Terms of Business
- Scope. These terms of business apply to and are, by reference, included within and as part of all contracts (the Agreement or Contract) entered into by the TConsult Ltd (the Company) with third parties (Clients) for the provision of consulting services or compliance related work products (the Services).
- Agreement to Terms. Both parties agree to be bound by these terms of business in addition to any terms defined in the Contract. No variation of these terms shall be valid unless agreed in writing by the parties.
- Fees [4-9]
- Rates. Where fees are expressed in the Contract as hourly rates, the minimum allocable time unit to any request for opinion is 30 minutes. Time allocated to requests covers receipt, review, interpretation, research (if any), formation of opinion, peer review (if required) and delivery thereof. Requests for clarification of opinions already provided shall be treated, for time allocation purposes, as separate requests.
- Payment. The Company will receive payment from the Client in accordance with the terms set out in the Contract.
- Currency. Payment must be made in UK pounds sterling against correctly submitted invoices within 15 calendar days of the invoice date.
- Late Payments will be subject to late payment penalties at the rate of £75 per day.
- Fee Changes. The Company reserves the right to amend fees subject to 90 days’ notice.
- VAT. All amounts quoted are exclusive of value added tax where applicable.
- Standards of Behaviour [11-24]
- Exercise of Due Diligence. For the duration of the Contract, the Company will exercise reasonable due diligence in the performance of the Services for the Client.
- Freedom of Contracting. Provided that the Company provides the Services in accordance with the Contract, the Company shall be free to enter contracts with other parties before, during and after the termination of the Contract.
- Health and Safety. The Company shall comply with and shall ensure that it will comply with Client’s rules on health, safety, security and confidentiality to the extent that such have been explicitly communicated to the Company.
- Unsuitability. The Company shall notify the Client in writing if it considers a request for services to be unsuited to the skills experience and expertise of the Company.
- Unfair Contract Terms Act. To the extent that any clause of these terms of business or the Contract breaches the Unfair Contract Terms Act 1977 (the Act), such clause will be deleted and replaced with a suitable clause that does not breach the terms of the Act.
- Enforceability. The illegality, invalidity or unenforceability of any clause or part of the Contract will not affect the legality, validity or enforceability of the remainder. If any such clause or part is found by any competent court or authority to be illegal, invalid or unenforceable, the parties agree that they will substitute provisions in a form as similar to the offending provisions as is possible without rendering them illegal, invalid or unenforceable.
- Non-Disclosure. The Company shall not, during the term of the Contract, or at any time after the termination of the Contract, disclose to any person or company or use other than for the purposes of the Contract, any information of a confidential nature including but not limited to designs, negatives, engineering drawings or data, information, specifications, processes, procedures, technical, business or similar information or any other trade secret of whatsoever nature belonging to or relating to the Client or its business or services (‘Confidential Information’) being supplied to the Client provided always that this restriction shall not apply to any information which at the time of disclosure is in the public domain or which becomes public after disclosure otherwise than through the actions of the Company and which the Company can show by satisfactory evidence to have been in its possession prior to disclosure hereunder;
- Return of Confidential Information. Upon termination of the Contract, the Company shall deliver to the Client all Confidential Information. The Company may retain copies of such information to the extent required under English law.
- Data Protection Registration. The Company is registered with the Office of the Information Commissioner (‘ICO’) for the purpose of data protection (Registration Number: ZA119747).
- DAC6. The Client acknowledges that the Company may have to make DAC6 disclosures to competent authorities under certain circumstances pursuant to conditions set forth in Hallmarks D1 and D2 of the sixth Directive on the Administrative Cooperation.
- DORA. The Company may make certain systems available to the Client including but not limited to the Tax Compliance Toolkit (TCT) and the Investor Self-Declaration (ISD) systems. The Company warrants that it meets the sector specific requirements of the EU Digital Operational Resilience Act (DORA) as laid down in these Terms of Business.
- Suspension of Service. The Company reserves the right to not perform the Services to the extent that any sum due under a Contract has not been paid by its due date and to re-commence delivering the Services once payment has been received. Application of this term shall not constitute a breach of the Contract.
