PIS Customer Terms of Service
Dated: January 2019
Welcome to TrueLayer!
The TrueLayer Terms of Service is an agreement between TrueLayer Limited (“TrueLayer”, “we”, “us”, “our”) and an application (“the Customer”, “you”) that wishes to use TrueLayer’s services. The Terms of Service listed below are the fundamental provisions that will govern a legal relationship between TrueLayer and a Customer, not all the legal provisions. Should you wish to enter into an agreement with us, please email us at email@example.com, and we shall send through the full agreement including schedules and fees.
How you should read these Terms of Service (“the Agreement”)
The document has been laid out in sections. You may go to the relevant section of interest directly, by clicking on the links provided. The headings are for reference only, and while the Agreement has been formatted for ease of reading, please do ensure that you read all relevant sections of the Agreement.
- Section 1: outlines who we are and what services we provide
- Section 2: lists definitions that are applicable to these Terms of Service
- Section 3: outlines our obligations
- Section 4: outlines the Customer’s obligations
- Section 5: addresses access and security obligations on both parties
- Section 6: outlines when and how account information may be obtained by the Customer
- Section 7: gives an overview of the fees for the services used
- Section 8: outlines the Intellectual Property Rights of each party
- Section 9: warranties made by each party
- Section 10: confidentiality obligations on each party
- Section 11: privacy and data protection obligations on each party
- Section 12: how and when this Agreement may be terminated
- Section 13: liability of each party
- Section 14: anti bribery obligations of each party
- Section 15: termination of the Agreement due to circumstances beyond either party’s control
- Section 16: communication between parties
- Section 17: when might the Agreement be waived
- Section 18: when might the Agreement be severed
- Section 19: transfers of rights and obligations
- Section 20: entire agreement
- Section 21: third party rights
- Section 22: costs and expenses
- Section 23: counterparts
- Section 24: non-partnership Agreement
- Section 25: law governing this Agreement
- Schedule 1: fess
- Schedule 2: customer to end-user awareness wording
- Schedule 3: marks
There are a few other relevant policies that are linked here, which may be read in conjunction with the Agreement, or as stand alone documents. These include:
- AIS Customer Terms of Service
- End-User Terms of Service
Section 1 : TrueLayer Limited
Who we are
TrueLayer Limited is a company incorporated and registered in England with company number 10278251 whose registered office is at Fleet Place House, 2 Fleet Place, London, England, EC4M 7RF (“TrueLayer”, “we”, “us”, “our”).
What Services we provide
- TrueLayer provides a tool that allows End-Users to consent to the initiation of payment orders with respect to a Payment Account held by them with other Payment Service Providers (the "Tool");
- The Customer wishes to make the Tool accessible to End-Users through the Customer Website.
- This Agreement shall govern TrueLayer’s provision to the Customer of an application programming interface from which the Tool can be integrated into, and accessed by End-Users via, the Customer Website.
Section 2: Definitions
- "Affiliate" means any corporation, entity or other business Controlled by, Controlling or under common Control with a party.
- "Agreement" means this agreement and includes the schedules to it (and the schedules shall be treated for all purposes as forming part of this agreement).
- "API" means the application programming interface provided by TrueLayer for the purposes of enabling the Tool to be integrated into, and accessed by End-Users via, the Customer Website.
"Applicable Law" means any and all:
- (i) legislation (including statute, statutory instrument, treaty, regulation, order, directive, by-law and decree) and common law;
- (ii) regulatory rules, guidance and licence conditions relating to either party or otherwise as issued by an Authority;
- (iii) judgments, resolutions, decisions, orders, notices or demands of a competent court, tribunal, regulatory body or governmental authority in each case having the force of binding law or by which either party is bound; and
- (iv) industry guidelines or codes of conduct which are mandatory,
in each case in any jurisdiction relevant to the parties.
- "Applicable Anti-Bribery Laws" means, in relation to a party, any applicable law, rule, regulation or other legally binding measure relating to the prevention of bribery, corruption, fraud or similar or related activities, including the Bribery Act 2010 of the United Kingdom.
- "Authority" means any regulatory, administrative, supervisory or governmental agency, body or authority (whether regional, national or supranational) to whose rules, regulations or guidance any party (or any assets, resources or business of such party) is, from time to time, subject or submits including, but not limited to, the UK Information Commissioner’s Office (ICO).
- "Business Day" means any day (other than a Saturday or Sunday) on which banks are open for general business in London.
- "Commencement Date" means the date of this Agreement.
- "Confidential Information" means all non-public information, documentation and data, of whatever nature, disclosed in writing, by one party to the other or obtained by one party from the other whether before or after the Commencement Date, arising out of, or in connection with, this Agreement or its subject matter and whether or not it is marked as "confidential" but which ought to be reasonably considered to be confidential.
- “Control” has the meaning given in section 1124 of the Corporation Tax Act 2010, and “Controlled” and “Controlling” shall be construed accordingly.
- "Customer Website" means the Customer’s website, located at the url [……………………………………………………………….] and any other subdomains of the Customer’s website.
- "Data Protection Legislation" means all Applicable Laws relating to the processing of personal data and privacy, including but not limited to (where applicable): the General Data Protection Regulation (EU) 2016/679 of the European Parliament (“GDPR”) and any laws and/or regulations of the United Kingdom that: (i) implement and/or exercise derogations under it; and/or (ii) replace or supersede it; the Data Protection Act 1998; the Data Protection Directive (95/46/EC); the Regulation of Investigatory Powers Act 2000; the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (SI 2000/2699); the Electronic Communications Data Protection Directive (2002/58/EC); the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2426/2003); and, where applicable, guidance and codes of practice issued by data protection regulators, including but not limited to the UK Information Commissioner.
