Rightcheck - Simple, Secure, Digital Right to Work Solution

Rightcheck Terms of Use

Last Updated: 16th April 2024

Introduction

This agreement describes how you are licensed to use the Rightcheck platform and software. We may update this agreement at any time, the most recent versions can be accessed on our website. We will make reasonable efforts to communicate any changes to you via an email notification, but it is up to you to ensure that you regularly check, read, understand and agree to the most recent version of this agreement as you will be deemed to accept all updates if you continue to access and use Rightcheck.

1. Definitions and Interpretation

In this Agreement, unless the context otherwise requires, the following expressions shall have the following meanings:

  • “Additional Services” means the Subscriber may purchase, or subscribe to third party complimentary products or software services that integrate with Rightcheck;
  • “Agreement” means these Terms of Use;
  • “Commencement Date” means date upon which this Agreement is accepted by or on behalf of both Parties;
  • “Confidential Information” has the meaning given to that term in Clause 5.1;
  • “Control” means, in relation to a body corporate, the power to secure that its affairs are conducted in accordance with the wishes of the controlling body, as defined in Sections 1161 of the Companies Act 2006, and “Controlled” shall be construed accordingly;
  • “Documentation” means the user instructions, installation guide and all other written or electronic information supplied to the Subscriber by Rightcheck, but excluding marketing literature and materials, which describe the software as may be updated from time to time by Rightcheck;
  • Fees” means the fees payable by the Subscriber under the terms of this Agreement for use of Rightcheck in accordance with this agreement;
  • “Intellectual Property Rights” means any trademarks, domain names, design rights, patents, copyright and moral rights, rights in databases, rights in confidential information and all other intellectual property rights, in each case, whether registered or unregistered (and including applications for the grant of any of the foregoing) and all rights or forms of protection having equivalent or similar effect to any of the foregoing which may subsist anywhere in the world;
  • “Licence Period” – the period and length of time which the Subscriber may use the Software from and including the Commencement Date;
  • “Party” means either Rightcheck or the Subscriber (as appropriate) and “Parties” shall be construed accordingly;
  • “Rightcheck Trade Marks” means any Rightcheck trade mark and/or logo which from time to time may be incorporated into or appear as part of the Software and/or Documentation;
  • “Rightcheck” means Rightcheck software which is branded and produced by T4 Communications UK Limited, registered in England, company number 06240820
  • “Software” means both the Rightcheck mobile IOS or Android apps, the Rightcheck web-based management portal and Rightcheck API. 
  • “Subscriber” means the customer who subscribes to use the Software, and, where the context permits, includes any user or administrator designated by the customer to use the Software.
  • “Support Services” means the support services specified in Clause 12;
  • “Update” means any update to the Software and Documentation which may be issued by Rightcheck from time to time;
  • “Working Day” means 9am to 5pm Monday to Friday excluding English Bank holidays and Public holidays.

Save to the extent that the context or the express provisions of the Agreement require otherwise, in this Agreement:

  • (a) words importing the singular shall include the plural and vice versa;
  • (b) words importing any gender shall include all other genders;
  • (c) any reference to a Clause or Schedule is to the relevant clause or schedule in or to this Agreement;
  • (d) reference to this Agreement or any other document shall be construed as reference to this Agreement or that document as modified, amended, varied, supplemented, assigned, novated or replaced from time to time;
  • (e) references to any statute or statutory provision (including any subordinate legislation) include any statue or statutory provision which amends, extends, consolidates or replaces the same, and shall include any orders, regulations, instruments or other subordinate legislation made under the relevant statute;
  • (f) references to a “person” includes any individual, firm, company, corporation, body corporate, government, state or agency of a state, trust or foundation, or any unincorporated body, association or partnership (whether or not having separate legal personality) of two or more of the foregoing;
  • (g) any phrase introduced by the words “including”, “include”, “in particular” or any cognate expression shall be construed as illustrative only and shall not be construed as limiting the generality of any preceding words; and
  • (h) the words “other” and “otherwise” shall not be construed generis with any foregoing words where a wider construction is possible.

