws, which are required, as a result of any change in, or decision of a competent authority under, the Data Protection Laws, to allow those Restricted Transfers to be made (or continue to be made) without breach of the Data Protection Laws; and

(b) propose any other variations to this Addendum which Controller reasonably considers to be necessary to address the requirements of any Data Protection Laws.

13.5 If Controller gives notice under section 13.4(a):

(a) Processor and each Processor Affiliate shall promptly co-operate (and ensure that any affected Sub-processors promptly co-operate) to ensure that equivalent variations are made to any agreement put in place under section 6.4(c); and

(b) Controller shall not unreasonably withhold or delay agreement to any consequential variations to this Addendum proposed by Processor to protect the Contracted Processors against additional risks associated with the variations made under section 13.4(a) or 13.5(a).

13.6 If Controller gives notice under section 13.4(b), the parties shall promptly discuss the proposed variations and negotiate in good faith with a view to agreeing and implementing those or alternative variations designed to address the requirements identified in Controller’s notice as soon as is reasonably practicable.

13.7 Neither Controller nor Processor shall require the consent or approval of any Controller Affiliate or Processor Affiliate to amend this Addendum pursuant to this section 13 or otherwise.
Severance

13.8 Should any provision of this Addendum be invalid or unenforceable, then the remainder of this Addendum shall remain valid and in force. The invalid or unenforceable provision shall be either (i) amended as necessary to ensure its validity and enforceability, while preserving the parties’ intentions as closely as possible or, if this is not possible, (ii) construed in a manner as if the invalid or unenforceable part had never been contained therein.

ANNEX 1: DETAILS OF PROCESSING OF CONTROLLER PERSONAL DATA

This Annex 1 includes certain details of the Processing of Controller Personal Data as required by Article 28(3) GDPR.

Data controller

The data controller is:
As part of undertaking personality trait and psychological testing, data controller will collect certain personal data from end users.

Data processor

The data processor is:
Processing that data in order to deliver relevant and appropriate guidance as to personality traits and psychological profiles.

Data subjects

The personal data transferred concern the following categories of data subjects:
End users – employees or potential employees of the data controller

Categories of data

The personal data transferred concern the following categories of data:
End users: first name, surname, email address

Special categories of data (if appropriate)

The personal data transferred concern the following special categories of data:
N/A

Processing operations

The personal data transferred will be subject to the following basic processing activities:
Storage on servers located within the EEA (except where clause 12 Restricted Transfers applies, in which case personal data may be stored on servers located in the data importer’s country), deletion, and other processing requested by the data controller

Subject matter and duration of the Processing of Controller Personal Data
The subject matter and duration of the Processing of the Controller Personal Data are set out in the Principal Agreement and this Addendum.

The obligations and rights of Controller and Controller Affiliates
The obligations and rights of Controller and Controller Affiliates are set out in the Principal Agreement and this Addendum.