- “Data Breach” means any accidental, unlawful or unauthorised destruction, loss, alteration, disclosure of, or access to the End-User Personal Data or any unauthorised or unlawful processing of the End-User Personal Data.
- “Data Subject” shall have the meaning given to it in Data Protection Legislation.
- "End-User" means an individual who wishes to obtain services from the Customer and who has agreed to the End-User Terms of Service with TrueLayer.
- “End-User Personal Data” has the meaning given to it in clause 10.3;
- "End-User Terms of Service" means the terms of service which End-Users are required to agree to between the End-User and TrueLayer before using the Tool and which set out the terms on which the End-User may use the Tool, as updated from time to time.
- "Fees" means the fees payable by the Customer to TrueLayer, as set out in Schedule 1.
- "Force Majeure Event" means any circumstance not within a party's reasonable control including, without limitation: (a) acts of God, flood, drought, earthquake or other natural disaster; (b) epidemic or pandemic; (c) terrorist attack, civil war, civil commotion or riots, war, threat of or preparation for war, armed conflict, imposition of sanctions, embargo, or breaking off of diplomatic relations; (d) nuclear, chemical or biological contamination or sonic boom; (e) any law or any action taken by a government or public authority, including, without limitation, imposing an export or import restriction, quota or prohibition; (f) collapse of buildings, fire, explosion or accident; (g) any labour or trade dispute, strikes, industrial action or lockouts; (h) non-performance by suppliers or subcontractors; and (i) interruption or failure of a utility service.
- “IPR Claim” means any claim that use of the Tool, API or any TrueLayer Materials in accordance with the terms of this Agreement infringes or makes unauthorised use of any Intellectual Property Rights of any third party.
“Insolvency Event” means in respect of either party:
- other than for the purposes of a bona fide reconstruction or amalgamation, such party passing a resolution for its winding up, or a court of competent jurisdiction making an order for it to be wound up or dissolved, or that party being otherwise dissolved; or
- the appointment of an administrator of, or the making of an administration order in relation to either party, or the appointment of a receiver or administrative receiver of, or an encumbrancer taking possession of or selling the whole or any part of that party’s undertaking, assets, rights or revenue; or
- that party entering into an arrangement, compromise or composition in satisfaction of its debts with its credits or any class of them, or taking steps to obtain a moratorium, or making an application to a court of competent jurisdiction for protection from its creditors; or
- that party being unable to pay its debts, or being capable of being deemed unable to pay its debts, within the meaning of section 123 of the Insolvency Act 1986; or
- that party entering into any arrangement, compromise, or composition in satisfaction of its debts with its creditors; or
- anything analogous thereto in any other jurisdiction.
- "Intellectual Property Rights" means all patents, rights to inventions, utility models, copyright and related rights, trademarks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in confidential information (including know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world.
- “Licence” has the meaning given to it in clause 2.1;
- "Malicious Software" means any software program or code intended to destroy, interfere with, corrupt or have a disruptive effect on program files, data, other information, or any system or network, executable code or application software macros, including (without limitation) any virus, worm, Trojan horse or bot, whether or not its operation is immediate or delayed, and whether such software program or code is introduced wilfully, negligently or without knowledge of its existence.
- “Payment Account” has the meaning given to it in regulation 2(1) of the Payment Services Regulations;
- “Payment Initiation Services” has the meaning given to it in regulation 2(1) of the Payment Services Regulations;
- “Payment Service Provider” has the meaning given to it in regulation 2(1) of the Payment Services Regulations;
- “Payment Services Regulations” means the Payment Services Regulations 2017 (SI 2017/752);
- "Permitted Persons" has the meaning given to it in clause 9.2(a).
- "Personal Data" has the meaning given in Data Protection Legislation.
- "Processing" or "Process" has the meaning given in Data Protection Legislation.
- "Purpose" means facilitating the provision of Payment Initiation Services by TrueLayer to the End-User, as agreed by the Customer and the End-User in the Customer’s agreement with the End-User.
- “Regulatory Consents” means all licences, authorisations, permissions, approvals, consents, registrations or waivers necessary for the Customer to perform its obligations under this Agreement in accordance with Applicable Law or for the activities and services contemplated by this Agreement otherwise to be performed in compliance with Applicable Law.
- "Relevant Party" has the meaning given to it in clause 9.4.
- “Requesting Party” has the meaning given to it in clause 9.4.
- “SDK” means our software development kit that allows for the creation of applications for a certain software package, software framework, hardware platform, computer system, video game console, operating system, or similar development platform.
- "Term" means the length of the engagement, unless terminated.
- “Tool” means the tool provided by TrueLayer that allows End-Users to initiate payment orders with respect to a Payment Account held by them with Payment Service Providers other than TrueLayer.
- "TrueLayer Documentation" has the meaning given to it in clause 7.3.
- "TrueLayer Mark" means the mark of TrueLayer set out in Schedule 3.
- "TrueLayer Materials" has the meaning given to it in clause 7.4.
- “TrueLayer Obligations” means the obligations of TrueLayer set out in clause 2.