The headings to Clauses are inserted for convenience only and shall not affect the interpretation or construction of this Agreement.

2. Commencement and Duration

This Agreement shall come into force on the date you confirm the subscription and remain in force for the duration of the subscription period, or until terminated by either Party in accordance with Clause 13.

3. Licence

  • 3.1 Rightcheck hereby grants to the Subscriber a non-exclusive, non-transferable, non-sublicensable (except in accordance with the terms of this Agreement) licence for the Licence Period to:
  • 3.1.1 use the Software in accordance with this Agreement and the Documentation or as otherwise allowed by us in writing. The Subscriber may not use the Software in any other way. 
  • 3.1.2 the Subscriber will pay to Rightcheck the appropriate Fee calculated in accordance with Clause 4.
  • 3.2 It shall be the Subscriber’s responsibility to ensure the Software is used in conjunction with equipment, hardware and software which meets the minimum capacity requirements listed in the Documentation and that the Subscriber’s use of the Software is not in breach of any relevant legislation or other legal requirement, including without limitation the requirements of the UK GDPR Data Protection Act 2018 and any regulations made under that
  • 3.3 The Software has been designed to facilitate and not substitute the Subscriber’s responsibility when carrying out right to work and other recruitment and background screening checks. The Subscriber is still responsible for making sure the check is completed in its entirety and to the best of their ability. Rightcheck will not, pursuant to this Agreement, perform any management functions or make any judgements or decisions for the Subscriber. While Rightcheck may in the course of performing its obligations under this Agreement provide advice on matters relevant to a decision by the Subscriber, responsibility for all of the Subscriber’s decisions, for any results arising from your decisions, and for management of any consequences shall rest solely with the Subscriber.
  • 3.4 Rightcheck acknowledges that they shall have no rights in respect of any information or data stored on the Software by the Subscriber.

4. Fees and Charges

  • 4.1 In consideration of the licence granted under Clause 3.1, the Subscriber shall pay to Rightcheck the Fees in accordance with the Subscription Agreement.
  • 4.2 All Fees and other charges payable under this Agreement are exclusive of any VAT, which shall be payable by the Subscriber.
  • 4.3 Rightcheck reviews and may update or amend the Fees on an annual cycle. Rightcheck will notify Subscribers of any changes to Fees not less than 30 days prior to the change taking effect.  
  • 4.4 If any sums payable to Rightcheck under the Agreement are in arrears for more than thirty (30) days after the due date, Rightcheck reserve the right without prejudice to any other right or remedy to suspend the Subscriber’s right to use the Software and/or the provision of any services, including Support Services, without notice and to charge interest on any outstanding balances at the statutory rate from time to time in force (this rate applying after as well as before any court award or judgement in Rightcheck’s favour in respect of outstanding balances).

5. Confidential Information

  • 5.1 “Confidential Information” shall mean all information embodied in the Software and Documentation and all other information imparted by either Party to the other Party and marked as confidential (either in writing or by oral notice), or that by its nature the Party receiving such information ought reasonably to know is confidential, but excluding information already rightfully in the possession of the Party receiving such information at the time of receipt, or which is already in the public domain or which becomes so (otherwise than in breach of the Agreement).
  • 5.2 Each Party shall keep in confidence and not disclose to any person or use any Confidential Information of the other Party except as strictly necessary for the purposes of the Agreement unless such Confidential Information is required to be disclosed as a matter of law and/or regulation.

6. Additional Services

  • 6.1 To add Additional Services to Rightcheck, the Subscriber must pay the applicable fee for each Additional Service in accordance with the terms and conditions of this agreement.
  • 6.2 The Subscriber is responsible for deciding whether or not to access and use the Additional Services, and if the Subscriber elects to do so, must agree to the separate applicable terms and conditions of the third party for those Additional Services. 
  • 6.3 If there is a conflict between any of the terms of this agreement and the Additional Services terms, then the Additional Services terms will prevail in relation to the Subscriber’s use of the Additional Services. 
  • 6.4 Rightcheck is not responsible for any issue with any third-party technology, authorised delegation, information and/or services and will not be liable for those issues. 
  • 6.5 Rightcheck may withdraw access to such third party technology, delegation, information or services. In such cases, Rightcheck will make reasonable efforts to communicate any changes to Subscribers via email notification.

