Please read these terms of use carefully before using the Service and associated Software. You may use the Service and Software only if you first accept these terms, which constitute a binding agreement between you and Codel Software Ltd. By using the Service or Software you signify your agreement with these terms, including the Acceptable Use Policy.

IF YOU DO NOT AGREE WITH THESE TERMS DO NOT IN ANY MANNER USE THE SERVICE OR SOFTWARE OR PARTICIPATE IN ANY OF THE FUNCTIONALITY OFFERED THEREIN.

1.  Purpose
These Terms of Use (“Terms of Use”) set forth the terms under which Codel Software Ltd will provide you (“The Company”) with access to and use of the Service.

2. Definitions

All capitalized terms defined in these Terms of Use have the meanings set forth below.

Codel Software Ltd – the business in the country in which you ordered the Service.

The Company – the business service user

Activ People HR – Any of the hosted Activ branded solutions from Codel Software Ltd including: Activ Absence, Activ Appraisals, Activ Documents, Activ Handbook, Activ Training.

Acceptable Use Policy – the Acceptable Internet Use Policy for Activ People HR and attached herein as Appendix A and located on the Internet at http://www.activpeopleHR.co.uk/terms and any subsequent modification. Confidential Information – means all information of whatever nature disclosed (whether in writing, orally, in disk form, electronically or by another means and whether directly or indirectly) by a party (the “Disclosing Party”) to the other party (the “Receiving Party”) whether before, during or after the date of this Agreement including, without limitation (i) the Disclosing Party’s products, services, reports, technical knowledge, know-how, methodology, intellectual property rights, data, drawings and other material, operations, processes, plans or intentions or strategies, product information, future products currently in development or about to be launched, design rights, trade secrets, market opportunities and business affairs, product costs and pricing qualities,  payment terms, client details and customer account information; and (ii) the Software and the System and functionality and capability thereof,  and (iii) any of the information referred to in (i) or (ii) of and/or relating to any subsidiaries or member of any group of the Disclosing Party;

Confidential Information – means all information of whatever nature disclosed (whether in writing, orally, in disk form, electronically or by another means and whether directly or indirectly) by a party (the “Disclosing Party”) to the other party (the “Receiving Party”) whether before, during or after the date of this Agreement including, without limitation (i) the Disclosing Party’s products, services, reports, technical knowledge, know-how, methodology, intellectual property rights, data, drawings and other material, operations, processes, plans or intentions or strategies, product information, future products currently in development or about to be launched, design rights, trade secrets, market opportunities and business affairs, product costs and pricing qualities,  payment terms, client details and customer account information; and (ii) (in the case of The Company) its software and system and functionality and capability thereof,  and (iii) any of the information referred to in (i) or (ii) of and/or relating to any subsidiaries or member of any group of the Disclosing Party;

Content – all personnel records, including planned and unplanned absence, training records, personnel appraisals and handbook data entered in the use of the Service by The Company or its employees.

Service – the Activ People HR solutions including Activ Appraisals, Activ Absence, Activ Training and Activ Handbook Software-as-a-Service (“SaaS”) offering that you are accessing under these Terms of Use.

Software – the software and all associated documentation and other materials provided to you by Codel Software Ltd to facilitate access to and use of the Service.

2.1 General Charge Terms

The Service is purchased on an active employee profile basis on a fixed fee for a minimum twelve (12) month period. An employee profile is required for each employee managed by the Service. Active employees are defined as those currently managed by the system. Any employee that leaves The Company and no longer requires management by the system will be moved to an archive area and will be excluded from active employee count for contract renewal.