- “VAT” means:
- (a) any tax imposed in compliance with the council directive of 28 November 2006 on the common system of value added tax (EC Directive 2006/112);
- (b) to the extended not included in paragraph (a) above, any value added tax imposed by the Value Added Tax Act 1994 and legislation and regulations supplemental thereto; and
- (c) any other tax of a similar nature to the taxes referred to in paragraph (a) or paragraph (b) above, whether imposed in a member state of the EU in substitution for, or levied in addition to, the taxes referred to in paragraph (a) or paragraph (b) above or imposed elsewhere.
- "Year" means each twelve (12) month period from the Commencement Date or from each anniversary thereof.
In this Agreement, unless the context otherwise requires:
- (a) clause or schedule headings and the table of contents are for ease of reference only and shall not affect the construction or interpretation of this Agreement;
- (b) the expressions "other", "including", "in particular" or any similar expression shall not limit the generality of any preceding or subsequent words or be construed as being limited to the same class as any preceding words where a wider construction is possible;
- (c) references to "writing", "written" or any similar expression shall include email but will not include fax or SMS messages or other similar means of informal communication;
- (d) references to any statute or statutory provision includes any subordinate legislation made under it from time to time and reference to any English law provision or concept also includes a reference to any similar or equivalent provision or concept in any other applicable jurisdiction;
- (e) references to any statute, secondary legislation or provision of either of them shall be construed as a reference to that statute, secondary legislation or provision as may be amended, consolidated, modified, extended, re-enacted or replaced from time to time;
- (f) any reference to a “day” (including within the phrase “Business Day”) shall mean a period of 24 hours running from midnight to midnight;
- (g) the schedules form part of this Agreement and shall have the same force and effect as if expressly set out in the body of this Agreement, and any reference to this Agreement shall include the schedules.
- (h) references to dates and times are to dates and times in London, England; and
- (i) references to any agreement or document or to any part of them (including this Agreement) shall be to that agreement or document as amended, extended or replaced from time to time.
Section 3: Our Obligations
Subject to the Customer’s compliance at all times with the terms of this Agreement, TrueLayer hereby grants to the Customer a limited, non-exclusive, non-transferable, non-sub licensable, revocable licence (the “Licence”) for the Term:
- to: (i) integrate the API into the Customer Website in accordance with clause 7.3; and (ii) to enable End-Users to access and use the Tool in order for the Customer to fulfil the Purpose, subject to clause 4; and
- to, with TrueLayer’s prior written consent and subject to clause 7, include the TrueLayer Mark on the Customer Website.
TrueLayer shall use reasonable endeavours to make the Tool available to End-Users.
Subject to clauses 2.1 and 2.2, TrueLayer:
- does not give any warranties, conditions, guarantees or other commitments to the Customer in respect of its obligations or the functionality, performance, service levels, latency or accuracy of the Tool, including, without limitation, that TrueLayer does not give any commitment that the performance of the Tool will be uninterrupted or error free, and the Customer acknowledges that the Tool may be subject to downtime due to planned or emergency maintenance, updates or modifications; and
- is not responsible for any delays, delivery failures, or any loss damages, costs or expenses resulting from the transission of payment orders over communications networks and facilities, including the internet, and the Customer acknowledges that the Tool may be subject to limitations, delays and other problems inherent in the use of such communications facilities which are outside of the control of TrueLayer.
Section 4: Customer Obligations
The Customer shall provide TrueLayer with:
- all necessary co-operation in relation to this Agreement and the performance of TrueLayer Obligations; and ll such access to information or systems as may be required by TrueLayer in order to fully perform TrueLayer Obligations and to ensure that the Tool and the API are functioning correctly;
- only use the API in accordance with clause 2.1(a);
- be responsible for the accuracy and completeness of the content on the Customer Website and shall ensure that such content does not: (i) infringe any Applicable Laws; or (ii) contain any material or content that is obscene, offensive, abusive, harassing, indecent, defamatory or discriminatory; or (iii) infringe the Intellectual Property Rights of any third party;
- ensure that the Customer Website shall be free from, and shall not introduce into the Tool, any Malicious Software including by using up-to-date, industry-standard and comprehensive anti-virus software to seek to prevent the introduction of any Malicious Software into the Tool;
- comply with all Applicable Laws with respect to its activities under this Agreement;
- ensure that the End-Users are aware of TrueLayer’s services and agreement with the Customer and include the awareness wording in Schedule 2 in the Customer’s agreement with the End-User.
The Customer shall not, and shall not permit any person to (except to the extent that the following cannot be prohibited by Applicable Law):
- except to the extent expressly permitted under this Agreement, copy, modify, duplicate, create derivative works from, mirror, republish, download, display, transmit, or distribute all or any portion of the Tool and/or the API in any form or media or by any means;
- decipher, decompile, reverse assemble, disassemble, translate, reverse engineer or otherwise reduce to derive source code, algorithms, tags, specification, architecture, structure or other elements of the Tool and/or API, in whole or in part;
- remove any TrueLayer mark, logo, trade name, copyright notice and/or any other proprietary notice (as applicable) from the Tool or the API;
- interface or connect the API with any computer software or system, save for the Customer Website, without the prior written approval of TrueLayer;
- except as expressly permitted in this Agreement, use the Tool and/or API to provide services to third parties;
- allow access to, provide, divulge or make available the Tool and/or API to any third party except as expressly permitted in this Agreement;
- otherwise use or copy the Tool and/or API except as expressly permitted herein; or
- do or permit to be done any act or omission in relation to the performance of its obligations under this Agreement which does or may adversely materially affect the reputation, goodwill or image of TrueLayer.
