Terms of Service

NOTE: These are our UK Terms of Service. To view the USA version click here.

StaffCircle Platform Terms of Service

Welcome to StaffCircle! We provide a cloud-based platform (Platform) where you can facilitate a high-performing culture in your business, by managing engagement, performance management and skill development.

In these terms of service (Terms), when we say you or your, we mean both you and, if applicable, any entity you are authorised to represent (such as your employer). When we say we, us, or our, we mean StaffCircle Ltd, a company registered in England and Wales with company number 10691841.

These Terms form our contract with you and set out our obligations as a service provider and your obligations as a customer. You cannot use our Services unless you agree to these Terms.

Some capitalised words in these Terms have defined meanings, and each time that word is used in these Terms it has the same meaning. You can find a list of the defined words and their meaning at the end of these Terms or throughout these Terms.

Please read these Terms carefully before you accept these Terms.


1. Engagement and Term

1.1 You agree to these Terms by signing the Service Order to which these Terms relate.

1.2 These Terms apply from the date that you sign the Service Order (Commencement Date), until the date on which your Account is terminated in accordance with these Terms (Term). We grant you and each Authorised User a right to use our Services for this period of time only (which may be suspended or revoked in accordance with these Terms).

1.3 You and each Authorised User must be at least 16 years old to use the Platform.

1.4 We may amend these Terms at any time, by providing written notice to you. If you do not agree to the amendment, please contact us and we will work together to agree a solution.

1.5 If you are using the Platform on behalf of your employer or a business entity, you, in your individual capacity, represent and warrant that you are authorised to act on behalf of your employer or the business entity and to bind the entity and the entity’s personnel to these Terms.

2. Our Services

2.1 We provide the following services to you:

(a) access to our Platform;
(b) the Integration and Implementation Services;
(c) access to our troubleshooting support (Support Services); and
(d) any Additional Services;

as set out in a Service Order (collectively, our Services).

2.2 We allow you to access an administrator area via the web at https://login.staffcircle.net/ or via your personalised login domain – https://companyname.staffcircle.net.

2.3 Where we require access to your premises or computer systems in order to provide our Services, you agree to provide us with such access free from risk to the safety of our employees and contractors.

2.4 Our Services do not constitute, and are not a substitute for, financial, legal or risk management advice.

2.5 In consideration of your payment of the Platform Fees, we will provide the Platform in accordance with these Terms, in accordance with the Service Levels, and all applicable laws, whether ourselves or through our personnel. We warrant to you that the Platform will be provided using reasonable care and skill.

2.6 We will not be responsible for any other services unless expressly set out in these Terms, on our Platform or a valid Service Order.

2.7 We may change the Platform to reflect changes in relevant laws and regulatory requirements, to implement technical adjustments, improvements, and to keep up-to-date with technological advancements. We will use reasonable endeavours to ensure these changes will not substantially adversely affect your use of the Platform.

2.8 Beta Services: From time to time, we may invite you to try Beta Services. You may accept or decline any such trial at your sole discretion. If you accept, we will provide you with access to the Beta Services at no additional cost. If we provide you with access to any Beta Services, you acknowledge that because of the developmental nature of such Beta Services, you use them at your own risk, we have no obligation to maintain or provide error corrections and the Beta Services will not be subject to the Service Levels. Any Beta Services we provide you with access to are for evaluation purposes only and not for production use, and we may discontinue those services at any time at our sole discretion. The Beta Services may be subject to additional terms and conditions (which if applicable, will be provided to you and that you must accept before you are provided with access to the Beta Services). We will not be liable for, and you waive and release us from and against, any Liability caused or contributed to by, arising from or connected with any Beta Services, and the Beta Services are provided “as is”, and are to the extent permitted by law exclusive of any warranty whatsoever, and to the extent permitted by law we expressly disclaim any warranties of merchantability or fitness for a particular purpose.

3. Accounts

3.1 You must register on the Platform and create an account (Account) to access and use our Platform.

3.2 While you have an Account with us, you agree to keep your information up-to-date (and ensure it remains true, accurate and complete).

3.3 You are responsible for keeping your Account details and your username and password confidential and you will be liable for all activity on your Account, and any activity from one of your Authorised Users. You agree to immediately notify us of any unauthorised use of your Account.

3.4 We may suspend your access to our Services where we reasonably believe there has been any unauthorised access to or use of our Services (such as the unauthorised sharing of login details for our Platform). If we suspend your access to our Services, we will let you know within a reasonable time of doing so, and we will work with you to resolve the matter, or if it cannot be resolved, then we may terminate your Account and your access to our Services will end.

4. Authorised Users

4.1 If set out in the Service Order, you may be permitted to invite a number of users to the Platform, who will be permitted to access and use the Platform under your Account (Authorised Users). Subject to clause 4.5, the Fees include up to the maximum number of Authorised Users as set out in your Service Order.

4.2 An Authorised User account may only be used by one person.

4.3 The Authorised Users will have permission to access certain features of the Platform and your Account, as detailed in your Account and the Service Order.

4.4 You must ensure that each Authorised User complies with these Terms. You are responsible and liable for the acts or omissions of your Authorised Users.

4.5 You may add additional Authorised Users (beyond the maximum amount granted in your Service Order), and you agree that each additional Authorised User will incur additional Platform Fees, priced on a pro-rata basis per additional Authorised User. The additional Platform Fees will be payable on and from the date that you provide access to the Platform to the additional Authorised User. The Platform Fees will be charged on a pro-rata basis if such increase occurs during the then-current Fee period.