3. Access to Service; Suspension and Cancellation

Subject to The Company compliance with these Terms of Use, Codel Software Ltd hereby grants The Company a revocable, non-exclusive, non-transferable right to access and use the Service. The Company agrees that Codel Software Ltd is not providing The Company with access to the Internet in order to use the Service and that The Company remains responsible for suitable Internet access. Codel Software Ltd reserves the right to suspend or discontinue the Service, revoke The Company access to the Service or delete The Company Content if Codel Software Ltd believes that you are in breach of these Terms of Use or the Acceptable Use Policy. Codel Software Ltd will notify The Company in writing 60 (sixty) days prior to any suspension, deletion of Content, discontinuance or cancellation of the service. Upon any suspension, discontinuance or cancellation this Service or termination of these Terms of Use, The Company access and other rights to the Service will be cancelled and cease. In such event The Company must cease any further use of the Service

4. Restrictions

The Service is to be used by individuals and entities solely for managing planned and unplanned employee, absences, appraisals and The Company’s handbook and related activities in which The Company is an active participant with others, and only as permitted under these Terms of Use and Acceptable Use Policy. Under no circumstances may The Company resell, redistribute, or sublicense the Services, or use the Services on a timeshare or service bureau basis, or to operate a Website or host an online business unless expressly permitted under another written agreement between you and Codel Software Ltd. The Company may not use the Services for the development, production or marketing of a service or product substantially similar to the Services.

4.1 The Service Use Requirements

The use of the Service requires: A Contract for the Service includes a Fixed Term License (FTL) to cover the authorised active employee profiles for the Service. The Software is licensed on a FTL basis and may be used only in connection with the Service. The duration of the FTL is coterminous with the Service.

4.2 Restricted Use for the Service

If The Company legal entity has acquired authorised active employee profile licenses for the Service, then The Company may on authorisation from Codel Software Ltd add a further 10% of the contracted number of employee profiles to the system without charge until the contract anniversary date.

Any unauthorised employee profile additions will be charged at the applicable rate and pro-rata from the employee’s hire date to the contract anniversary date.

Codel Software will provide notification in writing of the license costs for continuation of the contract within 60 days of contract anniversary date. This will include any change to the cost of the hosted solution.

Codel Software Ltd will confirm final employee profiles numbers to The Company in writing 30 days prior to the contract anniversary date for invoicing purposes.

Codel Software Ltd will generate an invoice on receipt of purchase order from The Company and The Company agrees to pay moneys due under such invoices to Codel Software Ltd prior to the anniversary date.

5. Scheduled Downtime; or Technical Support

The regularly scheduled maintenance window for the Service will be undertaken at an agreed time normally outside UK working hours. These will be notified via email to named client contact.

Any enhancements, updates and other materials provided by Codel Software Ltd as part of any such Technical Support are considered to be part of the Service or Software, as applicable, and therefore governed by these Terms of Use.

6. Updates; Applicable Terms and Authorization for Auto Updates

These Terms of Use apply to all updates, supplements, add-on components, features, or other functionality or messages related thereto, including without limitation alterations of functionality, features, storage, security, availability, Content, and other information relating to the Software or Service (collectively, “Updates”) that Codel Software Ltd may provide or make available generally to its customers after the date that the Service commences, subject to any additional terms provided by Codel Software Ltd applicable to such Updates. You hereby authorize Codel Software Ltd to, and agree that Codel Software Ltd may, in accordance with the Codel Software Ltd standard operating procedures, automatically and in good faith transmit, access, install, and otherwise provide Updates to the Software or Service without further notice or need for consent. Codel Software Ltd has no obligation to, and nothing in these Terms of Use may be construed to require Codel Software Ltd to, create, provide, or install Updates.