Section 5: Access and Security
- shall not access or attempt to access any part or parts of the Tool and/or API to which it has not been granted access to by TrueLayer;
- shall notify TrueLayer immediately if it becomes aware of any unauthorised access or use of the Tool and/or API (or any part thereof) or any other actual or potential breach of security in relation to the Tool and/or API (or any part thereof) and provide such reasonable assistance to TrueLayer with regard to abating such access, use or breach as TrueLayer shall reasonably request;
- shall be responsible for any third party using the Customer's encryption key;
- shall not share with any third party the Customer's encryption key that could be used to access the Tool and/or API without TrueLayer's prior written consent and shall ensure that such encryption key is only used by the individual(s) nominated to access the same. If such individual(s) cease to act in an authorised capacity on behalf of the Customer for any reason, the Customer shall immediately notify TrueLayer and remove the encryption key from such individual(s); and
- shall not use the Tool or API to transfer or knowingly receive any Malicious Software or any material or content that is obscene, offensive, abusive, harassing, indecent, defamatory or discriminatory or which infringes the Intellectual Property Rights of any third party or whose transfer by the Customer would otherwise be unlawful, including under all applicable competition laws.
The Customer shall promptly notify TrueLayer and change the password(s) it uses to access the Tool and/or API in the event that any individual user has left the Customer’s organisation.
Section 6: Conditions of Use
The Customer acknowledges that each End-User’s use of the Tool is subject to the following:
- the End-User’s agreement to the End-User Terms of Service;
- the End-User providing correct and accurate credentials to initiate a payment order with respect to the relevant Payment Account; and
- the Customer’s compliance with the terms and conditions of this Agreement.
Section 7: Fees
The Customer shall pay the Fees to TrueLayer in accordance with this clause 6 and Schedule 1.
The Customer shall pay each invoice submitted by TrueLayer for the Fees within thirty (30) days of the end of the month of receipt of the invoice. The Fees shall be payable in Pounds Sterling (GBP). All payments shall be made in full without any set off, deduction or withholding whatsoever, save for such deductions or withholdings as are required by Applicable Law. If the Customer is required by Applicable Law to make any deduction or withholding from any payment to TrueLayer, the sum due in respect of such payment shall be increased so that, after the making of such deduction or withholding, TrueLayer receives a net sum equal to the sum it would have received had no such deduction or withholding been made.
The Fees payable by the Customer under this Agreement shall be exclusive of any amounts in respect of VAT. If anything done by one party under this Agreement constitutes, for VAT purposes, the making of a supply to the other party and VAT is or becomes chargeable on that supply, the party receiving the supply shall pay the other party, in addition to any amounts otherwise payable under this Agreement by the party receiving the supply, and against delivery of a valid VAT invoice to the party receiving the supply, a sum equal to the amount of VAT which is chargeable in respect of that supply.
Without prejudice to any other remedy available to TrueLayer under this Agreement or under Applicable Law, if any invoice (or part thereof) or other amount which is due and payable under this Agreement to TrueLayer is not paid by the Customer to TrueLayer by the due date for payment:
- TrueLayer shall not be obliged to perform the TrueLayer Obligations until the date of actual payment of any such amounts in full by the Customer; and/or
- the Customer shall be liable to pay interest to TrueLayer on the outstanding sum from the relevant due date for payment until the date of actual payment in full (both before and after any judgment) at the rate of four per cent (4%) per annum above the Bank of England base rate for the period in question.
- In the event that TrueLayer exercises its right under clause 6.4(b), TrueLayer shall reinstate the performance of its obligations under clause 2 as soon as reasonably practicable following receipt in cleared funds by the Customer of all amounts outstanding from the Customer including any interest payable under clause 6.4(b).
Section 8: Intellectual Property Rights
Save as expressly set out in this Agreement, neither party shall receive any right, title or interest in or to any Intellectual Property Rights owned by the other party. All rights not expressly granted in this Agreement are reserved by the parties or their licensors. For the avoidance of doubt, the Customer shall not under any circumstances have or be entitled to hold any Intellectual Property Rights in the Tool or the API except for the licence granted pursuant to clause 2.1.
Customer shall use the TrueLayer Mark only in accordance with the terms of this Agreement and TrueLayer’s trademark usage policy, as notified to the Customer from time to time.
TrueLayer shall make available to the Customer its API integration and user guides and SDKs, as amended by TrueLayer from time to time (collectively "TrueLayer Documentation"). The Customer shall comply with the TrueLayer Documentation in connection with the integration and use of the API. The Customer shall keep all user IDs, passwords and other access codes pertaining to the API confidential and secure from all unauthorised persons in accordance with the provisions of clause 4.
All Intellectual Property Rights in the Tool and API and all supporting documentation (including, but not limited to, the TrueLayer Mark and TrueLayer Documentation) (the "TrueLayer Materials"), together with any goodwill in or attaching to them, shall be the property of TrueLayer and the Customer shall not acquire any rights or interests in the TrueLayer Materials including any additions, developments modifications, updates and new versions thereof and other derivative works thereto. Such rights shall vest in TrueLayer or its licensors automatically upon their creation irrespective of whether they are made by TrueLayer, Customer or third-party providers. To the extent that such rights do not vest automatically in TrueLayer or its licensors, Customer shall and (to the extent possible pursuant to Applicable Law) hereby does assign and shall procure the assignment of all such rights to TrueLayer and shall at TrueLayer’s cost execute and deliver (including procuring execution and delivery by its employees, agents and contractors) all such instruments and take such further actions that may be needed to perfect such assignment and to secure and protect TrueLayer’s rights therein. Furthermore, the Customer forever waives and agrees never to assert any and all moral rights it may have in or with respect to any such rights and shall procure that its employees, agents and contractors do the same.