7. Branding and Intellectual Property Rights

  • 7.1 Rightcheck acknowledges that the Rightcheck Trade Marks are incorporated into the Software and the Documentation and hereby acknowledges that the licence granted under Clause 3 extends to the Subscriber’s use of the Rightcheck Trade Marks, but only to such extent as is incidental to use of the Software in accordance with this Agreement and the Documentation. For the avoidance of doubt, the Subscriber shall not use the Rightcheck Trade Marks or any other Rightcheck trademark or brand image on any marketing or promotional materials without Rightcheck’s prior written consent.
  • 7.2 The Subscriber acknowledges that the Software, Documentation and Rightcheck Trade Marks shall at all times remain the property of Rightcheck and that nothing in the Agreement shall transfer to the Subscriber any title in the Software, Documentation or Rightcheck Trade Marks or any associated Intellectual Property Rights.
  • 7.3 The Subscriber recognises that any Intellectual Property Rights subsisting in any works produced during the course of any services provided by Rightcheck to the Subscriber under this Agreement, wherever in the world such rights arise, shall belong to Rightcheck.

8. Warranties

  • 8.1 Rightcheck warrants to the Subscriber for the term of the Agreement that:-
  • 8.1.1 Rightcheck has the right to grant the Subscriber a licence to use the Software and Documentation as provided for in this Agreement; and
  • 8.1.2 The Software will perform as described in the Documentation provided that the Subscriber uses the Software in accordance with this agreement and the Documentation.
  • 8.2 Without prejudice to any other term of this Agreement Rightcheck does not warrant that operation of the Software will be uninterrupted or error free.
  • 8.3 The warranties in this Clause 8 and the other express provisions of this Agreement set out in the full extent of Rightcheck’s obligations and liabilities concerning its subject matter. All other warranties, conditions, terms, undertakings and obligations which might otherwise be implied into this Agreement, including without limitation any implied terms of satisfactory quality or fitness for purpose are hereby excluded to the fullest extent permitted by law.
  • 8.4 The warranties set forth in this Clause 8 shall not be effective, and Rightcheck shall not have any obligation or liability to the Subscriber, if the Software:
  • 8.4.1 is not used in accordance with the Documentation and subject to the terms of this Agreement or is used in conjunction with hardware, mobile devices or other software which Rightcheck does not support; or
  • 8.4.2 has been altered, modified or revised by the Subscriber or other third party without Rightcheck’s express approval; or
  • 8.4.3 fails for any reason outside Rightcheck’s control including but not limited to actions by the Subscriber or other third party or the malfunction of machinery, hardware or other software.
  • 8.5 If, upon investigation by Rightcheck, a problem is found not to be Rightcheck’s responsibility under the provisions of this Clause 8, Rightcheck will notify the Subscriber of this finding and reserves the right, immediately following such notification, to charge the Subscriber forthwith for all reasonable costs and expenses incurred by Rightcheck in the course of or in consequence of such investigation.
  • 8.6 The Subscriber acknowledges that the Subscriber is responsible for ensuring that the Subscriber’s users of the Software have received sufficient training and have the necessary understanding of the regulatory and commercial background to the subject matter of the Software to make proper use of and obtain proper benefit from the Software.  
  • 8.7 As between the Subscriber and Rightcheck, the Subscriber accepts sole responsibility for the accuracy of all data processed using the Software and the results obtained there from to the extent that the results depend upon the accuracy of the Subscriber’s data.
  • 8.8 Except in the case of fraudulent misrepresentation by Rightcheck, the Subscriber hereby warrants that the Subscriber has not been induced to enter into the Agreement by any prior representations, whether oral or in writing and the Subscriber hereby waives any claim for breach of any such representations.
  • 8.9 The Subscriber warrants and represents to Rightcheck that the Subscriber has the ability and experience to carry out the obligations assumed by the Subscriber under this Agreement and that by entering into the Agreement the Subscriber will not breach any express or implied obligation to any third party.