4.6 Your Authorised Users may be permitted to access the Platform through our mobile application. If your Authorised User accesses or downloads our mobile application from (1) the Apple App Store, your Authorised User must agree to any Usage Rules set forth in the App Store Terms of Service –or (2) the Google Play Store, your Authorised User must agree to the Android, Google Inc. Terms and Conditions including the Google Apps Terms of Service.

5. Implementation and Integration Services

5.1 In consideration of your payment of the Setup Fee, we agree to provide the Implementation and Integration Services, as set out in the Service Order, including, where applicable, integrating the nominated Third Party Inputs (as set out in a Service Order) with our Platform.

5.2 You acknowledge and agree that there will be a period of time required by us to implement the Platform for your needs. You agree to cooperate, grant us such access as we reasonably require, and provide us with any information we reasonably require while we are performing the Implementation and Integration Services, including providing us with People Data, in a timely manner.

5.3 You agree to pay the Setup Fee in accordance with the payment terms set out in the Service Order.

5.4 We may agree to facilitate integration of our Platform with certain Third Party Inputs, as set out in a Service Order.

5.5 Where you integrate Third Party Inputs to operate alongside our, those Third Party Inputs are independent of us and you are responsible for (meaning we will not be liable for) the services they provide, unless we expressly agree otherwise.

5.6 You acknowledge and agree in respect of Third Party Inputs that:

(a) you are responsible for obtaining and managing all licences for the relevant Third Party Inputs;
(b) you are responsible for paying all fees related to the Third Party Inputs, including in respect of any fees charged by the Third Party Input service provider to integrate into our Platform;
(c) you agree to comply with terms and conditions applicable to the relevant Third Party Inputs at all times; and
(d) we do not make any warranty or representation in respect of any Third Party Inputs.

5.7 To the maximum extent permitted by law, we will not be liable for, and you waive and release us from and against, any Liability that you suffer or incur which is caused or contributed to by, arising from or connected with any Third Party Inputs.

5.8 You acknowledge and agree that if a Third Party Input becomes unavailable or is no longer able to integrate into our Platform, for whatever reason, this will not amount to any breach of these Terms by us and you are not permitted to terminate these Terms.

6. Modules

6.1 We agree to provide you with access to the Modules of the Platform, as set out in your Service Order.

6.2 Where you request us to provide you with additional Modules, we will provide you with a revised amount of the Platform Fees for such additional Module in writing, and you may accept or reject the additional Platform Fees.

6.3 The additional Platform Fees will be payable on and from the date that we provide you and your Authorised Users with access to the additional Module. Any increase to the Platform Fees will be charged on a pro-rata basis if such increase occurs during the then-current Fee period.

6.4 The provision of the additional Module/s will be subject to the Minimum Term for the provision of the Platform, as set out in the Service Order.

7. Support Services

7.1 We will use our best endeavours to make the Support Services available to you between 08:30 and 17:30 GMT/ BST (as applicable) on Business Days.

7.2 You, or your Authorised Users, may access the Support Services by emailing support@staffcircle.com, lodging a ticket in the Platform, or phoning 0203 900 3443 (option 2).

7.3 Unless we agree otherwise, Support Services does not include training, installation or implementation of software or hardware, software development or the modification, deletion or recovery of data or any on-site services.

8. Additional Services

8.1 You may request Additional Services, including support and assistance on a consultancy basis, staff training, or bespoke customisation to the scope or functionality of the Platform, by providing written notice to us.

8.2 We may, at our discretion, provide you with written notice in the form of a Service Order, setting out (among other things) the Additional Services requested and any further fee required for us to undertake the Additional Services.

8.3 If you agree to the Service Order for the Additional Services, we will provide the Additional Services to you in consideration for payment of the relevant additional fee, which will be payable in accordance with the payment terms set out in the Service Order.

8.4 Each Service Order will be subject to, and will be governed by, these Terms and any other conditions set out in the Service Order. To the extent of any ambiguity or discrepancy between a Service Order and these Terms, the terms set out in the Service Order will prevail.

9. Minimum Term and Fees

9.1 Subject to each Party’s right to terminate these Terms in accordance with its terms, these Terms commence on the date that you accept these Terms, and will be subject to a minimum term, as set out in the Service Order (Minimum Term).

9.2 Automatic Renewal: On the expiry of the Minimum Term, these Terms will be automatically renewed for subsequent 12-month periods (each a Renewal Period), unless either Party provides written notice 30 days before the end of the initial Term or the end of the then-current Renewal Period (as applicable) that it does not wish to renew the Terms. Without limiting your rights at law you can cancel the Services at any time in accordance with the “Cancellation” clause of these Terms (clause 16.1) and the cancellation will take effect from expiry of the period for which you have committed to.

9.3 We will invoice you for the Platform Fees on or about the Commencement Date, and on each anniversary of the Commencement Date during the Term. You agree to pay the Platform Fees set out in the invoice within 14 days of the date of invoice.

9.4 You agree that we may set-off or deduct from any monies payable to you under these Terms, any amounts which are payable by you to us (whether under these Terms or otherwise).

9.5 To the extent permitted by law, the Fees are non-refundable and non-cancellable once paid.

9.6 We may need to change the Platform Fees from time to time. If we change the Platform Fees, we will provide you with 30 days’ notice of the change. After 30 days, we will apply the updated Fee to the Services. If the updated Fee is not acceptable to you, you may cancel the Services in accordance with the ‘Cancellation’ clause.