The Customer shall ensure that all Intellectual Property Rights notices contained in the Tool, API and TrueLayer Materials are reproduced in full.
Customer shall not use, apply to register, register or cause or knowingly assist any other person to use, register or apply to register the TrueLayer Mark or any mark, name, sign or logo which is or is likely to be confused or associated with the TrueLayer Mark or any translation thereof (including, without limitation, any internet domain name including any of the foregoing in any language) otherwise than as is agreed in writing by TrueLayer.
All goodwill in and to the TrueLayer Mark arising in connection with the use by Customer shall vest in TrueLayer. Customer undertakes that it will make no claim to any goodwill in or to the TrueLayer Mark.
If during the Term, any infringement or wrongful use of the TrueLayer Materials occurs by a third party, immediately upon learning thereof, the Customer shall notify TrueLayer in writing, setting forth the facts in reasonable detail. The Customer agrees to cooperate in good faith, and to assist TrueLayer, to the extent reasonably possible, in any case of infringement affecting the TrueLayer Materials.
Subject to clause 12.3 and the Customer complying with its obligations under this Agreement (including under clause 7.10), TrueLayer shall indemnify the Customer in respect of all losses, liabilities, costs (including legal costs and VAT), charges, expenses, actions, procedures, claims, demands and damages (including the amount of damages awarded by a court of competent jurisdiction) suffered and/or incurred by the Customer in connection with any IPR Claim excluding any IPR Claim to the extent relating to any modification or addition to the Tool, API or TrueLayer Materials made other than by TrueLayer.
- give TrueLayer full written details of the IPR Claim without undue delay but in any event no later than five (5) Business Days of it first being made;
- not make any admission or take any other action in respect of the IPR Claim, which might be prejudicial thereto without the prior written consent of TrueLayer;
- give TrueLayer conduct of any proceedings, suit or action which may ensue and all negotiations for a settlement of the IPR Claim; and
- give to TrueLayer, at TrueLayer’s request and expense, all reasonable assistance in connection with any such IPR Claim.
The provisions of clauses 7.9 and 7.10 set out TrueLayer’s sole and exclusive obligations, and TrueLayer’s sole and exclusive remedies, with respect to infringement or misappropriation of Intellectual Property Rights, whether in contract, tort or otherwise (including, but not limited to, liability for any negligent act or omission).
Section 9: Warranties
Each party warrants at the date of this Agreement that:
- it has full capacity and authority to enter into and perform its obligations under this Agreement;
- this Agreement is executed by a duly authorised representative;
- it is not subject to an Insolvency Event; and
- it is not aware of any of the events referred to in clause 8.1(c).
The Customer warrants that all Regulatory Consents have been obtained by it and remain in full force and effect, all conditions to any such Regulatory Consents have been complied with, and it is not aware of any circumstance which indicates that any Regulatory Consent may be varied, revoked or not renewed.
TrueLayer warrants that it is authorised and regulated by the Financial Conduct Authority under the Payment Services Regulations, with permission to carry on Payment Initiation Services.
Save as expressly set out in this Agreement, TrueLayer does not give any representation or warranty (express or implied) in respect of the subject matter of this Agreement and all warranties and representations which may be implied (by statute or otherwise) are hereby excluded to the maximum extent permitted by Applicable Law.
Section 10: Confidential Information
Each party undertakes to the other party:
- to keep all Confidential Information received from the other party or otherwise pursuant to this Agreement strictly confidential;
- subject to this clause 9.1 and clause 9.2, not to disclose such Confidential Information in whole or in part to any third party;
- to use such Confidential Information solely for the purpose of: (i) in respect of the Customer, receiving the benefit of the Licence; and (ii) in respect of TrueLayer, granting the Licence, and not otherwise for its own benefit or the benefit of any third party; and
- not to copy or reproduce such Confidential Information other than in connection with, and only to the extent necessary for, the purposes set out in clause 9.1(c) or which is automatically archived or backed up by that party's systems. For the avoidance of doubt, each party shall continue to be bound by the obligations under this clause 9 in respect of any Confidential Information which is automatically archived or backed-up.
Each party may disclose the Confidential Information referred to in clause 9.1:
- to its Affiliates and such of its Affiliates' employees, directors, officers, agents, professional advisers and subcontractors ("Permitted Persons") as have a legitimate need to know or see the same for the purposes set out in clause 9.1(c) above. Each party will ensure that any Permitted Person to whom a disclosure is made is subject to equivalent obligations of confidentiality as those that bind the party under this clause. Each party shall be liable for the acts or omissions of such Permitted Persons that lead to a breach of that party's obligations under this clause 9.
- in compliance with the legal requirements of a competent legal or other Authority or government agency, or as otherwise required by Applicable Law, provided that:
- the party to which the Confidential Information relates has been notified by the party intending to disclose it of the intended disclosure prior to the disclosure taking place (where permitted to do so by Applicable Law); and
- the party intending to disclose the Confidential Information (where permitted to notify in accordance with clause 9.2(b)(i)) has provided such assistance as has been reasonably requested by the party to which the Confidential Information relates in order to restrict the scope of the intended disclosure to the maximum extent.
