1. These conditions apply to all advertisements accepted for inclusion in publications produced by Outlook Publishing Ltd from third parties (‘the Advertiser’). No employee or agent of Outlook Publishing Ltd has the authority to agree any variation or addition to these conditions which can only be varied in writing signed by a Director authorised on behalf of Outlook Publishing Ltd.
  2. All advertisements are accepted subject to Outlook Publishing Ltd’s approval of copy and availability of space. Acceptance of any advertisement which is intended to form any part of a composite page is conditional on sufficient advertisements being obtained to complete such a composite page.
  3. Outlook Publishing Ltd reserves the right to refuse, amend or omit an advertisement at any time at its entire discretion.
  4. Charges shall be set out in the advertising confirmation form, usually in e-mail correspondence from Outlook Publishing Ltd. Rates may change from time to time and advertising is accepted only on condition that revised rates will apply to any advertisements placed following the date of change. Confirmation of booking shall be accepted via email with the Advertiser confirming using terminology such as ‘Agreed’, ‘Confirmed’, ‘Interested’, ‘We Confirm’ or ‘We Agree’. The confirming of the booking shall amount to an acceptance by the advertiser of the terms of this agreement. Any conditions stipulated verbally or in any other format by the advertiser shall be void insofar as they are a) not approved by Outlook Publishing Ltd in writing and/or b) in conflict with these Terms and Conditions.
  5. Invoices are due for payment upon receipt of order confirmation.
  6. In the event of non-payment of any amounts due from the Advertiser, Outlook Publishing Ltd shall be entitled to exercises a lien over all artwork, copy and other property of the Advertiser in its possession until the Advertiser has paid in full all amounts owing to Outlook Publishing Ltd.
  7. Should the Advertiser fail to provide artwork or artwork materials within the specified timeframe, it will remain liable for the full cost agreed as per the Confirmation referred to in Item 4. We also reserve the right to place a basic or filler advert in the space.
  8. Cancellations will be considered, and a refund may be payable, on the basis that cancellation is provided to Outlook Publishing Ltd within 7 days of the confirmation of services set out in item 4.
  9. Where a discount is allowed for advertising on a series basis, any special terms agreed shall lapse in the event of the Advertiser being in breach of any of these terms. If new copy is not received by Outlook Publishing Ltd by the due copy date, the previous copy may be used without the submission of a new proof and such advertisement shall be deemed to have been placed by the Advertiser unless proper notice of cancellation has been given in accordance with these terms.
  10. Outlook Publishing Ltd does not accept responsibility/legal liability, for all damages, losses, legal expenses and claims resulting directly or indirectly from any defamatory comments or infringement of third-party intellectual property rights arising from the advertisement.
  11. Advertiser’s property and artwork is held by Outlook Publishing Ltd at the Advertiser’s risk. All software and intellectual property created by Outlook Publishing Ltd in connection with the advertisements shall be and remain the property of Outlook Publishing Ltd.
  12. Data Protection and Data Processing
    12.1.1 Each party confirms that they hold, and during the currency of this Agreement will maintain, all registrations and notifications required in terms of the GDPR which are appropriate to the performance of their obligations under this Agreement.
    12.1.2 Each party confirms that in the performance of this Agreement, they will comply with the GDPR and in particular, the Data Protection Principles set out in the GDPR, and with the guidance notes issued from time to time by the Information Commissioner’s Office.
    12.1.3 The client and the Supplier acknowledge that for the purposes of the Data Protection Legislation, the client is the Data Controller and the Supplier is the Data Processor in respect of any Personal Data. The only processing that the Supplier is authorised to do is listed in the contract, as agreed between the Supplier and the client, and may not be determined by the Supplier.
    12.1.4 The Supplier shall notify the client immediately if it considers that any of the client’s instructions infringe the Data Protection Legislation.
    12.1.5 If the Supplier’s assistance is necessary and relevant, the Supplier shall provide all reasonable assistance to the client in the preparation of any Data Protection Impact Assessment prior to commencing any processing. Such assistance may include:
    i. a systematic description of the envisaged processing operations and the purpose of the processing;
    ii. an assessment of the necessity and proportionality of the processing operations in relation to the Contract;
    iii. an assessment of the risks to the rights and freedoms of Data Subjects; and
    iv. the measures envisaged to address the risks, including safeguards, security measures and mechanisms to ensure the protection of Personal Data.
    12.1.6 The Supplier shall, in relation to any Personal Data processed in connection with its obligations under this Agreement:
    i. process that Personal Data only in accordance with the Contract;
    ii. take appropriate measures to ensure the security of processing;
    iii. assist the client in meeting its GDPR obligations in relation to the security of processing;
    iv. ensure that it has in place Protective Measures, appropriate to the risks of varying likelihood and severity for the rights and freedoms of Data Subjects, to protect against a Data Loss Event, having taken account of the:
