1.1 These Terms and Conditions shall apply to the purchase of the Booking detailed on the Invoice(s) and relevant proposal or membership pack provided to you (“Booking”) by you (“Client”) from SPM Group Ltd a limited company registered in England under number 10058348 whose registered office is at Lynton House, 7-12 Tavistock Square, London, WC1H 9BQ (“Organiser”) and to the payment of this invoice. No other terms and conditions shall apply to the sale of the Booking or to this invoice unless agreed upon in writing between the Client and Organiser.
2.1 A “Business Day” means any day other than a Saturday, Sunday or bank holiday.
2.2 The headings in these Terms and Conditions are for convenience only and shall not affect their interpretation.
2.3 Words imparting the singular number shall include the plural and vice-versa.
3.1 The description of the Booking is as set out in the Organiser’s invoice (“the Invoice”). In accepting this Invoice the Client has acknowledged that it does not rely on any other representations regarding the Booking save for those made in advance and in writing by the Organiser.
3.2 The Organiser reserves the right to make any changes in the specification of the Booking at any time and without prior notice to the Client which are required to conform to any applicable Government, safety or other statutory or regulatory requirements.
4.1 Subject to sub-Clause 4.2, the price (“Price”) of the Booking shall be that detailed in the Invoice accepted by the Client.
4.2 Any increase in the cost of the Booking to the Organiser due to any factor beyond the Organiser’s control including, but not limited to, material costs, labour costs, alteration of exchange rates or duties, or changes to delivery rates, shall be absorbed by the Organiser unless for additional work not outlines, and will be agreed in advance by the Organiser and Client.
- Basis of Sale
5.1 The Invoice constitutes written acceptance and confirmation by the Organiser of the Client’s order for the Booking.
5.2 The Invoice is a contractual offer to sell the Booking which the Client has accepted and is based on the relevant proposal or pack. The Organiser and the Client have entered into a contract for the sale of the Booking.
6.1 The Client shall pay the Price stated in the invoice within 30 days of the date of this invoice or otherwise in accordance with any credit terms agreed in advance in writing between the Organiser and the Client.
6.2 If the Client fails to make payment within the period in sub-Clause 6.1, the Organiser shall charge the Client interest at the rate of 8% per annum above the Bank of England base rate on the amount outstanding until payment is received in full.
6.3 All payments must be made in GBP Sterling unless otherwise agreed in advance in writing between the Organiser and the Client.
The Organiser will deliver the Booking to the Client as specified.
8.1 Booking may not be cancelled without the prior written agreement of the Organiser.
8.2 Should cancellation be agreed between the Client and the Organiser, cancellation fees will apply:
a) If cancelling within 14 days of the invoice issued, if no work has been carried out, the booking may be cancelled.
b) If work has been carried out, i.e. administrative, engagement in events, etc. the cancellation is after 14 days the membership has commenced, and the booking will need to be paid in full.
- Risk and Title
9.1 The Client’s right to a full refund of the Booking shall apply if:
(a) the Organiser commits a material breach of its obligations under these Terms and Conditions and fails to remedy the breach within 5 days of the Client’s prior written notice; the Client’s notice being a conditions precedent to the Client’s entitlement to rely on any material breach ;
(b) the Organiser is or becomes the subject of a winding up order or bankruptcy order or takes advantage of any other statutory provision for the relief of insolvent debtors;
(c) the Organiser enters into a voluntary arrangement under Part 1 of the Insolvency Act 1986, or any other scheme or arrangement is made with its creditors; or
(d) the Organiser convenes any meeting of its creditors, enters into voluntary or compulsory liquidation, has a receiver, manager, administrator or administrative receiver appointed in respect of its assets or undertakings or any part thereof, any documents are filed with the court for the appointment of an administrator in respect of the Organiser, notice of intention to appoint an administrator is given by the Organiser or any of its directors or by a qualifying floating charge holder (as defined in para. 14 of Schedule B1 of the Insolvency Act 1986), a resolution is passed or petition presented to any court for the winding up of the Organiser or for the granting of an administration order in respect of the Organiser, or any proceedings are commenced relating to the insolvency or possible insolvency of the Organiser.
- Rights, Warranties and Liability
10.1 Subject to these Terms and Conditions all warranties, conditions or other terms implied by statute or common law (save for those implied by Section 12 of the Sale of Booking Act 1979) are excluded to the fullest extent permitted by law.