The obligations of confidentiality under this Agreement shall not apply (or shall cease to apply as the case may be) to any Confidential Information:
- which becomes public knowledge other than as a result of a breach of this Agreement;
- already in the receiving party's possession without an obligation of confidentiality prior to disclosure by the disclosing party in connection with this Agreement;
- lawfully obtained by the receiving party without any obligation of confidentiality from a third party who was entitled to disclose it; or
- which the receiving party can demonstrate was independently created by the receiving party without the use of any of the disclosing party's Confidential Information.
Following a party's written request (the "Requesting Party") or termination of this Agreement for any reason, the other party (the "Relevant Party") shall as soon as reasonably practicable (and in any event, within (seven (7) days) return to the Requesting Party or, if requested by the Requesting Party, securely destroy (including, without limitation, by erasing any electronically held information stored on magnetic media) all Confidential Information, or such portion of that Confidential Information as is specified by the Requesting Party, in the Relevant Party's possession or control that relates to, or was disclosed to, the Relevant Party by or obtained by the Relevant Party from, the Requesting Party save:
- to the extent that it is required to be retained by Applicable Law; or
- in respect of Confidential Information which is automatically archived and/or backed up by the Relevant Party's systems in a manner that the retrieval and return or destruction of such Confidential Information would not be technically feasible or would require an unreasonable expenditure of costs or resources by the Relevant party.
For the avoidance of doubt, the Relevant Party shall continue to be bound by the obligations of confidentiality under this Agreement in the event that any such Confidential Information described in clause 9.4 is not retrieved, returned or destroyed. If requested in writing by the Requesting Party, the Relevant Party shall provide a written confirmation signed by a duly authorised representative of the Relevant Party confirming that the Relevant Party has returned or securely destroyed such Confidential Information, or if some or all of such Confidential Information has not been returned or securely destroyed, the Relevant Party shall provide reasonable written details of that Confidential Information and the reasons for such failure to return or securely destroy.
This clause 9 shall survive termination of this agreement for any reason.
Section 11: Data Protection
Terms and expressions used in this clause 10 and not defined in this Agreement shall have the meaning assigned to them in the Data Protection Legislation relevant to the processing in question.
Each party shall comply with its obligations under the Data Protection Legislation and shall co-operate with the other party in order to assist that party to comply with its own obligations under Data Protection Legislation.
The parties acknowledge and agree that in relation to the Personal Data to be shared and processed by the parties pursuant to this Agreement ("Shared End-User’s Personal Data") each party acts as a Controller in its own right.
Each party warrants that it will:
- (a) process the Shared End-User’s Personal Data in compliance with all applicable Data Protection Legislation and in accordance with contractual obligations held with the End-User;
- (b) process the Shared End-User’s Personal Data to establish their suitability for products and services being offered by the Customer, and to that end the data shared will include but not be limited to the following information on the End-User:
- (i) account number and account details;
- (ii) account balance and transactions;
- (iii) name, address, and phone number;
- (iv) debit card numbers and details;
- (v) debit card transactions and balance.
- (c) respond within a reasonable time and as far as reasonably possible to enquiries from any relevant Authority in relation to the Shared End-User’s Personal Data; and
- (d) take all appropriate steps to ensure compliance with the security measures set out at clause 10.4(a).
Each party shall implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to the risk (taking into account the nature, scope, context and purposes of processing End-User Personal Data), including from unauthorised or unlawful processing of such End-User Personal Data, or accidental loss or destruction of, or damage to, such End-User Personal Data.
Each party shall:
- have in place procedures so that any third party it authorises to have access to Shared End-User Personal Data, including processors, will respect and maintain the confidentiality and security of such Shared End-User Personal Data and at all times act in accordance with Data Protection Legislation;
- assist each other in fulfilling its obligations to respond to requests for exercising Data Subjects rights under the Data Protection Legislation, including by implementing appropriate technical and organisational measures to enable such assistance;
- provide reasonable assistance as is necessary to the other to facilitate the handling by the other party of any Data Breach in an expeditious and compliant manner;
- promptly and without delay delete any Shared End-User Personal Data in the event that the agreement with the End-User is terminated, or the retention period for storage of such data has passed the retention period as stipulated in each party’s data protection and retention policies;
- notify any potential or actual losses of the Shared End-User’s Personal Data, and any Data Breach, to the other party's contact pursuant to clause 15.3 as soon as possible and in any event within 24 hours after becoming aware of the breach. The responsible shall work together to consider the action required in order to resolve the issue in accordance with the applicable Data Protection Legislation;
- be responsible for dealing with its own subject access requests or Data Protection Legislation related complaints from Data Subjects in relation to the Shared End-User’s Personal Data it holds; and
- promptly and without delay notify the other party of any request, communications and / or complaints relating to:
- (i) the Processing of any Shared End-User’s Personal Data or,
- (ii) the sharing of Shared End-User’
which is made by an Authority (including the ICO), Data Subject or any other person and the parties shall each cooperate and assist the other in relation to any such request, complaint or communication to enable either or both parties (as applicable) to deal with any such requests, communications and/or complaints.