9. Indemnities

  • 9.1 The Subscriber will defend, indemnify and hold Rightcheck harmless against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with use of the Software, provided that: 
  • 9.1.1 Rightcheck provides  prompt notice of any such claim;
  • 9.1.2 Rightcheck provides reasonable co-operation in the defence and settlement of such claim, at your expense; 
  • 9.1.3 Rightcheck grants the Subscriber sole authority to defend or settle the claim.
  • 9.2 Rightcheck shall indemnify the Subscriber against any claim that the normal use or possession of the Software, Documentation or Rightcheck Trade TradeMarks in accordance with the Agreement infringes the Intellectual Property Rights of any third party in the United Kingdom, provided that:-
  • 9.2.1 the Subscriber does not prejudice Rightcheck’s defence of such a claim;
  • 9.2.2 such infringement is not caused by or contributed to by the Subscriber’s or any other third party’s acts or omissions, other than the use of the Software in accordance with the terms of this Agreement;
  • 9.2.3 Rightcheck is promptly notified in writing of the details of the claim;
  • 9.2.4 the Subscriber gives Rightcheck all reasonable assistance with such claim; and
  • 9.2.5 Rightcheck has sole conduct and control of the claim and its settlement or resolution.
  • 9.3 Rightcheck may at Rightcheck’s own expense modify or replace all or part of the Software or Documentation so as to avoid infringement or claim of infringement.
  • 9.4 Rightcheck shall have no liability for any claim of infringement based on the Subscriber’s:
  • 9.4.1 use, of the Software or Documentation other than in accordance with the Agreement; or
  • 9.4.2 failure to install any Updates immediately on notification of the relevant Update.

10. Limitation of Liability

  • 10.1 Except in respect of injury to or death of any person (for which no limit applies) the respective liability of either Party to the other Party under the Agreement in respect of each event or series of connected events shall not exceed one hundred per cent (100%) of the total Fees paid by the Subscriber to Rightcheck under this Agreement during the period of twelve (12) calendar months preceding the event giving rise to such liability occurred.
  • 10.2  Rightcheck will not be liable to the Subscriber or any other third party for any loss or damage arising out of or relating to the Agreement whether caused by any breach of contract or any negligence by Rightcheck or otherwise, to the extent that such loss or damage is indirect, consequential or special, whether or not Rightcheck have been advised of the possibility of such loss or damage.
  • 10.3  Rightcheck will not be liable to the Subscriber or any third party for any loss or damage arising out of or relating to the Agreement to the extent that such loss or damage is:
  • 10.3.1 a loss of profits; or
  • 10.3.2 A loss of data, whether or not Rightcheck has been advised of the possibility of such loss or damage. For the avoidance of doubt, the provisions of Clauses 10.3.1 and 10.3.2 shall each be construed as a separate exclusion of liability.
  • 10.4  The Subscriber agrees that the limitations set out in this clause 10 and restrictions in this agreement are reasonable because they reflect the fact that:
  • 10.4.1 Rightcheck cannot control how and for what purpose you use our Software;
  • 10.4.2 Rightcheck has not developed the Software specifically for the Subscriber; and
  • 10.4.3 Although Rightcheck follows good industry practice, it is not economically possible for Rightcheck to carry out all the tests necessary to make sure there are no problems in the Software.

11. Software Updates

  • 11.1 Rightcheck may from time to time issue software updates.
  • 11.2 The Subscriber must install any update immediately on receipt or notification of the relevant update.
  • 11.3 Once installed, updates shall be deemed to be part of the Software and the Documentation (as appropriate).
  • 11.4 Rightcheck shall not be liable for any failure of the Software to operate in accordance with this Agreement or to otherwise meet any warranties or representations set out in this Agreement unless the Subscriber has installed all relevant updates pursuant to Clause 11.1.

12. Support Services

  • 12.1 Rightcheck will provide the Subscriber with support services to a service level as defined in the Subscription Agreement.