7. Privacy

7.1 For the purposes of this clause:

“data controller” means the person which, alone or jointly with others, determines the purposes and means of the processing of personal data or as otherwise defined in the data protection legislation

“data processor” means the person which processes personal data on behalf of the data controller or as otherwise defined in the data protection legislation

“data protection legislation” means (i) the Data Protection Act 1998 and any laws or regulation implementing Directive 95/46/EC and (ii) the General Data Protection Regulation ((EU) 2016/679) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK

“encryption” means the process of converting information into an unintelligible form except to the holders of a specific encryption key or as otherwise defined in the data protection legislation

“personal data” means any information relating to an identifiable individual that is processed by Codel Software Ltd  as a result of, or in connection with, the provision of the Services; an identifiable individual is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity; or as otherwise defined in the data protection legislation and

“processing” means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking erasure or destruction or as otherwise defined in the data protection legislation

7.2        Codel Software Ltd acknowledges that for the purpose of the data protection legislation The Company is the data controller in respect of any personal data that Codel Software Ltd processes on The Company’s behalf in the course of providing the Service and that Codel Software Ltd is a data processor of such data.

7.3        Codel Software Ltd agrees that it shall (and shall procure that each of its affiliates and subcontractors shall):

7.3.1     comply with all data protection legislation in connection with the processing of personal data, the Services and the performance of its obligations under this Agreement;

7.3.2     only carry out processing of personal data in accordance with The Company’s instructions (which may be specific instructions or instructions of a general nature as set out in this agreement, or as otherwise notified by The Company to Codel Software Ltd during the term of this agreement);

7.3.3     implement appropriate technical and organisational measures that meet the requirements of the data protection legislation and that protect against the accidental, unauthorised or unlawful processing, destruction, loss, damage or disclosure of personal data (these measures shall include, but are not limited to, the deployment of appropriate encryption solutions to protect personal data including but not limited to the encryption of all personal data stored on portable and mobile devices) and Codel Software Ltd shall implement adequate security programmes and procedures to ensure that unauthorised persons do not have access to the personal data or to any equipment used to process the personal data;

7.3.4     ensure that the technical and organisational measures shall be appropriate to the harm which might result from any unauthorised or unlawful processing and accidental loss, destruction or damage to the personal data and having regard to the nature of the personal data which is to be protected;

7.3.5     ensure the reliability of any individuals who have access to personal data and that all individuals involved in the processing of personal data have undergone adequate training in the care, protection and handling of personal data and are subject to confidentiality obligations with regards the personal data;

7.3.6     unless legally barred, promptly refer to The Company any queries in relation to the personal data from individuals, any data protection authority, any law enforcement authority or from any court, tribunal, regulator or government body for The Company to resolve;

7.3.7     at no additional cost, promptly provide such information to The Company as The Company may reasonably require to allow it to comply with the rights of individuals under applicable data protection laws, including subject access rights, or with information or assessment notices served by any data protection authority and shall not respond to any data subject request without The Company’s written approval;

7.3.8     notify The Company of any unauthorised or unlawful processing or any accidental loss, destruction, damage, alteration or disclosure of personal data (each a “security incident”)  within 24 hours of the security incident and in relation to each security incident it shall promptly investigate the security incident, provide The Company with detailed information about the security incident; and  take reasonable and prompt steps to mitigate the effects and to minimize any damage resulting from the security incident;

7.3.9     not process or permit the processing of personal data outside the United Kingdom other than with the prior written consent of The Company, subject to any requirements placed on Codel Software Ltd by the laws of any member of the European Union or by the laws of the European Union applicable to Codel Software Ltd. and, where such consent is granted, Codel Software Ltd undertakes to enter into a suitable agreement with The Company and/or any relevant parties and/or adopt any necessary measures in order to ensure an adequate level of protection with respect to the privacy rights of individuals; and

7.3.10    maintain complete, accurate and up to date written records of all categories of processing activities carried out on behalf of The Company;

7.3.11    upon reasonable request of The Company,  Codel Software Ltd agrees to submit its data processing facilities, data files, personnel and documentation needed for processing personal data (and/or those of its agents, affiliates and subcontractors) to reviewing, auditing and/or certifying by The Company  (or any independent or impartial inspection agents or auditors, selected by The Company and not reasonably objected to by Codel Software Ltd) to ascertain compliance with the warranties and undertakings in this clause, with reasonable notice and during regular business hours.