9.7 If any payment has not been made in accordance with the relevant payment terms, we may (at our absolute discretion) charge interest at a rate equal to 4% above the Bank of England’s base rate, from time to time, but at 4% a year for any period when that base rate is below 0%, per annum, calculated daily and compounding monthly, on any such amounts unpaid after the due date for payment.

9.8 Taxes: You are responsible for paying any levies or taxes associated with your use of our Services, for example, sales taxes, value-added taxes or withholding taxes (unless we are required by law to collect these on your behalf).

10. Platform Licence

10.1 While you have an Account, we grant you a right to use our Platform (which may be suspended or revoked in accordance with these Terms). This right cannot be passed on or transferred to any other person.

10.2 You must not, and must ensure that your Authorised Users do not:

(a) access or use our Platform in any way that is improper or breaches any laws, infringes any person’s rights (for example, intellectual property rights and privacy rights), or gives rise to any civil or criminal liability;
(b) interfere with or interrupt the supply of our Platform, or any other person’s access to or use of our Platform;
(c) introduce any viruses or other malicious software code into our Platform;
(d) use any unauthorised or modified version of our Platform, including but not limited to for the purpose of building similar or competitive software or for the purpose of obtaining unauthorised access to our Platform;
(e) attempt to access any data or log into any server or account that you are not expressly authorised to access;
(f) use our Platform in any way that involves service bureau use, outsourcing, renting, reselling, sublicensing, concurrent use of a single user login, or time-sharing;
(g) circumvent user authentication or security of any of our networks, accounts or hosts or those of any third party; or
(h) access or use our Platform to transmit, publish or communicate material that is, defamatory, offensive, abusive, indecent, menacing, harassing or unwanted.

11. Availability, Disruption and Downtime

11.1 While we strive to always make our Services available to you, we do not make any guarantees that these will be available 100% of the time. Our Services may be disrupted during certain periods, including, for example, as a result of scheduled or emergency maintenance.

11.2 Our Services (including our Platform) may interact with, or be reliant on, products or services provided by third parties, such as cloud hosting service providers. To the maximum extent permitted by law, we are not liable for disruptions or downtime caused or contributed to by these third parties.

11.3 We will try to provide you with reasonable notice, where possible, of any disruptions to your access to our Services.

11.4 We will provide the Services in accordance with the Service Levels.

12. Intellectual Property and Data

12.1 You acknowledge and agree that any Intellectual Property or content (including copyright and trademarks) available on the Platform, the Platform itself (including how it looks and functions), any algorithms or machine learning models used on the Platform, as well as our copyrighted works, trademarks, inventions, designs and other intellectual property (Our Intellectual Property) will at all times vest, or remain vested, in us.

12.2 We authorise you to use Our Intellectual Property solely for your limited commercial use. You must not exploit Our Intellectual Property for any other purpose, nor allow, aid or facilitate such use by any third party. Use must be limited to Authorised Users on devices that are controlled or approved by you.

12.3 You must not, without our prior written consent:

(a) copy, in whole or in part, any of Our Intellectual Property;
(b) reproduce, retransmit, distribute, disseminate, sell, publish, broadcast or circulate any of Our Intellectual Property to any third party; or
(c) breach any intellectual property rights connected with the Platform, including (without limitation) altering or modifying any of Our Intellectual Property, causing any of Our Intellectual Property to be framed or embedded in another website, or creating derivative works from any of Our Intellectual Property.

Your Data

12.4 You own all data, information, personal data, or content you and your Authorised Users upload into the Platform (Your Data), as well as any data or information output from the Platform using Your Data as input (Output Data). Note that Output Data does not include the Analytics (as described below).

12.5 You grant us a limited licence to copy, transmit, store, backup and/or otherwise access or use Your Data and the Output Data to:

(a) communicate with you;
(b) supply the Platform to you and otherwise perform our obligations under these Terms;
(c) diagnose problems with the Platform;
(d) enhance and otherwise modify the Platform;
(e) perform Analytics;
(f) develop other services, provided we de-identify Your Data; and
(g) as reasonably required to perform our obligations under these Terms.

12.6 You agree that you are solely responsible for all of Your Data that you and your Authorised Users make available on or through the Platform. You represent and warrant that:

(a) you are either the sole and exclusive owner of Your Data or you have all rights, licences, consents and releases that are necessary to grant to us the rights in Your Data (as contemplated by these Terms); and
(b) neither Your Data nor the posting, uploading, publication, submission or transmission of Your Data or our use of Your Data on, through or by means of our Platform will infringe, misappropriate or violate a third party’s intellectual property rights, or rights of publicity or privacy, or result in the violation of any applicable law or regulation.

12.7 You acknowledge and agree that we may monitor, analyse and compile statistical and performance information based on and/or related to your use of the Platform, in an aggregated and anonymised format (Analytics). You acknowledge and agree that we own all rights in the Analytics, and that we may use the Analytics for our own business purposes, provided that the Analytics do not contain any identifying information.

12.8 We do not endorse or approve, and are not responsible for, any of Your Data.

12.9 You are responsible for (meaning we are not liable for) the integrity of Your Data on your systems, networks or any device controlled by you.

12.10 You acknowledge and agree that the Platform and the integrity and accuracy of the Output Data is reliant on the accuracy and completeness of Your Data, and the provision by you of Your Data that is inaccurate or incomplete may affect the use, output and operation of the Platform.

12.11 This clause will survive the termination or expiry of these Terms.

13. Security

Subject to the terms of these Terms, we will establish and maintain appropriate, reasonable technical and organisational security measures in accordance with good industry practice to keep Your Data secure. StaffCircle’s security policy is detailed in the StaffCircle Security Policy document available at www.staffcircle.com/security-policy/.