13. Termination

  • 13.1 Either Party may terminate the Agreement:-
  • 13.1.1 immediately if the other Party is in material breach of any of its obligations under this Agreement and such breach is not remedied within sixty (60) days of that Party’s receipt of notice of such breach from the terminating Party; or
  • 13.1.2 immediately on giving the other Party written notice if the other Party commits any act of insolvency or bankruptcy.
  • 13.2 Rightcheck may terminate the Agreement at any time:-
  • 13.2.1 the Subscriber has failed to pay the Fees; or
  • 13.2.2 in the event that the operation of the Agreement may not be lawful in any jurisdiction relevant to either Party.
  • 13.3 The Subscriber may terminate their subscription at the end of the Licence Period by providing one month’s written notice in advance. In the absence of receipt by Rightcheck of such notice from the Subscriber, this Agreement will automatically roll over for successive 12 month Licence Periods.
  • 13.4 Any termination of this Agreement shall be without prejudice to any other rights or remedies either party may be entitled to under this Agreement or at law and shall not affect any accrued rights or liabilities of either party nor the coming into or continuance in force of any provision in this Agreement which is expressly or by implication intended to come into or continue in force on or after such termination.

14. Post Termination

  • 14.1 On termination of the Agreement howsoever caused, the Subscriber undertakes immediately to cease to use the Software and the Documentation. 
  • 14.2 Termination of the Agreement however caused shall not affect the rights of either Party under the Agreement which may have accrued up to the date of termination, in particular the Subscriber’s obligation to make any payments due to Rightcheck under the Agreement. The provisions of Clauses 4, 5, 9, 10, 14 and 21 shall survive termination of the Agreement.
  • 14.3 For the avoidance of doubt, termination of the Agreement shall also terminate the provision of any Support Services provided under the Agreement.
  • 14.4 No refund is due if the Subscriber terminates their Agreement, or Rightcheck terminates the Agreement in accordance with these terms.
  • 14.5 No matter how this Agreement terminates, the data stored in the Software remains the Subscribers data that can be removed from the Software before the end of the Agreement.

15. Force Majeure

  • 15.1 If circumstances beyond Rightcheck’s reasonable control arise, Rightcheck will not be liable for failing to meet our responsibilities in this Agreement because of those circumstances, for as long as those circumstances continue. 
  • 15.2 For the purposes of this Agreement, the Subscriber agrees that a cyber-attack or breach of cyber security is beyond Rightcheck’s reasonable control, subject to Rightcheck being able to demonstrate that Rightcheck have acted in accordance with what would be reasonably considered to be best practice by a business and software provider of an equivalent size and standing in taking steps to prevent such an attack or breach of security.

16. Waiver

The failure to exercise or delay in exercising a right or remedy provided by this Agreement or by law does not constitute a waiver of the right or remedy or a waiver of other rights or remedies. The rights and remedies provided by this Agreement are cumulative and (subject as otherwise provided in this Agreement) are not exclusive of any rights or remedies provided by law. A waiver of a breach of any of the terms of this Agreement or of a default under this Agreement does not constitute a waiver of any other breach or default, shall not affect the other terms of this Agreement and will not prevent a Party from subsequently requiring compliance with the waived obligation.

17. Entire Agreement and Enforceability

  • 17.1 This Agreement constitutes the entire agreement between the Parties and supersedes all prior agreements, arrangements and understandings between the Parties whether oral or written relating to the subject matter hereof (other than representations made fraudulently). No addition, modification or amendment to the Agreement will be binding unless made in writing and executed by a duly authorised representative of each of the Parties.
  • 17.2 If any provision of the Agreement is found by a court of competent jurisdiction to be invalid, unenforceable or illegal in whole or in part for any reason such decision shall not affect the validity, enforceability or legality of the remaining provisions hereof and this Agreement will be construed as if such invalid, illegal or unenforceable provision was not a part of this Agreement.

18. Assignment

Rightcheck may assign all or any of Rightcheck’s rights or obligations under this Agreement without the Subscriber’s prior written consent. This Agreement is personal to the Subscriber and, save as permitted in this Agreement, the Subscriber shall not assign, sub-contract, sub-licence or charge or part with any of the Subscriber’s rights or obligations under the Agreement without Rightcheck’s prior written consent.