7.4        If any part of personal data ceases to be required by Codel Software Ltd for the performance of its obligations under this agreement, or on termination or expiry of the agreement (whichever is earlier), Codel Software Ltd shall at the express choice of The Company (but not otherwise), either return to The Company all personal data that has been obtained or collected in providing the Service under this agreement, or delete or destroy all copies of the personal data in the Codel Software Ltd’s possession or control and certify to The Company that it has done so, unless legislation imposed upon Codel Software Ltd prevents the  return or destruction all or part of the personal data. In that case, Codel Software Ltd shall continue to ensure the confidentiality of personal data in its possession and will not actively process such data any further.

7.5        Codel Software Ltd may only sub-contract or outsource the processing of personal data under this agreement to any other person or entity (“Subcontractor”) if Codel Software Ltd:

7.5.1     has provided reasonable prior notice to The Company of the identity and location of the Subcontractor and a description of the intended processing to be sub-contracted or outsourced to the Subcontractor to enable The Company to comply with the applicable data protection laws, and to evaluate any potential risks to the personal data;

7.5.2     has imposed legally binding contract terms substantially the same as those contained in clause 7 and 10 on the Subcontractor (“Subcontractor Contract”).

7.6        The Company may require Codel Software Ltd by notice in writing to cease or suspend the sub-contracting or outsourcing of the processing of personal data to the Subcontractor if, in The Company’s reasonable opinion, the Subcontractor is unable to comply with the terms of the Subcontractor Contract.

7.7        Codel Software Ltd will indemnify The Company against all losses, liabilities, damages, claims, costs (including legal and other professional costs) and expenses which The Company may suffer or incur arising out of or in connection with (i) the failure of Codel Software Ltd to comply with any of its obligations in this clause and (ii) Codel Software Ltd acting outside of or contrary to, the lawful processing instructions of The Company.

7.8        Codel Software Ltd warrants that they will hold and maintain ISO27001 certification throughout the period of the contract and will notify The Company if there are any changes to their certification status.

8. Ownership of Content

By virtue of The Company agreeing to these terms, Codel Software Ltd does not claim ownership of any Content. The Company confirms that it has all necessary authorities to allow Codel Software Ltd to host, process, cache, record, copy, and display Content solely for the purpose of providing the Service to The Company. Except as set forth in this Section 11, The Company retains it’s right, title, and interest in and to the Content, and to display and transfer Content. If The Company chooses to transmit Content to a third party site which may be linked to or accessible by the Service, The Company is providing Codel Software Ltd with the consent to enable such transmission of the Content, and you remain liable for such transmission.

9. Representations and Warranties about Content

The Company represents and warrants that (i) it is the owner or authorized licensee of any and all Content; and (ii) will not publish, post, upload, record, or otherwise distribute or transmit Content that violates the Acceptable Use Policy or applicable law, and (iii) that The Company has all required permissions and consents from any third party whose personal information you may have posted or uploaded to the Service.

10. Confidentiality

10.1      Neither party shall use Confidential Information other than solely for the purposes of this agreement and each party shall keep the Disclosing Party’s Confidential Information confidential and restrict access thereto to such of the Receiving Party’s employees, agents or associated companies as need to know it for the purpose of this Agreement and as have been placed under confidentiality obligations and restrictions equivalent to those set out in this Agreement.

10.2      The Receiving Party shall (and shall procure that is representatives shall):

10.2.1    Not use or exploit the Confidential Information in any way except for the purposes of this agreement;

10.2.2.   Not use any of the Confidential Information for any commercial gain or advantage and will not directly or indirectly commercially exploit it or any part of it;

10.2.3.   Not disclose it or make available the Confidential Information in whole or in part to any third party, except as expressly permitted by this agreement;

10.2.3.   Not copy, reduce to writing or otherwise record the Confidential Information except as strictly necessary for the purposes of this agreement (and any such copies, reductions to writing or records shall be the property of the Disclosing Party); and

10.2.4    Apply the same security measures and degree of care to the Confidential Information as the Receiving Party applies to its own confidential information, which the Receiving Party warrants as providing adequate protection from unauthorised disclosure, copying or use.

