DATA CONFIDENTIALITY AGREEMENT

Purple Seven provides data aggregation and analysis services which result in the creation of bespoke reports for its Clients. From time to time, the Company may enter into Statement of Works with its Clients pursuant to which Clients shall be entitled to receive reports and processed data.

The Data Supplier collects data that will be submitted to the Company for processing and use in the reports created by the Company. This agreement sets out the terms under which:

(i) the Company is obliged to treat all data supplied by the Data Supplier; and

(ii) the Data Supplier is licensed to use the software.

AGREEMENT TO TERMS Each Party accepts the terms and conditions set out in this data confide

1. DEFINITIONS AND INTERPRETATION:

1.1 Defined terms shall have the following meaning when used in this Agreement:

“Act” means the Data Protection Act 1998 as it is in force at the date of this Agreement;

“Client” means an individual, organisation or company to whom the Company may provide access to the Processed Client Data pursuant to a Statement of Work;

“Company Materials” means any documentation, materials, software, equipment, data and all other materials licensed by or to the Company and used by the Company (excluding any data provided by the Client in relation to the provision of the hereunder) in providing the Satisfaction Survey Reports or performing its obligations under this Agreement and shall be deemed to include any developments to such materials made during the course of providing the Services or access to the Applications to the Client;

“Data” means the data inputted into the Data Supplier’s computerised system from time to time which is captured by the Software and delivered to the Company for processing into Processed Client Data, and such other data as may otherwise be delivered to the Company by the Data Supplier for processing into Processed Client Data;

“Information” has the meaning given to it in Clause 2.1;

“Personal Data” shall have the meaning given to it in the Act;

“Processed Client Data” means the data created for a Client or Company use by the Company, which is based on or includes, amongst other things, the Data;

“Satisfaction Survey Reports” means any reports or Company Materials with information of the customer response to the survey Purple Seven sends;

“Software” means the software owned by the Company known as ‘Daily Data Extractor’ or ‘DDX’, as the same may be updated or replaced by the Company from time to time;

“Software Documentation” means supporting documentation explaining the use for and operation of the Software, as may be updated and reissued by the Company from time to time; and

“Statement of Work” means an agreement entered into between the Company and a Client which sets out the terms on which the Company shall deliver services, which may include the creation and delivery of Processed Client Data.

1.2 Headings shall not affect the interpretation of this Agreement.

1.3 A person includes a natural person, corporate or incorporated body (whether or not having a separate legal personality).

1.4 Words in the singular shall include the plural and vice versa.

1.5 A reference to a statute, statutory provision or subordinated legislation is a reference to it as it is in force from time to time taking account of any amendment or re-enactment.

1.6 A reference to “includes” or “including” shall be construed without limitation.

1.7 References to Clauses are to Clauses of this Agreement.

2. CONFIDENTIALITY

2.1 Subject to Clauses 2.2, 2.3 and 2.4, each Party to this Agreement undertakes to treat as confidential and not disclose to any third party any information received by them from the other Party marked ‘confidential’ or which may reasonably be supposed to be confidential, including, without limitation, information contained or embodied in the Software and the Software Documentation (in this Agreement collectively referred to as the “Information”), and shall keep such received Information secure with at least the same degree of care as it employs with regard to its own confidential information of a like nature and in any event in accordance with best current commercial security practices.

2.2 The provisions of Clause 2.1 shall not extend to:

2.2.1 any information which was rightfully in the possession of the receiving Party prior to the commencement of the negotiations leading to this Agreement (except in the case where the Company has previously received confidential information from the Data Provider, which is already the subject of a confidentiality agreement) or which is already public knowledge or becomes so at a future date other than as a result of unauthorised disclosure; and

2.2.2 Data, the use of which shall be governed by the provisions set out in Clause 4.

2.3 A Party shall not, without the prior written consent of the other Party, divulge any part of the other Party's Information to any person except:

2.3.1 to its employees or authorised officers who have signed confidentiality provisions that reflect, or are more stringent than, those set out in Clause 2.1;

2.3.2 to its auditors and professional advisors, an officer of HM Revenue and Customs, a court of competent jurisdiction, governmental body or applicable regulatory authority, and the Party shall ensure that the persons and bodies referred to in paragraph 2.3.1. and 2.3.2. are made aware before the disclosure of any Information that the same is confidential and that the Party owes a duty of confidence to the other Party.

2.4 The provisions of Clause 2 shall not apply to the whole or any part of the Information to the extent that it is the subject of a request under the Freedom of Information Act 2002 (unless the relevant Information is exempt from disclosure under such Act). Under such circumstances, the relevant Party shall consult the other Party (giving the other Party 5 working days to respond) and take any observations received on the disclosure of the Information requested into account before making a determination on the request.