19. Relationship

Nothing in the Agreement shall render the Parties partners or agents and neither shall purport to undertake any obligation on the other’s part or expose the other to any liability whatsoever.

20. Rights of Third Parties

A person who is not a Party to this Agreement has no right under the Contracts (Rights of Third Parties) Act 1999 to enforce, or to enjoy the benefit of any term of this Agreement but this does not affect any right or remedy of a third party which exists or is available apart from that Act.

21. Governing Law

This Agreement shall be governed by and construed in accordance with the laws of England and the Parties agree to submit to the jurisdiction of the English Courts

Data Protection Addendum

This addendum reflects the processor obligations contained in the GDPR and forms an integral part of the licence agreement between Rightcheck and the Subscriber.

1. Definitions

  • 1.1 In this policy, the following words and phrases will have the following meanings: 
    • Data Protection Law – all applicable legislation protecting the fundamental rights and freedoms of individuals in relation to their personal data and right to privacy (including, but not limited to, the Data Protection Act 2018, UK GDPR and GDPR) as amended and updated from time to time GDPR the General Data Protection Regulation (Regulation (EU) 2016/679) of the European Parliament and the Council of 27 April 2016, and ‘Articles’ refers to the articles of the GDPR 
    • Statutory Processor Obligations – the contractual obligations which a data controller is required to impose on a data processor under Article 28(3), if and to the extent that they are not imposed on the Supplier under this Agreement
    • UK GDPR: the GDPR as implemented into UK law via domestic UK legislation including the European Union (Withdrawal) Act 2018, and as amended, varied and supplemented including by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019, and the Data Protection Act 2018 in each case as amended and updated from time to time
  • 1.2 Any reference to an “Article” or to “Articles” is a reference to an Article or to Articles of the UK GDPR. 
  • 1.3 The terms ‘personal data’, ‘data subject’, ‘processor’, ‘controller’, ‘processing’, ‘personal data breach’ ‘pseudonymisation’ ‘special categories of data’ and ‘supervisory authority’ have the meanings set out in Article 4.

2. General

  • 2.1 Whenever RIGHTCHECK processes personal data on the Subscriber’s behalf: 

(a) the Subscriber shall be the controller and RIGHTCHECK shall be the processor in respect of 

such personal data; and 

(b) RIGHTCHECK shall only process such personal data on the documented instructions from the Subscriber and in full compliance with this policy and any obligations imposed on RIGHTCHECK by applicable Data Protection Law. 

  • 2.2 The Subscriber warrants that to the extent of its reasonable knowledge and belief, any disclosure of personal data to RIGHTCHECK for processing in connection with the Services complies with all relevant Data Protection Law, and that that all instructions given by it to RIGHTCHECK in respect of personal data shall at all times be in accordance with Data Protection Law. 
  • 2.3 RIGHTCHECK shall inform the Subscriber on becoming aware of any instruction from the Subscriber in relation to the processing of personal data which, in RIGHTCHECK’s reasonable opinion, infringes Data Protection Law.

3. Security

3.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk to the rights and freedoms of natural persons, RIGHTCHECK shall implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to the risk including, but not limited to, the following (as appropriate): 

(a) the pseudonymisation and encryption of personal data; 

(b) RIGHTCHECK’s ability to ensure the ongoing confidentiality, integrity, availability and 

resilience of processing systems and services; 

(c) RIGHTCHECK’s ability to restore the availability and accessibility of personal data in a timely 

manner in the event of a physical or technical incident; 

(d) a process for regularly testing, assessing and evaluating the effectiveness of technical and 

organisational measures for ensuring the security of the processing; and 

(e) providing any assistance the Subscriber reasonably requires in order for it to implement 

appropriate technical and organisational measures to protect its personal data. 

3.2 In assessing the appropriate level of security measures to be taken under paragraph 3.1, RIGHTCHECK shall take account of the risks that are presented by the processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. 