10.3      Neither party shall disclose any Confidential Information to any of its professional advisers or consultants unless the Receiving Party shall ensure that such professional advisers or consultants enter into a confidentiality agreement with the Disclosing Party whereby such professional advisers or consultants covenant to comply with the confidentiality provisions in this Agreement.

10.4      Neither party shall be required to treat as confidential any information which:

10.4.1    Is already lawfully in its possession prior to disclosure (and such prior possession can be properly demonstrated by the Receiving Party); or

10.4.2    is in or comes into the public domain (other than as a result of its disclosure by the Receiving Party or its representatives (except that any compilation of otherwise public information in a form not publicly known shall nevertheless be treated as Confidential Information); or

10.4.3    is disclosed by a third party with legal right to do so; or

10.4.5    either party can establish to the reasonable satisfaction of the other party that the information was independently developed by the Receiving Party’s employees who have not had any direct or indirect access to, or use or knowledge of, the Confidential Information imparted.

10.5      On or following termination of this Agreement, a senior officer of each party shall, immediately upon the written request of the other party, confirm in writing that it has destroyed or permanently erased all copies of any Confidential Information supplied to it or made by it, or by the persons to whom it has supplied copies, other than copies that it is, or the persons to whom the Confidential Information has been disclosed are, required to keep by law or to satisfy the rules or regulations of a regulatory body or stock exchange.

10.6      The obligations in this clause 10 shall continue from the date of this Agreement and for the duration of this Agreement and for a period of three (3) years thereafter.

11. Compliance with Applicable Law

Both parties undertake to comply with all applicable laws in the provision of the Service and Software.

12. Indemnity

The Company agrees to indemnify, defend and hold Codel Software Ltd harmless against any third party claim that any Content was posted to the Service in violation of The Company obligations in Section 9, “Representations and Warranties about Content”. The Company’s liability under such indemnity shall be limited to £100,000.

13. Disclaimer of Warranties

THE SERVICE AND SOFTWARE (INCLUDING ANY ASSOCIATED DOCUMENTATION, INFORMATION AND MATERIALS) ARE PROVIDED TO THE COMPANY “AS IS” AND CODEL SOFTWARE LTD, EXPRESSLY DISCLAIM ALL WARRANTIES AND CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND ANY WARRANTY OR CONDITION OF NON-INFRINGEMENT.

14. Limitation of Liability

The limitations and exclusions in this Section 14 (Limitation of Liability) apply to the full extent they are not prohibited by applicable law without the possibility of contractual waiver.

14.1 Items for Which Codel Software Ltd May Be Liable

Circumstances may arise where, because of a default on Codel Software Ltd part or other liability, The Company is entitled to recover damages from Codel Software Ltd. Regardless of the basis on which The Company is entitled to claim damages from Codel Software Ltd (including fundamental breach, negligence, misrepresentation, or other contract or tort claim), Codel Software Ltd entire liability for all claims in the aggregate arising from or related to the Service or otherwise arising under these Terms of Use will not exceed the amount of £100,000 This limitation shall not apply to any claims relating to data protection or confidentiality breaches including any claims under the indemnity in clause 7.7.

14.2 Items for Which Codel Software Ltd Is Not Liable

UNDER NO CIRCUMSTANCES IS EITHER PARTY LIABLE FOR ANY OF THE FOLLOWING, EVEN IF INFORMED OF THEIR POSSIBILITY:

LOSS OF, OR DAMAGE TO DATA THROUGH THE MISUSE OF THE SERVICE BY A PARTY OTHER THAN ITSELF OR ITS SUB-CONTRACTORS; SPECIAL, INCIDENTAL, EXEMPLARY, OR INDIRECT DAMAGES, OR FOR ANY ECONOMIC CONSEQUENTIAL DAMAGES; OR

LOST PROFITS, BUSINESS, REVENUE, GOODWILL, OR ANTICIPATED SAVINGS.