Each party will not disclose or transfer End-User Personal Data to a third party data controller located outside the European Economic Area (EEA) unless:
- the third party data controller processes the End-User Personal Data in accordance with an EU Commission decision finding that a third country provides adequate protection: or
- the third party data controller becomes a signatory to the standard contractual clauses or another data transfer agreement approved by a competent authority in the EU: or
- End-Users have been given the opportunity to object, after having been informed of the purposes of the transfer, the categories of recipients and the fact that the countries to which End-User Personal Data is exported may have different data protection standards: or
- with regard to onward transfers of End-User Personal Data that comprises sensitive data, End-Users have given their unambiguous consent to the onward transfer.
Section 12: Term and Termination
This Agreement shall start or be deemed to have started on the Commencement Date and shall continue, subject to earlier termination in accordance with its terms, until terminated by the Customer or TrueLayer in accordance with this clause 11 or clause 14.2.
TrueLayer may terminate this Agreement for convenience at any time on giving not less than thirty (30) days prior written notice to the Customer.
The Customer may terminate this Agreement for convenience at any time on giving not less than two (2) months’ prior written notice to TrueLayer.
Either party may terminate this Agreement with immediate effect by giving notice to the other party if the other party:
- materially breaches this Agreement (save for payment obligations which shall be governed by clause 11.5) if such breach is not capable of remedy or, where such breach is capable of remedy, where that party fails to remedy the breach within ten (10) Business Days of being notified of the breach in writing; or
- is subject to an Insolvency Event.
TrueLayer may terminate this Agreement immediately by notice in writing to the Customer:
- where the Customer fails to pay to TrueLayer any invoice (or part thereof) or any other amount due and payable to TrueLayer under this Agreement on or before the due date for payment if TrueLayer has sent a fifteen (15) day written notice to the Customer requiring such payment and such payment is not made in cleared funds on or before the expiry of such fifteen (15) day written notice;
- if, in TrueLayer's reasonable opinion, it is required to prevent any imminent threat to the security of the Tool and/or API; or
- if TrueLayer has reasonable suspicions that the Customer is misusing the Tool or is in breach of any Applicable Law.
Subject to clauses 11.7 and 11.8, on termination of this Agreement, the Customer's rights under this Agreement will immediately terminate and TrueLayer shall, as soon a reasonably practicable, remove the Tool and/or prohibit End-Users from accessing the Tool and the Customer shall immediately remove the interface to the Tool and the TrueLayer Mark from the Customer Website.
Termination of this Agreement shall be without prejudice to any rights and remedies which may have accrued up to the date of such termination.
The provisions of clauses 1, 6 to 12 (inclusive), and 24 and any other clauses and schedules which by their nature are intended to survive termination of this Agreement, shall survive the termination of this Agreement for any reason.
Section 13: Liability
Nothing in this Agreement shall limit or exclude either party's liability in respect of any claims: for death or personal injury caused by the negligence of such party;
- resulting from the wilful default of such party; or
- to the extent that such liability may not otherwise be limited or excluded by Applicable Law.
Subject to clause 12.1, neither party shall be liable to the other (whether in contract, tort (including negligence), misrepresentation, breach of statutory duty (including strict liability) or otherwise arising out of, or in relation to, this Agreement ) for any:
- loss of profits or revenue (whether direct or indirect);
- loss of opportunity or anticipated savings (whether direct or indirect);
- loss of goodwill or reputation (whether direct or indirect);
- loss or corruption of data (whether direct or indirect); or
- special, indirect or consequential loss or damage,
- suffered by that other party.
Subject to clause 12.1, TrueLayer's maximum aggregate liability to the Customer under or in connection with this Agreement (whether in contract, tort (including negligence), misrepresentation, breach of statutory duty (including strict liability) or otherwise, including in respect of any indemnity, shall not exceed in any Year the greater of: (i) £50,000 (fifty thousand pounds); and (ii) the total Fees paid and/or payable by the Customer to TrueLayer in that Year.
The Customer shall indemnify and keep indemnified TrueLayer from and against any and all losses, liabilities, costs (including legal costs and VAT), charges, expenses, actions, procedures, claims, demands and damages (including the amount of damages awarded by a court of competent jurisdiction) suffered and/or incurred by TrueLayer arising out of or in connection with:
- any breach by the Customer of clauses 4, 7, 10 or 13;
- any content, information or materials the Customer has provided to TrueLayer (including but not limited to any claim by any third party that such content, information or materials infringes or makes unauthorised use of that third party's Intellectual Property Rights);
- breaches of Applicable Law by the Customer (including fines or other financial penalties imposed by an Authority); and/or
- the services offered by the Customer to End Users.
Section 14: Anti Bribery
Each party shall during the Term:
- comply with all Applicable Anti-Bribery Laws;
- implement and maintain adequate procedures designed to promote and achieve compliance with Applicable Anti-Bribery Laws;
- where permitted by law, promptly report to the other party any request or demand for any undue financial or other advantage of any kind received by it in connection with its rights and/or obligations under this Agreement;
- if requested by the other party and where permitted by law, provide the other party with any reasonable assistance, at the other party's reasonable costs, to enable the other party to perform any activity required by any Authority for the purpose of compliance with any Applicable Anti-Bribery Laws to the extent that such compliance relates to or is in connection with its rights and/or obligations under this Agreement; and
- at the other party's reasonable request, confirm in writing that it has complied with its obligations under this clause 13 and provide any information reasonably requested by the other party in support of such compliance.
Each party warrants and represents on an ongoing basis during the Term that it: has not been convicted of violating any Applicable Anti-Bribery Laws or any offence involving corruption, fraud or dishonesty; and so far as it is aware, has not been and is not the subject of any investigation, inquiry or enforcement proceedings by any Authority regarding any offence or alleged offence under any Applicable Anti-Bribery Law.