10.2 The Organiser shall not be liable for any loss or damages of any nature, direct or indirect, including any loss of profits or consequential damages suffered or incurred by the Client for whatever reason.
10.3 The exclusions of liability contained within this Clause 10 shall not exclude or limit the liability of the Organiser:
(a) for death or personal injury caused by the Organiser’s negligence;
(b) for any matter for which it would be illegal for the Organiser to exclude or limit its liability; and
(c) for fraud or fraudulent misrepresentation.
- Data Protection
11.1 All personal information and data that the Organiser holds or has used or may use has been or will be collected, processed, and held in accordance with the provisions of EU Regulation 2016/679 General Data Protection Regulation (“GDPR”) and the Client’s rights under the GDPR.
11.2 For complete details of the Organiser’s collection, processing, storage, and retention of personal data including, but not limited to, the purpose(s) for which personal data is used, the legal basis or bases for using it, details of the Client’s rights and how to exercise them, and personal data sharing (where applicable), please refer to the Organiser’s Privacy Notice
12.1 All notices under these Terms and Conditions shall be in writing and signed by, or on behalf of, the party giving notice (or a duly authorised officer of that party).
12.2 Notices shall be deemed to have been duly given:
(a) when delivered, if delivered by courier or other messenger (including registered mail) during the normal Business Hours of the recipient;
(b) when sent, (or the next day, if sent after 5pm) if transmitted by fax or email and a successful transmission report or return receipt is generated;
(c) on the fifth business day following mailing, if mailed by national ordinary mail; or
(d) on the tenth business day following mailing, if mailed by airmail.
12.3 All notices under these Terms and Conditions shall be addressed to the most recent address, email address or fax number notified to the other party.
- Force Majeure
Neither party shall be liable for any failure or delay in performing their obligations where such failure or delay results from any cause that is beyond the reasonable control of that party. Such causes include, but are not limited to: power failure, Internet Service Provider failure, industrial action, civil unrest, fire, flood, storms, earthquakes, acts of terrorism, acts of war, pandemic, (including Coronavirus), epidemic, or disease, governmental action (including but not limited to a local lockdown) or any other event that is beyond the control of the party in question.
- No Waiver
No waiver by the Organiser of any breach of these Terms and Conditions by the Client shall be considered as a waiver of any subsequent breach of the same or any other provision.
In the event that one or more of these Terms and Conditions is found to be unlawful, invalid or otherwise unenforceable, that / those provision(s) shall be deemed severed from the remainder of these Terms and Conditions (which shall remain valid and enforceable).
- Law and Jurisdiction
16.1 These Terms and Conditions shall be governed by, and construed in accordance with, the laws of England and Wales.
16.2 Any dispute, proceedings or claim between the Organiser and the Client relating to these Terms and Conditions shall fall within the jurisdiction of the courts of England and Wales.
If you have any further questions please contact firstname.lastname@example.org.
● Data Controller: Investing in Ethnicity
● We will only collect personal information that you have voluntarily decided to provide to us
● Depending on how you choose to interact with us, we may collect your name, email, phone number, IP address or any other contact details or content which you have provided to us. These details will not be used by our organisation (SPM Group Ltd) and team
● Information provided to us by yourselves for the Maturity Matrix, will be used to provide you with reports; to analyse and report back anonymously on trends (no data will be externally used in conjunction with the company that has submitted it without prior agreement)
● We will always ask you before processing your data in any other ways
● We will use an anonymised version of your personal data, from which you cannot be identified, to prepare statistics and reports.
● We will never sell, rent or give away your data to other third parties
● We will only keep your information for as long as needed to answer your query or as required by applicable legislation or regulations
● We will use appropriate technical and organisational measures to ensure the safety, security and accuracy of your personal data
2. Data Protection Framework
Investing in Ethnicity is a trading name of SPM Group Ltd is based within the United Kingdom and is registered with the Information Commissioner’s Office (ICO) as a Data Controller under the UK Data Protection Act of 1998 (registration number ZA798931).
3. What is the Purpose of this Service?
The purpose of this Service is to progress the Ethnicity agenda within organisation, by collaboration, using insights and sharing best practice with organisations.