2.5 A receiving Party shall promptly notify the other Party in writing if the receiving Party becomes aware of any breach of confidence in relation to the other Party’s Information by any person to whom the receiving Party has divulged such Information, and shall give the other Party all reasonable assistance in connection with any proceedings which the other Party may institute against such person for breach of confidence.

2.6 The provisions of Clause 2 shall survive the termination of this Agreement.

3. SOFTWARE USE

3.1 In consideration of the grant of rights made by the Data Supplier to the Company pursuant to Clause 4.1, the Company grants to the Data Supplier a royalty free, non-exclusive, revocable (in accordance with the terms of this Agreement) licence to use the Software in accordance with the rest of the provisions of Clause 3.

3.2 The Data Supplier shall only use the Software as follows:

3.2.1 the Software shall only be used for the purpose for which it was intended as specified in the Software Documentation;

3.2.2 the Data Supplier shall not (and shall not permit any third party) to copy, adapt, reverse engineer, decompile, disassemble, modify or adapt the Software in whole or in part except to the extent that the Data Supplier is permitted to do so by law for the purpose of integrating the operation of the Software with the operation of other software or systems used by the Data Supplier. The Data Supplier acknowledges that all rights in the Software as adapted or modified shall vest in the Company and the Data Supplier shall not use any information supplied to them or obtained in the course of any such modification or adaption to create any software which is substantially similar to the Software;

3.2.3 the Data Supplier shall not install, nor instruct any third party to install, the Software on any equipment other than designated equipment;

3.2.4 the Data Supplier shall notify the Company promptly if the Data Supplier becomes aware of any unauthorised use of the Software by any person; and

3.2.5 if the Company provides the Data Supplier with an update for the Software, the Data Supplier shall install such update within a reasonable timeframe following its receipt.

3.3 If the Data Supplier breaches any term in Clause 3.2, the licence granted in Clause 3.1 shall terminate and the Data Supplier shall, at the request of the Company, remove the Software from its computer systems.

3.4 Subject to Clause 3.3 the Company shall, at the request of the Data Supplier, remove any data from its systems collected by the Software within a reasonable timeframe and inform the Data Supplier that this has been deleted.

3.5 The Data Supplier shall provide all reasonable information, assistance and access to its systems on which the Software has been installed, to enable the Company to collect Data via the Software as envisaged by this Agreement.

3.6 Upon termination the Company shall, at the request of the Data Supplier, remove any data from its systems collected by the Software within a reasonable timeframe and inform the Data Supplier that this has been deleted.

4. DATA USE AND PROTECTION

4.1 The Data Supplier grants the Company the right to collect Data via the Software and to use and process the Data in the creation of Processed Client Data.

4.2 The Company may make the Processed Client Data available to Clients and/or the Data Supplier. All rights in the Processed Client Data shall vest in the Company. To the extent that any rights in the Processed Client Data are deemed to vest in the Data Supplier, the Data Supplier hereby assigns absolutely all such rights in and to the Processed Client Data to the Company.

4.3 The Company covenants that it shall maintain sufficient technical and organisational measures, in accordance with good industry practice, to ensure the security and integrity of its computer and other information systems to prevent the unauthorised disclosure, copying or use of the Data Supplier’s Information and any Personal Data contained within the Data.

4.4 The Client accepts that:

4.4.1 It is obliged to not make available any Satisfaction Survey Reports and Company Materials in whole or in part and in any form, whether for sale or otherwise, to any other person without prior written consent from the Company;

4.4.2 it shall use each Satisfaction Survey Reports and Company Materials solely for its internal business purposes and shall not, without the prior written consent of the Company, provide details of any Satisfaction Survey Reports or its findings to any third party.

4.4.3 the Company is entitled to cancel any services by giving notice of twenty (20) working days.

4.5 The Company warrants that:

4.5.1 it has full capacity and authority to enter into the Agreement and to produce and distribute the Satisfaction Survey Reports and Company Materials;

4.5.2 it will perform the Services with reasonable skill and care

4.6 The Company acknowledges that part of the Data delivered to the Company may be Personal Data for the purpose of the Act. The Company may use such Personal Data to create Processed Client Data, subject to the following:

4.6.1 where such Processed Client Data is being delivered to a third party Client, all Personal Data shall be anonymised so that no individual can be personally identified from the Processed Client Data, unless otherwise agreed in writing; and

4.6.2 where Processed Client Data is being delivered only to the Data Supplier, there shall be no obligation on the Company to anonymise Personal Data included in the Processed Client Data.

4.7 To the extent that the Data contains Personal Data, the Data Supplier shall be a “Data Controller” (as defined in the Act) for the purposes of such Personal Data and the Data Supplier warrants that it has complied with its obligations under the Act and any related legislation in so far as the same relates to the provisions and obligations of this Agreement. In particular the Data Supplier warrants that it has obtained all required third party consents for the processing of such Personal Data and all other Data by the Company for the purposes of providing the Processed Client Data.