    (i) nature, scope, context, and processing purposes of the data to be protected; (ii) harm that might result from a Data Loss Event;
    (iii) state of technological development; and
    (iv) cost of implementing any measures;
    v. ensure that:
    (i) the Supplier Personnel do not process Personal Data except in accordance with this Agreement (and in particular the Contract);
    (ii) it takes all reasonable steps to ensure the reliability and integrity of any Supplier Personnel who have access to the Personal Data and ensure that they:
    A) are aware of and comply with the Supplier’s duties under this clause;
    (B) are subject to appropriate confidentiality undertakings with the Supplier;
    (C) are informed of the confidential nature of the Personal Data and do not publish, disclose or divulge any of the Personal Data to any third Party unless directed in writing to do so by the client or as otherwise permitted by this Agreement; and
    (D) have undergone adequate training in the use, care, protection and handling of Personal Data;vi. not transfer Personal Data outside of the EEA;
    vii. only act on the written instructions of the client unless required by law to act without such instructions;
    viii. at the written direction of the client, delete or return all Personal Data (and any copies of it) as agreed to the client on termination of the Agreement.
    12.1.7 The Supplier shall notify the client immediately if it:
    i. receives any request, complaint or communication relating to either Party’s obligations under the Data Protection Legislation;
    ii. receives any communication from the Information Commissioner or any other regulatory authority in connection with Personal Data processed under this Agreement;
    iii. receives a request from any third Party for disclosure of Personal Data where compliance with such request is required or purported to be required by Law; or
    iv. becomes aware of a Data Loss Event.
    12.1.8 The Supplier’s obligation to notify shall include the provision of further information to the client in phases, as details become available.
    12.1.9 Taking into account the nature of the processing, the Supplier shall provide the client with assistance in relation to either Party’s obligations under Data Protection Legislation and any complaint, communication or request made (and insofar as possible within the timescales reasonably required by the client) including by providing:
    i. the client with full details and copies of the complaint, communication or request;
    ii. such assistance as is reasonably requested by the client to enable the client to comply with a Data Subject Access Request within the relevant timescales set out in the Data Protection Legislation;
    iii. the client, at its request, with any Personal Data it holds in relation to a Data Subject; iv. assistance as requested by the client following any Data Loss Event;
    v. assistance as requested by the client with respect to any request from the Information Commissioner’s Office, or any consultation by the client or client’s client with the Information Commissioner’s Office.
    12.1.10 The Supplier shall maintain complete and accurate records and information to demonstrate its compliance with this clause.
    12.1.11 The Supplier shall allow for audits and inspections of its Data Processing activity by the client or the client’s designated auditor.
    12.1.12 The Supplier shall designate a Data Protection Officer as required by the Data Protection Legislation.
    12.1.13 The Supplier is given general authorization to engage third-parties to process the Personal Data (i.e. “Sub- Processors”) without obtaining any further written, specific authorization from the client, provided that the Supplier notifies the client in writing about the identity of a potential Sub-Processor (and its processors, if any) before any agreements are made with the relevant Sub-Processors and before the relevant Sub-Processor processes any of the Personal Data. If the client wishes to object to the relevant Sub-Processor, the client shall give notice hereof in writing within three (3) working days from receiving the notification from the Supplier. Absence of any objections from the client shall be deemed a consent to the relevant Sub-Processor.
    12.1.14 Before allowing any Sub-Processor to process any Personal Data related to this Agreement, the Supplier must:
    i. enter into a written agreement with the Sub-Processor which gives effect to the terms set out that they apply to the Sub-Processor; and
    ii. provide the client with such information regarding the Sub-Processor as the client may reasonably require.
    12.1.15 The Supplier shall remain fully liable for all acts or omissions of any Sub-Processor.
    12.1.16 The Supplier will not transfer Personal Data outside of the EEA unless explicitly requested in writing by the client to do so.
    12.1.17 The Supplier shall only enable the transfer of personal data to a country outside the EEA if the client has provided a mechanism from which an adequate level of data protection can be adduced. In the absence of an adequacy decision, then the transfer would be enabled only if:
    i. appropriate safeguards have been provided; and
    ii. on condition that data subjects have enforceable rights in that country with respect to the data.
    12.1.18 The client acknowledges that the Supplier is reliant on the client for direction as to the extent to which the Supplier is entitled to use and process the Personal Data. Consequently, the Supplier will not be liable for any claim brought by a Data Subject arising from any action or omission by the Supplier, to the extent that such action or omission resulted directly from the client’s instructions.