Services of the Investing in Ethnicity App
Investing in Ethnicity (run by SPM Group Ltd) but created for, contributed to and curated by community members. The Community is accessible via web (via www.investinginethnicity.com/membership) or mobile (iOS and Android). Content will include livestreams, articles and posts from those associated, nominated and winners from the Investing in Ethnicity.
4. Where do we collect personal data about you from?
We may collect personal data about you from the following sources:
● Directly from you. This is information you have voluntarily provided whilst entering your personal details on the Service.
We do not collect personal data about you from:
● From an agent/third party acting on your behalf.
5. What Information Do We Collect and Why?
We will only ever collect the information we need to enable us to undertake the specific information processing activities noted later in this section. We collect and process two distinct kinds of information:
● company information such as the pages you have accessed, helping Us to determine how many people use Our Service, how many people visit on a regular basis, and how popular each of Our pages are. This information doesn’t tell Us anything about who you are or where you live. It simply allows Us to monitor and improve Our service.
● personal information such as your IP address, email address, username, password, approximate location and any optional information you may choose to provide to Us as part of your experience within the Service (e.g. text, photograph, meme). Should you decide to register we ask for the following information:
● Email address – we use this to send you a welcome email, and any service related communications such as resetting your password or verifying your email address. We will not send you any marketing or third-party messages unless you have explicitly provided your consent for Us to do so.
● Your name/username – we ask for a username so that if you make any posts or comments that these are attributable to you. Other users will also be able to search for you by name, and it will be shown on your public profile page. You do not need to use your real name, though we generally encourage it.
● A photo – this is optional, but if you add one this will be shown next to any posts and comments you make, as well as on your public profile page.
● A password – we store this in a secure one-way encrypted system. If you forget your password, you may request that it be reset, and we will send an email to you with instructions on how to do so. You may also send friend requests to other users and, should they accept, you will have the ability to send one-to-one and group messages to them. These messages are completely private between you and any other recipients and are not monitored. As you use the Community, we will keep track of what sections you have visited, so that We can highlight sections or content to you that you may have missed. We also use this data in an aggregated form to understand how popular the Community and its different sections are so that We can improve the service. This data is never shared with anyone and is only used for Our internal purposes. We record the last IP address you accessed the service from so that We can protect the service from malicious access. As part of this We may look up the approximate location of the IP address such as country and city. Your decision to disclose your personal information to Us is entirely voluntary. If you do not provide the personal data necessary, or withdraw your consent for the processing of your personal data, you may not be able to access or use the Community. We will only retain your personal information for as long as you are a registered user of the Community. We comply with all legislative and regulatory information retention requirements and will securely and permanently delete your personal information when there is (a) no justification for its further retention, or (b) you have asked Us to delete it. We will not use your personal information for any other purposes. We will not share your personal information with any other organisation, other than the declared Data Processors recorded in Section 11.
6. What legal basis do we have for using your data?
The legal basis we have for processing your data is based around the consent you have voluntarily provided us.
7. Sensitive Data
GDPR Article 9 specifies a set of special categories which are considered to be “sensitive personal data” (e.g. racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership) and which require special consideration by Data Controllers. This Service does not knowingly collect or process any sensitive personal information unless you have chosen to voluntarily disclose and share such information during your use of the Service (e.g. post in the Community).
8. Additional data
Apart from contact data collect, we will collect data in line with research and to provide members with an internal report. This data is also used to help us provide further research to organisations regarding trends and best practice to help the ethnicity agenda. All information provided by your organisation will always be used anonymously. We will never use any information you have provided to any third-parties without your prior consent.
9. User Data Rights
As prescribed within the EU General Data Protection Regulation, you have several rights connected to the provision of your personal information to Us from using the Service.
2. The right of access You have the right to obtain access to your personal information (if We’re processing it), and certain other information such as the reasons why we are processing or storing it. This is so you’re aware and can check that We’re using your personal information in accordance with data protection legislation and your agreement.
3. The right to rectification You are entitled to request that your personal information is promptly corrected if it’s identified as being inaccurate or incomplete.
4. The right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information under certain circumstances where there’s no compelling reason for Us to keep using it. This is not a general right to erasure; there are exceptions.
5. The right to restrict processing You have rights to ‘block’ or suppress further use of your personal information. When processing is restricted We can still store your information but may not be able to process it further. We maintain lists of people who have asked for further use of their personal information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between Our IT systems and theirs safely and securely, without affecting its usability.