15. Governing Law and Jurisdiction

These Terms of Use, and the relationship between The Company and Codel Software Ltd resulting from The Company use or attempted use of the Service or Software, and the resolution of any dispute arising out of that relationship, will all be governed by and construed in accordance with the laws of England and Wales.

15.1 Jurisdiction

All rights, duties, and obligations are subject to the courts of England and Wales.

16. Miscellaneous

If any part of these Terms of Use is determined to be invalid or unenforceable, the remainder of the Terms of Use will continue in effect. If any provision(s) is found to be invalid, unenforceable, or contrary to law, then such provision(s) will be construed, as nearly as possible, to reflect the intentions of the parties with the other provisions remaining in full force and effect. Either Party’s failure to exercise or enforce any right or provision of these Terms of Use will not constitute a waiver of such right or provision unless agreed to by the other party in writing signed by a duly authorized representative of such party. Codel Software Ltd reserves the right to modify these Terms of Use, and related Acceptable Use Policy at any time by providing such revised terms to you. If The Company does not agree to such changes it may terminate this agreement with immediate effect and The Company shall be entitled to a refund of the fees it has paid on a pro rata basis.

During the Term of this Agreement, Codel Software Ltd shall maintain all materials and all other data obtained or generated by Codel Software Ltd in the course of providing the Services hereunder, including all computerized records and files. Codel Software Ltd shall cooperate with any internal reviews or audits by the Company (or its representatives) and shall make available for examination and duplication, during normal business hours and at mutually agreeable times, all documentation, data and information relating to this Agreement.

Codel Software Ltd represents and warrants that it has and will maintain during the term of this Agreement, and for a period of two (2) years thereafter, insurance in the types and limits generally accepted in the industry and sufficient to cover its obligations hereunder, including indemnification obligations, the sufficiency of which shall be determined by the Company. Upon request, Codel Software Ltd shall provide the Company with a copy of its certificate of insurance.

Appendix A

Acceptable use policy for the Service

This Acceptable Use Policy (“Policy”) outlines unacceptable use the Service which interact with, or access, Activ People HR and (the “Service”).  This Policy is in addition to any other terms and conditions under which Codel Software Ltd provides the Services to you.

Codel Software Ltd may make reasonable modifications to this Policy from time to time by posting a new version of this document on the Codel Software Ltd web site at “http://www.activpeoplehr.co.uk/terms ” (or any successor URL(s)).   Revisions are effective immediately upon posting.  Accordingly, we recommend that you visit the Codel Software Ltd Web site regularly to ensure that your activities conform to the most recent version. Questions about this Policy (e.g. whether any contemplated use is permitted) and reports of violations of this Policy should be directed to “[email protected]”.

The examples listed in this Policy are not exhaustive.  Prohibited uses and activities include, without limitation, any use of the Services in a manner that, in Codel Software Ltd reasonable judgment, involves, facilitates, or attempts any of the following:

• violating any law of, or committing conduct that is tortuous or unlawful in, any applicable jurisdiction;
• accessing, sending, receiving, displaying, performing, disclosing, storing, or executing any Content a) in violation of any copyright, right of publicity, patent, trademark, service mark, trade name, trade secret or other intellectual property right, b) in violation of any applicable agreement, or c) without authorization;
• deleting or altering author attributions, copyright notices, or trademark notices, unless expressly permitted in writing by the owner;
• obtaining unauthorized access to any system, network, service, or account;
• interfering with service to any user, site, account, system, or network by use of any program, script, command, or otherwise;
• introducing or activating any viruses, worms, harmful code and/or Trojan horses;
• holding The Service, Codel Software Ltd, its affiliates, officers, employees up to public scorn or ridicule; and/or
• reselling The Service in whole or in part, to any entity or individual, without Codel Software Ltd prior written consent, or misrepresenting your relationship with Codel Software Ltd.