14. Your Warranties

14.1 You represent, warrant and agree that:

(a) you will not use our Platform, including Our Intellectual Property, in any way that competes with our business;
(b) there are no legal restrictions preventing you from entering into these Terms;
(c) all information and documentation that you provide to us in connection with these Terms is true, correct and complete; and
(d) you have not relied on any representations or warranties made by us in relation to the Platform (including as to whether the Platform is or will be fit or suitable for your particular purposes), unless expressly stipulated in these Terms.

15. Limitations on and Exclusions to our Liability

15.1 Neither Party may benefit from the limitations and exclusions set out in this clause in respect of any liability arising from its deliberate default.

15.2 The restrictions on liability in this clause 15 apply to every liability arising under or in connection with these Terms including liability in statute, contract, equity, tort (including negligence), misrepresentation, restitution, indemnity or otherwise.

15.3 Nothing in these Terms limits any Liability which cannot legally be limited, including Liability for:

(a) death or personal injury caused by negligence;
(b) fraud or fraudulent misrepresentation; and
(c) defective products under the Consumer Protection Act 1987.

15.4 To the maximum extent permitted by law, we shall have no Liability for any Third Party Products or Services, or any unavailability of the Platform due to a failure of the Third Party Products or Services.

15.5 Subject to clauses 15.1 (no limitation in respect of deliberate default) and 15.3 (liability which cannot legally be limited), but despite anything to the contrary, to the maximum extent permitted by law:

(a) neither Party will be liable for any Consequential Loss;
(b) a party’s liability for any liability under these Terms will be reduced proportionately to the extent the relevant liability was caused or contributed to by the acts or omissions of the other party, including any failure by that other party to mitigate its loss; and

15.6 Our aggregate liability for any and all Liabilities arising from or in connection with these Terms will be limited to an amount of 100% of the Fees paid by you to us.

15.7 We have given commitments as to the compliance of the Platform with these Terms and applicable Laws in clause 2.5. In view of these commitments, the terms implied by sections 3, 4 and 5 of the Supply of Goods and Services Act 1982 are, to the maximum extent permitted by law, excluded from these Terms.

15.8 This clause will survive the termination or expiry of these Terms.

16. Termination

16.1 Cancellation: You may request to cancel the Services at any time by notifying us via email. Your cancellation will take effect from the end of the Minimum Term/ Renewal Term, as the case may be.

16.2 If you cancel the Services because we have changed the Platform Fees in accordance with clause 9.6, then the termination of the Services will take effect on and from the date that the Platform Fees change, and we will refund you for any Platform Fees that you have paid upfront but have not been used on a pro-rata basis.

16.3 Either Party may terminate these Terms if:

(a) the other Party breaches these Terms and does not remedy that breach within 60 days of being notified of the breach; or
(b) the other Party experiences an insolvency event (including but not limited to bankruptcy, receivership, voluntary administration, liquidation, or entering into creditors’ schemes of arrangement).

16.4 We may terminate these Terms (meaning you will lose access to our Services, including access to your Account) if you do not pay the Fees as they fall due, or where you breach a material term of these Terms which cannot be remedied.

16.5 Should we suspect that you are in breach of these Terms, we may suspend your access to the Platform while we investigate the suspected breach.

16.6 Upon expiry or termination of the Services, we will retain Your Data (including copies) as required by law or regulatory requirements (and where we have entered into a data processing agreement with you, in accordance with the data processing agreement).

16.7 Where termination is due to our breach of these Terms, we agree to refund you for any prepaid unused Platform Fees on a pro-rata basis.

16.8 Termination of the Services will not affect any rights or liabilities that a Party has accrued under these Terms.

16.9 This clause will survive the termination or expiry of these Terms.

17. General

17.1 Assignment: Subject to the below clause, a Party must not assign or deal with the whole or any part of its rights or obligations under these Terms without the prior written consent of the other Party (such consent is not to be unreasonably withheld).

17.2 Assignment of Debt: You agree that we may assign or transfer any debt owed by you to us, arising under or in connection with these Terms, to a debt collector, debt collection agency, or other third party.

17.3 Contracts (Rights of Third Parties) Act 1999: Notwithstanding any other provision of these Terms, nothing in these Terms confers or is intended to confer any right to enforce any of its terms on any person who is not a party to it.

17.4 Disputes: Neither we or you may commence court proceedings relating to any dispute, controversy or claim arising from, or in connection with, these Terms (including any question regarding its existence, validity or termination) (Dispute) unless we and you first meet (in good faith) to resolve the Dispute. Nothing in this clause will operate to prevent us or you from seeking urgent injunctive or equitable relief from a court of appropriate jurisdiction.

If the Dispute is not resolved at that initial meeting:

(a) where you are resident or incorporated in England and Wales, refer the matter to mediation, administered by The Centre for Effective Dispute Resolution; or
(b) where you are not resident or incorporated in England and Wales, refer the matter to arbitration administered by the London Court of International Arbitration (LCIA), with such arbitration to be conducted in London, before one arbitrator, in English and in accordance with the LCIA Arbitration Rules.

17.5 Force Majeure: To the maximum extent permitted by law, we shall have no Liability for any event or circumstance outside of our reasonable control.

17.6 Marketing: You agree that we may send you electronic communications about our products and services. You may opt-out at any time by using the unsubscribe function in our electronic communications

17.7 Governing law: These Terms are governed by the laws of England and Wales. Each Party irrevocably and unconditionally submits to the exclusive jurisdiction of the courts operating in England and Wales and any courts entitled to hear appeals from those courts and waives any right to object to proceedings being brought in those courts. The Platform may be accessed in the UK and overseas. We make no representation that the Platform complies with the laws (including intellectual property laws) of any country outside of the UK. If you access the Platform from outside the UK, you do so at your own risk and are responsible for complying with the laws in the place you access the Platform. The United Nations Convention of Contracts for the International Sale of Goods is expressly excluded from these Terms.