3.3 RIGHTCHECK shall ensure that its employees and any other persons with access to personal data RIGHTCHECK processes on behalf of the Subscriber are made aware of their data protection and security obligations and do not process such personal data except in accordance with the Subscriber’s instructions.

4. Sub-processing

  • 4.1 RIGHTCHECK shall not engage another person to process any of the Subscriber’s personal data (a “sub- processor”) without the Subscriber’s prior specific or general written authorisation. In the case of general written authorisation, RIGHTCHECK shall inform the Subscriber of any intended changes concerning the addition or replacement of any sub-processor and allow the Subscriber reasonable opportunity to object to such change. RIGHTCHECK shall not engage a sub-processor to which the Subscriber has objected. The Subscriber acknowledges that if in this event RIGHTCHECK is unable to provide the Services to the Subscriber, RIGHTCHECK may terminate this Agreement pursuant to Clause 12 of the Terms of Use. 
  • 4.2 Where RIGHTCHECK engages a sub-processor to carry out specific processing activities on behalf of the Subscriber, RIGHTCHECK shall ensure that that sub-processor only does so on terms equivalent to those to which RIGHTCHECK is itself subject under this policy (and any other agreement between RIGHTCHECK and the Subscriber). In particular, RIGHTCHECK shall ensure the any sub-processor provides sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR (including the requirements relating to security, integrity and confidentiality). Where that other processor fails to fulfil its data protection obligations, RIGHTCHECK shall remain fully liable to the Subscriber for the performance of those obligations.

5. Requests from Data Subjects and Supervisory Authorities

  • 5.1 If a data subject makes a request relating to the exercise of his or her legal rights in relation to personal data, RIGHTCHECK shall provide the Subscriber with any information and assistance reasonably required by the Subscriber in order to: 
  • (a) respond to a subject access request by a data subject; 
  • (b) erase personal data in accordance with the data subject’s right to erasure; 
  • (c) allow the data subject to exercise his or her right to restrict processing; 
  • (d) notify any persons who have received personal data about any rectification, erasure or restriction 
  • of processing which has taken place at the request of a data subject; 
  • (e) provide the data subject with a copy of his or her data in a structured and common electronic 
  • format; or 
  • (f) give effect to the data subject’s rights (under Articles 21 and 22) to object to profiling, automated 
  • decision-making and/or processing for direct marketing purposes. 
  • 5.2 Information and assistance provided by RIGHTCHECK under paragraph 6.1 of this policy shall be given without undue delay and in such time as the Subscriber reasonably requires in order to comply with its obligations under Data Protection Law. 
  • 5.3 RIGHTCHECK shall also cooperate with any requests by a supervisory authority. 
  • 5.4 Requests from Data Subjects and Supervisory Authorities
  • 5.5 Personal data breaches and notification

6. Personal data breaches and notification

6.1 If RIGHTCHECK becomes aware of a personal data breach relating to any personal data processed on 

behalf of the Subscriber, RIGHTCHECK shall: 

(a) notify the Subscriber without undue delay upon becoming aware of the breach and provide 

details of the nature of the personal data breach, including where possible: 

(i) the categories and approximate number of data subjects concerned and the categories 

and approximate number of personal data records concerned; 

(ii) the name and contact details of RIGHTCHECK’s data protection officer or other 

contact from whom more information can be obtained; 

(iii) (so far as RIGHTCHECK is able to provide) details of the likely consequences of the 

personal data breach; and 

(iv) measures RIGHTCHECK has taken or proposes to take to address the personal data 

breach, including, where appropriate, measures to mitigate its possible adverse effect. 

(b) provide the Subscriber with such information and assistance as it requires in relation to the 

personal data breach (including in relation to action to remedy or mitigate the breach); and 

(c) document the personal data breach and any related action taken by RIGHTCHECK.

7. Data protection officers and privacy impact assessments

Data protection officers and privacy impact assessments 

7.1 RIGHTCHECK shall ensure that before processing personal data on behalf of the Subscriber it 

communicates details of its data protection officer to the Subscriber. 