Security and Privacy

Login names and passwords must be kept secret and not be communicated to any third party. Codel Software Ltd must be notified immediately if they are compromised. If a customer forgets or loses their password, they will need to use the online password reset or contact their data controller.

Customers are responsible for all traffic that is sent from their account It is therefore the customer’s responsibility to ensure that all software is virus-free and up-to-date with all relevant security patches. If Codel Software Ltd become aware of suspicious traffic or content related to a customer account, Codel Software have an obligation to our other customers to take urgent measures to block that traffic. This involve suspending the account access until the issue has been resolved. Codel Software Ltd understand that in many cases a customer may not be responsible for or aware of the problem, and therefore will work with the customer to resolve the issue as efficiently as possible to restore normal service.

Personal Data  

It is the Customers responsibility as the Data Controller to obtain and maintain records of the consent from their employees regarding any personal data held within Activ People HR.

Appendix B

DATA PROCESSING DETAILS

Nature and purpose of the processing:

To provide staff appraisal, training records management, absence management and hosting of staff handbook.

Duration of the processing:

The contract term.

Type of Personal Data:

Activ Absence will manage the planned leave and unplanned absence records for the employees registered in the system. The employee profile will store employee data required for the management of the absence including name, email address, job role and work patterns.

The employee profile in Activ Absence can be used to store Personal Information about the employee. Specifically home address and contact details, date of birth, marital status, emergency contact details, nationality, ethnicity, disability and gender. The personal information section can also hold the following employee identity information; National Insurance or Tax ID, Passport number and Driver Licence number.

Activ Appraisals manages employee appraisals including the staff objectives and performance against these objectives, the employees competency ratings and any feedback and comments received from the employees manager and peers.

Activ Confidential Documents allows the storage of document attachments against an employee. The purpose of these attached documents can be varied such as signed contracts, employee references and back ground checks, letters and communications with the employee etc. The limiting factor in the scope of these attachments is that they must be individual employee centric.

Activ Handbook allows the central storage, distribution and acknowledgment of company policies, procedures and other company documents.

Activ Training stores the employees training records, it holds each employees skills and competency levels, training attended and qualifications and experience.

Categories of Data Subjects:

Employees and contractors of The Company

Processing Instructions

As notified by The Company in writing from time to time.

TECHNICAL AND ORGANISATIONAL MEASURES

Data Sovereignty

All Activ People HR servers, database and backups are stored at UK based Hosting providers. Each hosting provider is ISO27001 certified and reviewed at least once a year.

Data Controls

Data At Rest

• Each Activ People HR deployment is implemented in a standalone database.
• Each database is encrypted.
• There is no client software installed on the physical servers that can view the database directly.
• The databases can only be accessed directly by the support team from within the Codel Software network, there is NO open connection directly from the internet. Expect through the application logic.
• The database servers are protected by a separate hardware firewall with all non-required ports disabled.

2.2.2 Data In Transit

All interaction with the Activ People HR modules is via a SSL connection, the information transferred to and from the Web Browser is encrypted TLS 1.2 or higher.

2.2.3 Backups

Daily Backups – The application data and configurations are backed up each night and maintained for 30 days.

Ad hock Backups – Prior to any application upgrades or data imports the client dataset is backed up, these backups are kept for a period of 60 days.

All backups are encrypted and password protected.

2.2.4 Availability

The Activ People HR solutions are hosted on a cluster of servers with load balancing. This ensures the solutions are always available even in the event of a server failure.

2.2.5 Monitoring

Each server is monitored 24/7 for performance and availability.

If a server’s performance falls below a defined threshold, an alert is sent to the Codel Software support team.

If a server becomes unavailable an alert is sent to the Codel Software support team and escalated to the Codel management team.