17.8 Notices: Any notice given under these Terms must be in writing addressed to us at the details set out below or to you at the details provided in your Account. Any notice may be sent by standard post or email, and will be deemed to have been served on the expiry of 48 hours in the case of post, or at the time of transmission in the case of transmission by email.

17.9 Publicity: You agree that, we may advertise or publicise the fact you are a customer of ours, for example on our website or in our promotional material, and you grant us a right to display and use your logo and branding solely for that purpose.

17.10 Privacy: All personal data you and your Authorised Users provide to us will be treated in accordance with our privacy policy. You can find our privacy policy at www.staffcircle.com/privacy-policy. To the extent that we act as the Processor of any Personal Data of which you are the Controller (as these terms are defined in the UK GDPR), our Data Processing Addendum (available as an attachment to these Terms) forms part of this Agreement.

17.11 Severance: If a provision of these Terms is held to be void, invalid, illegal or unenforceable, that provision is to be read down as narrowly as necessary to allow it to be valid or enforceable, failing which, that provision (or that part of that provision) will be severed from these Terms without affecting the validity or enforceability of the remainder of that provision or the other provisions in these Terms.

17.12 Third party sites: The Platform may contain links to websites operated by third parties. Unless we tell you otherwise, we do not control, endorse or approve, and are not responsible for, the content on those websites. We recommend that you make your own investigations with respect to the suitability of those websites. If you purchase goods or services from a third party website linked from the Platform, such third party provides the goods and services to you, not us. We may receive a benefit (which may include a referral fee or a commission) should you visit certain third-party websites via a link on the Platform (Affiliate Link) or for featuring certain products or services on the Platform. We will make it clear by notice to you which (if any) products or services we receive a benefit to feature on the Platform, or which (if any) third party links are Affiliate Links.

18. Definitions

Beta Services means any services, software or functionality provided by us that are not generally available to customers and which are designated as beta, pilot, limited release, developer preview, non-production, evaluation, or by a similar description.

Business Day means a day on which banks are open for general banking business in England, excluding Saturdays, Sundays and bank holidays.

Consequential Loss includes any consequential loss, indirect loss, real or anticipated loss of profit, loss of benefit, loss of revenue, loss of business, loss of goodwill, loss of opportunity, loss of savings, loss of reputation, loss of use and/or loss or corruption of data, whether under statute, contract, equity, tort (including negligence), indemnity or otherwise.

Fees means all fees payable by you for the Services.

Integration and Implementation Services means the services we provide to implement the Platform to your specifications, or to integrate the Platform with a Third Party Input, as set out in a Service Order.

Intellectual Property means any copyright, registered or unregistered designs, patents or trade marks, business names, get-up, goodwill, domain names, know-how, inventions, processes, trade secrets or confidential information, circuit layouts, software, computer programs, databases or source codes, including any application for registration of, and any improvements, enhancements or modifications of, the foregoing, and any right to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future, including in respect of the foregoing.

Liability means any expense, cost, liability, loss, damage, claim, notice, entitlement, investigation, demand, proceeding or judgment (whether under statute, contract, equity, tort (including negligence), misrepresentation, restitution, indemnity or otherwise), howsoever arising, whether direct or indirect and/or whether present, unascertained, future or contingent and whether involving a third party or a party to these Terms or otherwise.

Module means feature of the Platform.

People Data means any information we require from you, as requested by us, to complete the Integration and Implementation Services.

Platform Fees means the fees we charge in consideration for our provision of the Platform, as set out in a Service Order and amended in accordance with these Terms.

Service Order means a service order issued by us under these Terms, setting out (amongst other things) the Services requested.

Service Levels means the minimum service performance metrics for our performance of the Services, as set out at https://www.staffcircle.com/service-level-agreement/.

Setup Fee means the fees payable by you for the Integration and Implementation Services.

Third Party Inputs means third parties or any goods and services provided by third parties, including software, which the provision of the Services may be contingent on, or impacted by.

UK GDPR means Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) as incorporated into United Kingdom law as the Data Protection Act 2018 by virtue of Section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018.

For questions about these Terms, or to get in touch with us, contact us using the details below:

Our contact details:

StaffCircle Ltd, a company established in England and Wales with company registration number 10691841.

Phone number: +44 203 900 3443 (UK), +1 617 795 1777 (US), +1 437 253 7788 (CAN)

Geographical address: LCB Depot, 31 Rutland Street, Leicester, England LE1 1RE, United Kingdom

Email address: sales@staffcircle.com


These Terms were last updated on 23 February 2024.


ATTACHMENT 1 – DATA PROCESSING ADDENDUM

To the extent that we act as a Processor and you act as a Controller of the Company Personal Data, this Data Processing Addendum (DPA) is incorporated into the Terms of Service (Terms) entered into between the Parties.

This DPA is made between:

1. StaffCircle Ltd, a company registered in England and Wales, with company number 10691841 of LCB Depot, 31 Rutland Street, Leicester, England LE1 1RE, United Kingdom (we, us or our); and
2. The customer who signs up for an Account on the Platform, as set out in the Service Order (you or your),

together the Parties and each a Party.