7.2 Taking into account the nature of the processing and the information available to RIGHTCHECK, RIGHTCHECK shall provide the Subscriber with such information and assistance as the Subscriber reasonably requires in order to: 

(a) carry out any privacy impact assessments (under Article 35); 

(b) consult with a supervisory authority prior to processing (under Article 36); and/or 

(c) meet any obligations under Data Protection Act 2018 which derive from the activities described 

in paragraph 7.2(a) and 7.2(b).

8. Deletion and return of data

At end of contract between RIGHTCHECK and the Subscriber, RIGHTCHECK shall (at the Subscriber’s option) delete or return all personal data RIGHTCHECK has processed on its behalf, and any copies of such personal data, unless RIGHTCHECK is required to store such copies to comply with a legal requirement (in which case RIGHTCHECK may store such copies to the extent necessary to comply with applicable law). 

9. Records, audits and inspections

9.1 RIGHTCHECK shall maintain a written record of all categories of processing activities carried out on 

behalf of the Subscriber, containing: 

(a) the names, contact details and (where applicable) data protection officer details for the 

Subscriber, RIGHTCHECK and any sub-processors appointed by RIGHTCHECK; 

(b) the categories of processing carried out on behalf of the Subscriber ; 

(c) where applicable, details of transfers of personal data to a third country or an international organisation, including the identification of that country or organisation and the documentation of suitable safeguards; and 

(d) a description of the technical and organisational security measures referred to in paragraph 3.1 

of this policy. 

9.2 RIGHTCHECK shall allow for and contribute to audits, including inspections, conducted by the Subscriber or another auditor mandated by the Subscriber.

10. International transfers

10.1 RIGHTCHECK shall not transfer any of the Subscriber’s personal data to a third country/international organisation without the Subscriber’s prior written consent and: 

(a) the EU Commission has decided that country or organisation ensures adequate protection under 

Article 45; (b) appropriate safeguards are in place (as set out in Article 46); or (c) one or more of the derogations in Article 49 applies.

11. Particulars of processing

Description

Details

Subject matter of the processing

The processing of personal data is necessary to allow the customer, as the data controller, to conduct Right to Work checks in accordance with UK Government legislation.

Duration of the processing

The Licence Period as defined in the Subscription Agreement. 

 

Nature and purposes of the processing, storage and access.

The purpose of the processing is to automate the checking of Right to Work documentation reducing the risk of illegal workers being employed and/or forged documents being held.

Storage of data in compliance with UK Government legislation, which dictates data is stored and retained for duration of employment plus two years post-employment. 

Access to data is controlled by the customer who can use the roles feature of the platform to control and restrict access to authorised employees of the organisation. 

  

Types of personal data

The personal data processed includes the following types of data:

 

·        Full name

·        Email

·        Date of birth

·        Passport/ID document number

·        Image of Passport/ID document which may include additional information such as photograph, sex, place of birth, nationality, immigration status.

·        Images of the data subject

·        Biometric capture of chip on Passport/ID documentation

 

Categories of data subjects

The personal data processed includes data from recruitment candidates and potential new employees.

Description

Details

Subject matter of the processing

The processing of personal data is necessary to allow the customer, as the data controller, to conduct Right to Work checks in accordance with UK Government legislation.

Duration of the processing

The Licence Period as defined in the Subscription Agreement. 

 

Nature and purposes of the processing, storage and access.

The purpose of the processing is to automate the checking of Right to Work documentation reducing the risk of illegal workers being employed and/or forged documents being held.

Storage of data in compliance with UK Government legislation, which dictates data is stored and retained for duration of employment plus two years post-employment. 

Access to data is controlled by the customer who can use the roles feature of the platform to control and restrict access to authorised employees of the organisation. 

  

Types of personal data

The personal data processed includes the following types of data:

 

·        Full name

·        Email

·        Date of birth

·        Passport/ID document number

·        Image of Passport/ID document which may include additional information such as photograph, sex, place of birth, nationality, immigration status.

·        Images of the data subject

·        Biometric capture of chip on Passport/ID documentation

 

Categories of data subjects

The personal data processed includes data from recruitment candidates and potential new employees.