DEFINITIONS

In these Terms and Conditions and Agreement, unless the ontext otherwise requires, the following expressions have the following meanings:

“Agreement”

Means these Terms and Conditions of Service as they relate to the Schedule/Quotation or Letter.

“Business Day”

A normal scheduled working day (Monday to Friday) performed during the hours of 0800 to 1630 hours, excluding Public, Bank and Statutory Holidays, on which banks generally are open for the transaction of normal banking business (other than solely for trading and settlement in euros).

“Buyer”

Means any individual, firm or corporate body (which expression shall, where the context so admits, include its successors and assigns) which purchases services from the Supplier.

“Commencement Date”

The commencement date for this agreement as set out in the schedule.

“Conditions”

Means these Terms and Conditions of Service.

“Delivery Point”

The address at which delivery of the Goods and or performance of the Services is to take place as specified in the Buyer’s order acknowledgement.

“Services”

Means the services to be provided by the Supplier to the Buyers as set out in the Schedule/Quotation or Letter.

“Supplier”

Means Outlook Publishing, Norvic House, 29-33 Chapelfield Road, Norwich, NR2 1RP, England.

“Terms of Payment”

Means the terms of payment of Fees as set out in the Schedule.

“Personnel”

Means all directors, officers, employees, agents, consultants and contractors of the Supplier engaged in the performance of their obligations under this Agreement.

“Data Protection Legislation”

The GDPR, the LED and any applicable national implementing Laws as amended from time to time (ii) the DPA 2018 subject to Royal Assent to the extent that it relates to processing of personal data and privacy; (iiii) all applicable Law about the processing of personal data and privacy;

Data Protection Impact Assessment

An assessment by the Purchaser of the impact of the envisaged processing on the protection of Personal Data.

Data Controller, Data Processor, Data Subject, Personal Data Breach, Data Protection Officer

Take the meaning given in the GDPR.

Data Loss Event

Any event that results, or may result, in unauthorised access to Personal Data held by the Supplier under this Agreement, and/or actual or potential loss and/or destruction of Personal Data in breach of this Agreement, including any Personal Data Breach.

Data Subject Access Request

A request made by, or on behalf of, a Data Subject in accordance with rights granted pursuant to the Data Protection Legislation to access their Personal Data

DPA 2018

Data Protection Act 2018.

GDPR

The General Data Protection Regulation (Regulation (EU) 2016/679).

Law

Means any law, subordinate legislation within the meaning of Section 21(1) of the Interpretation Act 1978, bye-law, enforceable right within the meaning of Section 2 of the European Communities Act 1972, regulation, order, regulatory policy, mandatory guidance or code of practice, judgment of a relevant court of law, or directives or requirements with which the Contract is bound to Comply.

LED

Law Enforcement Directive (Directive (EU) 2016/680).

Protective Measures

Appropriate technical and organisational measures which may include: pseudonymising and encrypting Personal Data, ensuring confidentiality, integrity, availability and resilience of systems and services, ensuring that availability of and access to Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the such measures adopted by it.

Sub-Processor

Any third Party appointed to process Personal Data on behalf of the Data Processor related to this Agreement.


Outlook Publishing Ltd