Background

A. The Parties have entered into the Terms of Service for the provision of Services.
B. In the processing of Company Personal Data in connection with the Terms, we act as a Processor, and you are a Controller.
C. We may also act as a Controller of Company Personal Data which we require from you in order for you to create an Account on the Platform.

1. Commencement and Term

1.1 This DPA will commence on the date that the Terms are entered into, and will continue for as long as the Terms remains in effect, or we retain any of the Company Personal Data in our possession or control (whichever is longer) (Term).

1.2 Where you make any deletions or other revisions to this DPA, this DPA will be null and void, unless otherwise agreed by us in writing.

1.3 By entering into this DPA, each Party agrees to be bound by the terms and conditions set out in this DPA, in exchange for the other Party also agreeing to be bound by this DPA.

2. Processing of Personal Data

2.1 Each Party agrees to comply with Applicable Data Protection Law in the Processing of Company Personal Data.

2.2 You instruct us to process Personal Data in accordance with this DPA (including in accordance with Annex 1).

2.3 We agree to not process Company Personal Data other than on your documented instructions.

3. Your Personnel

We agree to take reasonable steps to ensure the reliability of any of our Personnel who may have access to the Company Personal Data, ensuring in each case that:

(a) access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Terms; and
(b) the relevant Personnel are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

4. Security

4.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we agree to implement appropriate technical and organisational measures in relation to the Company Personal Data to ensure a level of security appropriate to that risk in accordance with Applicable Data Protection Law, and as further particularised in Annex 2.

4.2 In assessing the appropriate level of security, we agree to take into account the risks that are presented by Processing, in particular from a Personal Data Breach.

5. Sub-Processing

5.1 You authorise our engagement of the Sub-Processors already engaged by us at the date of this DPA, which are set out at Annex 3.

5.2 Where we wish to engage a new Sub-Processor, we agree to provide written notice to you of the details of the engagement of the Sub-Processor at least 14 days’ prior to engaging the new Sub-Processor (including details of the processing it will perform). You may object in writing to our appointment of a new Sub-Processor within 7 days of such notice, provided that such objection is based on reasonable grounds relating to data protection. In such event, the Parties will discuss such concerns in good faith with a view to achieving resolution. If the Parties are not able to achieve resolution, we may, at our election:

(a) not appoint the proposed Sub-Processor;
(b) not disclose any Company Personal Data we process on your behalf to the proposed Sub-Processor; or
(c) inform you that we may terminate the Terms(including this DPA) for convenience, in which case, clause 2.2 will apply.

5.3 You agree that the remedies described above in clauses 5.2(a)-(c) are the only remedies available to you if you object to any proposed Sub-Processor by us.

5.4 Where we engage a Sub-Processor to process Company Personal Data, we agree to enter into a written agreement with the Sub-Processor containing data protection obligations no less protective that those in this DPA with respect to the Company Personal Data, and to remain responsible to you for the performance of such Sub-Processor’s data protection obligations under such terms.

5.5 Where the transfer of Company Personal Data from us to a Sub-Processor is a Restricted Transfer, it will be subject to the UK Addendum (and documents or legislation referred to within it), which shall be deemed to be incorporated into this DPA, and the UK Addendum is considered an appropriate safeguard.

6. Data Subject Rights

6.1 Taking into account the nature of the Processing, we agree to assist you by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligations, as reasonably understood by you, to respond to requests to exercise Data Subject rights under the Applicable Data Protection Law.

6.2 We agree to:

(a) promptly notify you if we receive a request from a Data Subject under any Applicable Data Protection Law in respect of Company Personal Data; and
(b) ensure that we do not respond to that request except on your documented instructions or as required by Applicable Data Protection Law to which we are subject, in which case we shall, to the extent permitted by Applicable Data Protection Law, inform you of that legal requirement before we (or our Sub-Processor) respond to the request.

7. Personal Data Breach

7.1 We agree to notify you without undue delay upon becoming aware of a Personal Data Breach affecting Company Personal Data, providing you with sufficient information to allow you to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.

7.2 We agree to co-operate with you and take reasonable commercial steps as are directed by you to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

7.3 If you decide to notify a Supervisory Authority, Data Subjects or the public of a Company Personal Data Breach, you agree to provide us with advance copies of the proposed notices and, subject to Applicable Data Protection Law (including any mandated deadlines under the UK GDPR), allow us an opportunity to provide any clarifications or corrections to those notices.

8. Data Protection Impact Assessment and Prior Consultation

We agree to provide reasonable assistance to you with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which you reasonably consider to be required by article 35 or 36 of the UK GDPR or equivalent provisions of any other Data Protection Law (to the extent you do not otherwise have access to the relevant information and such information is in our control).

9. Deletion or return of Personal Data

Subject to this clause 9, and subject to any document retention requirements at law, we agree to promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Company Personal Data (Cessation Date), delete and procure the deletion of all copies of those Company Personal Data.

10. Audit Rights

10.1 Subject to this clause 10, where required by law, we shall make available to you on request all information reasonably necessary to demonstrate compliance with this DPA, and shall allow for and contribute to audits, including inspections, by you or an auditor mandated by you in relation to the Processing of the Company Personal Data by us.

10.2 Where clause 10.1 applies, any audit (or inspection):

(a) must be conducted during our regular business hours, with reasonable advance notice (which shall not be less than 30 days);
(b) will be subject to our reasonable confidentiality procedures;
(c) must be limited in scope to matters specific to you and agreed in advance with us;
(d) must not require us to disclose to you any information that could cause us to breach any of our obligations under Applicable Data Protection Law;
(e) to the extent we need to expend time to assist you with the audit (or inspection), this will be funded by you, in accordance with pre-agreed rates; and
(f) may only be requested by you a maximum of one time per year, except where required by a competent Supervisory Authority or where there has been a Personal Data Breach in relation to Company Personal Data, caused by us.