- Intellectual Property Rights. The Company acknowledges that all intellectual property rights including but not limited to copyright, trademarks and patents created by the Company during the Term of the Contract and relating to the Client’s principal business, shall belong solely to the Client and the Company shall do all that is necessary to vest such rights in the Client. Any costs associated with vesting such rights in the Client shall be borne by the Client.
- No Employment. The parties acknowledge that neither the Company nor the Company’s employees are employees of the Client.
- Liability [26]
- Liability. The Company’s liability for death or injury is not limited.
- Authority to Act. [28-29]
- General authority. In circumstances where the Client requires the Company to act on the Client’s behalf, the Client will provide an executed Limited Power of Attorney (PoA) or a Letter of Authority (LoA) as necessary for the Company to provide the Services.
- Authorised Agent. Where the Company offers and the Client accepts the Services that include TIN checking with the US Internal Revenue Service (IRS) via the IRS’s Application Programming Interface (API), the Client appoints the Company as its authorised agent for the limited purpose of providing this functionality to the Client and will provide a signed form 2848.
- Reliance. The Company is entitled to rely on data provided by the Client to perform its services and presume that such data is reliable, in the correct language, complete and accurate on receipt. Notwithstanding the foregoing, the Company will have no liability whatsoever, inter alia, in relation to fines, penalties, interest or other costs associated with reliability, accurateness or completeness of data or other statements made by the Client, whether to the Company or any third party, that affect, or are affected by the delivery of the Services.
- Time of the Essence. Where time is of the essence in the delivery of its Services, the Company will not be liable for delay or failure to deliver the Services where such failure or delay was caused in whole or part by the failure of Client to meet deadlines or obligations made known to it.
- Not a Regulated Business. Other than for the purposes of data protection and DORA, the Company is not a regulated business and does not provide services that would require it to be regulated. The Company reserves the right to not perform any services which would require it to be regulated. If such services are requested, the Company may offer alternative services, to the extent possible, under which it would facilitate Client’s need.
- Disbursements. Amounts paid by the company to third parties to facilitate the delivery of the Services will be reimbursed by the Client on presentation of receipts and an invoice covering the disbursement. Disbursements include but are not limited to the provision of certificates of residency by HMRC with or without an apostille and postage to the Client.
- Data Retention. For the purposes of data retention, subject to clause 53, the Company reserves the right, but not the obligation, to retain information about the Client and Services delivered for a period of up to 10 years to facilitate the Client’s responses to queries from regulators.
- No Advice. The Company does not provide or offer tax, legal or investment advice. While the Company may provide non-legally binding opinion or guidance on industry matters and operational procedures based on their knowledge of regulatory frameworks and other general practices, these are not intended to, and within the context of any Contract, shall not be construed by the Client to be legally binding advice of any kind. The Client acknowledges that the Services described in the Contract, and any other subsequent Services delivered under the Contract, are based on materials and regulations that may change rapidly over time, that the Company may not be provided with all relevant facts relating to any opinion, and therefore may not be current, accurate or correct, but that the Company will make reasonable efforts to ensure that such work products are current, accurate and correct at the time they are delivered to the Client. The Company accepts no liability in reference to the matters described herein.
- Guidance and Opinion. The phrase “guidance and opinion” means a response to a request from the Client or a proactive statement, documentation or other communication initiated by the Company to the Client, that provides the Client with knowledge and/or understanding relating to any given compliance obligation or commercial objective. For the avoidance of doubt, guidance and opinion does not include the implementation by the Company of any matter that is a commercial or regulatory obligation of Client.
- GDPR. [38]
- Commitment. The Company warrants that it meets and will continue to meet the requirements of UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR) with respect to all data received, held and processed on the Company’s systems including but not limited to policies, procedures and controls to ensure (i) secure storage, (ii) processing of data solely for the purpose it was collected, (iii) deletion of data and (iv) responses to enquiries.
- Personally Identifiable Information. [40-47]
- Status as Data Importer. With reference to Personally Identifiable Information (PII) the Company is a data importer and data processor, and the Client is a data controller and data exporter. If the Client transmits PII to the Company for any reason, the Company is entitled to the presumption that the Client has met its obligations under data protection regulations to which it is subject, including but not limited to obtaining the explicit consent of data subjects to the transfer of PII to the Company. The Client will indemnify and hold the Company harmless from any action resulting from the Client’s breach of its data protection regulations.