Breach of this clause 13 shall be deemed a material breach of this Agreement, which is not capable of remedy for the purposes of clause 11.4(a).
Section 15: Force Majure
If TrueLayer is prevented, hindered or delayed in or from performing any of its obligations under this Agreement by a Force Majeure Event, TrueLayer shall not be in breach of this Agreement or otherwise liable for any such failure or delay in the performance of such obligations. The time for performance of such obligations shall be extended accordingly.
- as soon as reasonably practicable after the start of the Force Majeure Event, notify the Customer of the Force Majeure Event, the date on which it started, its likely or potential duration and the effect of the Force Majeure Event on its ability to perform any of its obligations under this Agreement; and
- use all reasonable endeavours to mitigate the effect of the Force Majeure Event on the performance of its obligations.
If the Force Majeure Event prevents, hinders or delays TrueLayer's performance of its obligations for a continuous period of more than thirty (30) days, the Customer may terminate the Agreement by giving thirty (30) days' written notice to TrueLayer.
Section 16: Notices
Any notice required to be given under this Agreement shall be in writing and shall be sufficiently served if sent:
- by hand;
- by registered first class post or recorded delivery if the sender and recipient are both based within the United Kingdom;
- by a reputable international courier if one or more of the sender or recipient is based outside of the United Kingdom; or
- by e-mail,
to the addresses referred to in clause 15.3.
Notices sent by hand shall be deemed to be served on the day when they are actually received. Notices sent by registered first class post or recorded delivery shall be deemed to be served three (3) days following the day of posting. Notices sent by international courier shall be deemed to be served three (3) days from the day the sender has deposited the notice with such courier. Notices sent by e-mail shall be deemed to be served upon the generation of a receipt notice by the recipient's server or, if such notice is not generated, upon delivery to the recipient's server.
For the purposes of clause 15.1 the specified addresses are:
TrueLayer: FAO: FRANCESCO SIMONESCHI, CEO AND CO FOUNDER
(or their successor in this role)
1 HARDWICK STREET, 3RD FLOOR, LONDON EC1R 4RB
Customer: FAO: __________________, ______________________
(or their successor in this role)
or such other address as the relevant party may notify to the other in accordance with this clause 15.
Section 17: Waivers
A waiver of any right or remedy under this Agreement or by law is only effective if given in writing and shall not be deemed a waiver of any subsequent breach or default.
A failure or delay by either party to exercise any right or remedy provided under this Agreement or by law shall not constitute a waiver of that or any other right or remedy, nor shall it prevent or restrict any further exercise of that or any other right or remedy. No single or partial exercise of any right or remedy provided under this Agreement or by law shall prevent or restrict the further exercise of that or any other right or remedy.
No variation of this Agreement shall be valid unless agreed in writing and signed by TrueLayer and the Customer.
Section 18: Severance
If any provision or part-provision of this Agreement is or becomes invalid, illegal or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed deleted. Any modification to or deletion of a provision or part-provision under this clause shall not affect the validity and enforceability of the rest of this Agreement.
Section 19: Transfers of Rights and Obligations
The Customer may not assign, novate, dispose or otherwise transfer this Agreement or any rights or obligations under this Agreement to any third party or otherwise deal with this Agreement without the prior written consent of TrueLayer.
Section 20: Entire Agreement
This Agreement constitutes the entire agreement and understanding between the parties in respect of the Licence and supersedes any previous agreement between the parties relating to such matter. Each of the parties represents and undertakes that in entering this Agreement it does not rely on, and shall have no remedy in respect of, any statement, representation, warranty or undertaking (whether negligently or innocently made) of any person (whether party to this Agreement or not) other than as expressly set out in this Agreement. Nothing in this Agreement shall operate to exclude or limit any liability for fraud or fraudulent misrepresentation.
Section 21: Third Party Rights
The parties to this agreement do not intend that any term of this agreement should be enforceable, by virtue of the Contracts (Rights of Third Parties) Act 1999, by any person who is not a party to this agreement.
Section 22: Costs and Expenses
Except as stated in this Agreement or otherwise agreed between the parties, each party shall pay its own costs and expenses in relation to the negotiation, preparation, execution and carrying into effect of this Agreement.
Section 23: Counterparts
This Agreement may be executed in any number of counterparts, and by the parties on separate counterparts, but shall not be effective until Customer and TrueLayer have executed at least one counterpart.
Each counterpart shall constitute an original of this Agreement, but all the counterparts shall together constitute but one and the same instrument.
Section 24: No Partnership
Nothing in this Agreement and no action taken by Customer or TrueLayer under this Agreement shall constitute a partnership, association, joint venture or other co-operative entity between Customer and TrueLayer.
Section 25: Governing Law and Jurisdiction
This Agreement and any dispute or claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of England and Wales.
Each party irrevocably agrees that the courts of England and Wales shall have exclusive jurisdiction to settle any dispute or claim arising out of or in connection with this Agreement or its subject matter or formation (including non-contractual disputes or claims).
Schedule 1: Fees
[Fee structure will be inserted when agreed with the Customer]
Schedule 2: Customer to End-User Awareness Wording
“We use a tool provided by TrueLayer Limited (www.truelayer.com) (“TrueLayer”) that allows you to send information on your payment accounts to us and other service providers.
Schedule 3: Marks