10.3 Information and audit rights of you only arise under section 10.1 to the extent that the Terms does not otherwise give it information and audit rights meeting the relevant requirements of Applicable Data Protection Law.

11. Liability

Despite anything to the contrary in the Terms or this DPA, to the maximum extent permitted by law, the Liability of each Party and its affiliates under this DPA is subject to the exclusions and limitations of Liability set out in the Platform Terms and Conditions.

12. Termination

12.1 Each Party agrees that a failure or inability to comply with the terms of this DPA and/or the Applicable Data Protection Law constitutes a material breach of the Platform Terms and Conditions. In such event, you may, without penalty:

(a) require us to suspend the processing of Company Personal Data until such compliance is restored; or
(b) terminate the Terms effective immediately on written notice to us.

12.2 In the case of such suspension or termination, we shall provide a prompt pro-rata refund of all sums paid in advance under the Terms which relate to the period of suspension or the period after the date of termination (as applicable).

12.3 Notwithstanding the expiry or termination of this DPA, this DPA will remain in effect until, and will terminate automatically upon, deletion by us of all Company Personal Data covered by this DPA, in accordance with this DPA.

13. General

13.1 Amendment: Other than as expressly permitted under this DPA and to the extent permitted by law, this DPA may only be amended by written instrument executed by the Parties.

13.2 Assignment: A Party must not assign or deal with the whole or any part of its rights or obligations under this DPA without the prior written consent of the other Party (such consent not to be unreasonably withheld).

13.3 Confidentiality: Each Party agrees to keep this DPA and any information it receives about the other Party and its business in connection with this DPA (Confidential Information) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:

(a) disclosure is required by law; or
(b) the relevant information is already in the public domain.

13.4 Contracts (Rights of Third Parties) Act 1999: Notwithstanding any other provision of this DPA, nothing in this DPA confers or is intended to confer any right to enforce any of its terms on any person who is not a party to it.

13.5 Counterparts: This DPA may be executed in any number of counterparts that together will form one instrument.

13.6 Order of Precedence: In the event of any conflict or inconsistency between the agreements entered into between the Parties, the Addendum shall prevail, then the Annexes, followed by this DPA and then the Platform Terms and Conditions.

13.7 Governing law and disputes: This DPA is governed by the laws of England and Wales. Each Party irrevocably and unconditionally submits to the exclusive jurisdiction of the courts operating in England and Wales and any courts entitled to hear appeals from those courts and waives any right to object to proceedings being brought in those courts.

13.8 Notices: Any notice given under this DPA must be in writing addressed to the relevant address last notified by the recipient to the Parties. Any notice may be sent by standard post or email, and will be deemed to have been served on the expiry of 48 hours in the case of post, or at the time of transmission in the case of transmission by email.

13.9 Severance: If a provision of this DPA is held to be void, invalid, illegal or unenforceable, that provision is to be read down as narrowly as necessary to allow it to be valid or enforceable, failing which, that provision (or that part of that provision) will be severed from this DPA without affecting the validity or enforceability of the remainder of that provision or the other provisions in this DPA.

14. Definitions and Interpretation

14.1 In this DPA, unless the context otherwise requires, all terms have the meanings given to them in the Appendices and Annexures, and:

Account has the meaning given to it in the Platform Terms and Conditions.

Applicable Data Protection Law means the laws and regulations applicable to the processing of Personal Data by the Parties in connection with the Platform Terms and Conditions, including the Data Protection Act 2018 (including the UK GDPR), and where applicable, the EU GDPR.

Company Personal Data means any Personal Data Processed by us on behalf of you in connection with the Platform Terms and Conditions (and where we are also acting as a Controller, any Personal Data we process in connection with the Terms).

DPA means this Data Processing Agreement and all Annexes attached to it.

EU GDPR means Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation).

Liability means any expense, cost, liability, loss, damage, claim, notice, entitlement, investigation, demand, proceeding or judgment (whether under statute, contract, equity, tort (including negligence), misrepresentation, restitution, indemnity or otherwise), howsoever arising, whether direct or indirect and/or whether present, unascertained, future or contingent and whether involving a third party or a Party to this DPA or otherwise.

Platform has the meaning given to it in the Terms.

Terms means the terms and conditions for the Platform, as agreed between the Parties.

Personnel means in respect of a Party, any of its employees, consultants, and subcontractors.

Restricted Transfer means a transfer of personal data from the United Kingdom to any other country which is not subject to adequacy regulations pursuant to Section 17A of the United Kingdom Data Protection Act 2018.

Services means the services the subject of the Terms.

Sub-Processor means any person appointed by or on behalf of us to process Company Personal Data on behalf of you in connection with the Terms.

UK GDPR means the EU GDPR as incorporated into United Kingdom law as the Data Protection Act 2018 by virtue of Section 3 of the United Kingdom’s European Union (Withdrawal) Act 2018.

UK Addendum means the international data transfer addendum to the European Commission’s standard contractual clauses for international data transfers approved by the Information Commissioner’s Office under section 119A of the Data Protection Act 2018 on 21 March 2022 (version B.1.0), and as updated from time to time.

14.2 The terms, “Commission”, “Controller”, “Data Subject”, “Member State”, “Personal Data”, “Personal Data Breach”, “Processor”,“Processing” and “Supervisory Authority” shall have the same meaning as in the EU GDPR or UK GDPR, as applicable.