4.8 The Company shall comply with the provisions of the Act and any related legislation in so far as the same relates to the provisions and obligations of this Agreement. The Company warrants that it shall act on the reasonable instructions of the Data Supplier from time to time in respect of any Personal Data supplied by the Data Supplier to the Company.

4.9 Each party (the “Indemnifying Party”) shall keep the other (the “Indemnified Party”) indemnified from and against all liabilities, claims, actions and proceedings, damages and loss suffered or incurred by the Indemnified Party arising out of any breach by the Indemnifying Party of the foregoing covenant.

4.10 The Company will inform the Data Supplier if for any reason the Company moves the Data to a different physical location by posting notice to that effect on the Company’s website at www.purpleseven.co.uk/servers

4.11 The Company shall not be responsible for any misuse of the Data or breach of the Act in relation to the Data other than as a result of a breach of the Company’s obligations under Clause 4.3.

4.12 The Company may take advantage of third party services for the purpose of enhancing the Data. When utilising any third party provider the Company will ensure that it does so under a contract with terms that reflect those set out in Clause 2.1 and 4.3. The Company may then include any enhancements generated by a third party in the creation of Processed Client Data.

5. DATA SUPPLIER WARRANTIES AND COVENANTS

5.1 The Data Supplier warrants and covenants that:

5.1.1 it is the owner or legal licensee of the Data and all intellectual property rights therein and has obtained all necessary consents and waivers from relevant third parties to enable it to grant the rights set out in Clause 4.1 to the Company;

5.1.2 the provision of the Data to the Company and the use of the Data by the Company in accordance with the terms of this Agreement will not breach the rights of any third party;

5.1.3 without prejudice to its confidentiality obligations pursuant to Clause 2, it shall not share any Processed Client Data received from the Company, whether free of charge or pursuant to a Statement of Work, without the written consent of the Company (which may be given in its sole discretion).

6. MISCELLANEOUS

6.1 This Agreement constitutes the entire Agreement between the Parties acting in relation to its subject matter and supersedes all previous communications, arrangements and representations, whether written or oral. The Data Supplier acknowledges that it places no reliance on any representation made but not embodied in this Agreement.

6.2 The Data Supplier shall not sub-license, assign or charge the rights contained in this Agreement in whole or in part.

6.3 The Data Supplier shall comply with all applicable laws, statutes and regulations relating to anti-bribery and anti-corruption, including without limitation the Bribery Act 2010.

6.4 Any notice required to be given under this Agreement or any communications between the Parties with respect to its subject matter shall be sent to the address for the receiving Party stated at the start of this Agreement or, if such address is no longer valid, the registered office of the receiving Party. Notices or communications shall be deemed to have been received by the receiving Party:

6.4.1 if delivered by hand, on the next working day following the date of delivery to the relevant address;

6.4.2 if delivered by post, on the date falling 2 working days from the date of posting;

6.4.3 if delivered by fax, on the next working day following receipt by the sending Party of a successful transmission report; and

6.4.4 if delivered by email, on the next working day following receipt by the sending Party of a successful delivery notification.

6.5 If any part of this Agreement is found by a court of competent jurisdiction to be invalid, unlawful or unenforceable, then such part will be severed from the remainder of the Agreement which will continue to be valid and enforceable to the fullest extent permitted by law.

6.6 A person who is not a party to this agreement shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement.

6.7 Nothing in this Agreement is intended or shall operate to create a partnership between the Parties, or to authorise either Party to act as agent for the other.

6.8 In the event that the Client wishes to participate in and receive the free version of the Satisfaction Survey Reports the Company will provide the relevant version of Did You Enjoy That at no charge to the customer.

6.9 All Satisfaction Survey responses are the Company’s Intellectual Property. To the extent that any rights in the Satisfaction Survey responses are deemed to vest in the Data Supplier, the Data Supplier hereby assigns absolutely all such rights in and to the Satisfaction Survey responses.

6.10 All Intellectual Property Rights in the Company Materials shall remain vested in the Company and the Client shall acquire no rights therein.

7. GOVERNING LAW & JURISDICTION

7.1 This Agreement shall be construed in accordance with and governed by the laws of England.

7.2 In the event that any dispute or difference between the Parties arising out of or in connection with this Agreement cannot be resolved between the Parties within a reasonable time, then both parties hereby agree to refer the dispute to, and follow the procedures of the CEDR, 70 Fleet Street, London, EC4Y 1EU. Unless agreed otherwise, the parties shall share equally the costs charged by the mediation service provider.

7.3 If any dispute between the Parties arising out of or in connection with an alleged breach of this Agreement cannot be resolved within 1 month of being submitted to mediation proceedings pursuant to Clause 7.2, then either Party may issue a claim in the courts of England to whose exclusive jurisdiction in relation to any such claims each Party hereby submits.