7. The right to object to processing You have the right to object to certain types of personal data processing, including processing for direct marketing activities.
8. The right to lodge a complaint You have the right to lodge a complaint about the way We have handled or processed your personal data with your national data protection regulator (the Information Commissioner’s Office within the UK)
9. The right to withdraw consent If you have given your consent to anything We do with your personal data, you have the right to vary or withdraw your consent at any time (although if you do so, it does not mean that anything We have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw your consent to Us using your personal data for marketing purposes. We usually act on validated requests and provide the requested information or activity free of charge, but by law we are allowed to charge a reasonable fee to cover Our administrative costs of providing the information for:
● baseless or excessive/repeated requests, or
● further copies of the same information. Alternatively, there are reasons why We may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as We can. Generally, this will be within one month from when We receive your validated request but, if the request is going to take longer to deal with, We will let you know. To contact Us please see Section 16 below. If We do not address your request or fail to provide you with a valid reason why We are unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website (www.ico.org.uk) or by telephone 0303 123 1113.
10. Personal Data Breach Reporting
You have the right to be promptly informed by Us of any personal data loss, theft or compromise arising directly or indirectly from the Service, and any supporting systems or declared Data Processors (see Section 11) involved with delivering, supporting, maintaining, monitoring or improving the Service. Similarly, We are required to notify the Information Commissioner’s Office promptly, as the supervisory authority for the United Kingdom. As a user of the Service, you have a responsibility to safeguard and manage your Service login credentials securely. This requires you to ensure that they are changed frequently, of sufficient strength and complexity, different from any other passwords you may use, and not recorded in a format which could be accessed or guessed by others. If you suspect that your credentials have been compromised, you should notify Us immediately (see Section 16 below). We will not be liable for any personal information loss, theft or compromise where this can be attributed to your failure to secure your Service login credentials.
11. Declaration of Personal Data Sub-Processors
To make an informed decision on whether to provide your personal data to Us when using this Service, we need to make you aware of the organisations that act as Data Sub-Processors for Us, helping in the provision of the Service and its functionality.
These partners are as follows:
● Disciple Media: [App users only] provider of the Service technology platform, based in the United Kingdom. Disciple is registered with the Information Commissioner’s Office within the UK under the Data Protection Act 1998, registration number ZA147341.
● MailChimp: Used to send Administration of Service emails such as Email Verification, Password reset and Welcome email; and other potential marketing messages where you have given your explicit consent for Us to do so. Based in the United States. MailChimp complies with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
● WordPress [and authorised plug-ins]: Used to host website, supply cookies. Site privacy and GDPR
● Google Analytics: Used to provide analytics to understand how the Service is used and help provide actionable insights for improvements. Google, including Google Inc. and its wholly-owned US subsidiaries, comply with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
● Google G Suite: Used as email system, so any emails you send to support will be handled by G Suite. Google, including Google Inc. and its wholly-owned US subsidiaries, comply with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
● Crashlytics (Part of Google): Used to provide actionable insights and analytics on crash reporting. Part of Fabric, acquired by Google’s Developer Products Group. Crashlytics complies with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
● Amazon Web Services: Hosting services. AWS complies with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
● Heroku (Subsidiary of Salesforce): Hosting services. Heroku complies with the EU-US Privacy Shield Framework, as set forth by the US Department of Commerce, covering the collection, use and retention of personal data transferred from the European Union to the United States.
12. International Transfers of Data
As We have described above, to be able to provide you with the Services We may transfer your personal data to partners in countries outside the EEA (such as the United States). These countries’ privacy laws may be different from those in your home country. Should We transfer data to a country which has not been deemed to provide adequate data protection standards, we always have security measures and approved model clauses in place to protect your personal data. By voluntarily submitting your personal data to us you consent to these international transfer. If you later wish to withdraw your consent, please contact the Data Controller using the details in Section 16.
14. External Links
The Service includes relevant hyperlinks (posted by us) to external websites and resources which are not directly controlled by Us. Whilst all reasonable care has been exercised in selecting and providing such links, you are advised to exercise caution before clicking any external links. We cannot guarantee the ongoing suitability of external links, nor do we continually verify the safety or security of the contents which may be provided to you. You are advised, therefore, that your use of external links is at your own risk and We cannot be responsible for any damages or consequences caused by your use of them.
16. Contacting the Data Controller
Investing in Ethnicity