14.3 The word include shall be construed to mean include without limitation.


ANNEX 1

ANNEX 1A – LIST OF PARTIES

we, us or our
StaffCircle Ltd, a company established in England and Wales, with company number 10691841.

Address: LCB Depot, 31 Rutland Street, Leicester, England LE1 1RE, United Kingdom

Email: sales@staffcircle.com

Key contact person’s contact details and role: name, role, email address, contact address

Role: Where you provide personal data to us to sign up to our Services, we are acting as a Controller. For all other personal data processed in the course of providing the Services, we are acting as a Processor.

you or your
Name: The individual or entity who signed up to an Account with us.

Address: Your address as specified when signing up to our Services.

Email: Your email address as specified when signing up to our Services.

Key contact person’s contact details and role: As specified when signing up to our Services.

Role: Controller.

ANNEX 1B: DESCRIPTION OF TRANSFER

Personal Data Transferred

  • Identity Data including first name, middle name, last name, maiden name, title, date of birth, gender, job title, photographic identification, marital status, pronouns and images of [insert].
  • Contact Data of [insert types of data subjects] including billing addresses, delivery addresses, email addresses and telephone numbers.
  • Employee details including Identity Data and Contact Data of past, present and future employees.
  • Financial Data including bank account and payment card details.
  • Background Verification Data including passport numbers, driver licence numbers, photographic identification, [insert details requested as part of onboarding or verification or Know Your Customer] process to comply with due diligence obligations, anti-money laundering laws and related ongoing monitoring commitments.
  • Technical and Usage Data including internet protocol (IP) address, login data, browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour, information about user access and use of our website, including through the use of Internet cookies, communications with our website, the type of browser used by users, the type of operating system used by users and the domain name of users’ Internet service provider.
  • Profile Data including usernames and passwords for our platform, profile pictures, purchases or orders made with us, support requests made with us, content posted and shared through our platform.
  • Marketing and Communications Data including preferences in receiving marketing from us and our third parties and communication preferences.
  • Professional data including job descriptions of employees and professional history of potential candidates such as previous positions and professional experience.

Special Categories of Personal Data and criminal convictions and offences

Special Categories of Data will not be processed.

Relevant Data Subjects

  • authorised users of the Services; and
  • anyone about whom personal data is input into the Service.

Frequency of the transfer

Continuous

Nature of the transfer

As specified in the Terms and this DPA, including without limitation:

  • use by us of Company Personal Data to provide the Services;
  • collection, organisation, retrieval and other processing of Company Personal Data by us necessary to provide, maintain and improve the Services; and
  • transmission, disclosure and dissemination of Company Personal Data to provide the Services in accordance with the Terms or as compelled by law.

Purpose of processing

The purpose of the transfer and processing are as specified in the Terms and this DPA.

Duration of the Processing

The term of the Terms and for a period of 30 days after termination or expiry of the Terms.

ANNEX 2

TECHNICAL AND ORGANISATIONAL MEASURES INCLUDING TECHNICAL AND ORGANISATIONAL MEASURES TO ENSURE THE SECURITY OF THE DATA

TECHNICAL AND ORGANISATIONAL MEASURESDETAILS
Designated data protection officer (if required) or privacy managerNikki Owen
Security certificationsISO 27001
Internal policies e.g. security policy, data retention and deletion policiesSecurity policy: https://www.staffcircle.com/security-policy/
Data Protection Policy: https://www.staffcircle.com/data-protection-policy/
Pseudonymisation and encryption of personal dataWe ensure robust encryption measures for data at rest when utilizing Azure services. This includes employing industry-standard encryption protocols to safeguard sensitive information stored within our systems. Additionally, HTTPS is employed to secure all web traffic, ensuring the confidentiality and integrity of data transmitted over the internet.
Product security featuresProduct Security Features; the StaffCircle platform has numerous levels of security including Multi-Factor Authentication, Security Profiles which limit specific user groups to certain actions and an Audit Log which provides automated logging of adds, edits and removal of data.
Network securityIntrusion detection and prevention processes are performed by our hosting providers Microsoft Azure to ensure the maximum security of the StaffCircle platform. Distributed Denial of service (DDoS) is mitigated by our hosting provider Microsoft Azure to ensure the maximum uptime of the StaffCircle platform.
Physical security and disaster recoveryLogical access to the StaffCircle production systems are restricted to our core operations team and we log and monitor access to the systems on a regular basis. Our systems are protected by various layers of security including VPN access gateways and authorised personnel are granted access only using 2-factor authentication.

Physical access to our platforms across the two Azure Data-centre locations are strictly controlled by Microsoft Azure security teams.

All StaffCircle Customers are guaranteed a 99.9% uptime of StaffCircle platform services

Disaster recovery: https://www.staffcircle.com/legal/policy-documents/#disaster
Human resources securityAppropriate background checks are conducted on all employees in accordance with documented policies.

Business obtains written commitment of employees and contractors to maintain confidentiality in employment contracts and contractors agreements.

Access is revoked on a timely basis in accordance with security procedures upon the departure of any personnel.

Password policy that prohibits the sharing of passwords, outlines processes after a disclosure of a password and requires the regular change of passwords.

ANNEX 3

LIST OF SUBPROCESSORS

[available at [insert URL]]

OR

SUB-PROCESSORLOCATION PURPOSE/ SERVICESWEBSITE & CONTACT DETAILS
e.g. Google LLCe.g. United Statese.g. cloud services, website hosting, and data centre servicese.g. https://cloud.google.com/
1600 Amphitheatre Parkway
Mountain View, California USA 94043