- Data. Personally Identifiable Information (PII) that may be stored may include, but not be limited to information about (i) the Client’s employees including name, business email address and/or telephone number together with records of communications between the Company and these employees, (ii) information about the Client’s customers including but not limited to name, addresses, date of birth, tax identification number, tax status, tax residency, domicile and information about investment income and (iv) commercially sensitive information about the Client, the Client’s customers and their customers including but not limited to the foregoing, and also status with respect to compliance to various international regulations, statutes and legislation.
- Transmission. The Company operates secure servers located within the United Kingdom to which personal or commercially sensitive data may be uploaded by suitably authorised personnel of Client. If the Client or any of the Client’s personnel transmit personal or commercially sensitive data to the Company by any other means, irrespective of whether such data was protected and/or encrypted when sent, the Company will protect such data as if it had been deposited directly to the Company’s servers. However, the Company will not be liable for any data breaches except to the extent that the data breach can be attributed wholly and exclusively to the Company’s gross negligence, wilful misconduct or failure to meet its obligations under GDPR after the receipt of the data.
- Storage. Personal or commercially sensitive data will be stored on computer servers and in filing systems controlled by the Company, located within the United Kingdom and to which access is limited to those employees of the Company that have legitimate reason to access such data for the purpose of meeting the obligations of this Agreement plus those employees of Client that Client specifically authorises. The Company operates its own servers and backup servers protected by firewalls, anti-virus software and other security countermeasures. The Company maintains regular reviews of security and Client warrants that it will inform the Company of any change required to personnel authorised to access personal data on the Company’s systems within one business day. The Company will not be responsible or liable for any data breach caused by access to Client’s personal or commercially sensitive data by Client’s employees.
- Purpose. Personal data will be processed strictly and only for the purpose of meeting the obligations of the Contract.
- Explicit Consent Given. Client gives explicit consent to the transfer of personally identifiable information to the Company, where such data is required for the performance of the Contract. Where the Client is transferring personally identifiable information of its customers, prospective customers, suppliers or other counterparties (collectively ‘third parties’), the Client warrants that it has the explicit consent of those third parties to the transfer of their personally identifiable data.
- Withdrawal of Explicit Consent. The Client may withdraw its consent at any time by sending an email to [email protected]. Such withdrawal, if it affects the Company’s ability to perform its obligations under an Agreement, will not be deemed a termination event of the Agreement.
- Data Deletion. Unless the Client specifies otherwise, personal or commercially sensitive data will be deleted within one calendar month of the completion of the purpose for which the data was solicited, stored and processed except to the extent that such data is required to be retained beyond this time by the Company under any other applicable legislation or is requested to do so by the Client (‘Extended Retention Period’). To the extent that data is retained in an Extended Retention Period, personal data will be deleted within one calendar month of the end of the Extended Termination Period.
- DAC6 Disclosures. [49]
- Reportable Arrangements. The Client acknowledges that, in the performance of the Services, if the Client discloses to the Company information or materials that relate to specified cross border arrangements falling within the definition of Hallmarks D1 or D2 under European Council Directive (EU) 2018/822 of 25 May 2018 amending Directive 2011/16/EU (‘DAC6’) (‘Reportable Arrangement’), the Company may be obligated to report such information to a competent authority without informing the Client of such disclosure. The Client acknowledges that, to the extent that this clause applies, such information is excluded from the definition of Confidential Information and the Client holds and will hold the Company harmless and without liability in all respects.
- Digital Operational Resilience (DORA) [51-63]
- Not a financial Institution. The Company warrants that, while it is not a financial institution and not directly subject to it, it meets the requirements of the Digital Operational Resilience Act (Regulation (EU) 2022/2554), as noted in these terms of business, with respect to systems made available to the Client and the Client’s customers (collectively Client Facing Systems) including but not limited to the Tax Compliance Toolkit (TCT) and the Investor Self-Declaration (ISD) systems.
- ICT Third Party Provider. Under Chapter I, Article 2 1(u) and Article 3(19) of DORA the Company considers it is an ICT third party provider established in a third country, to the limited extent that the Client uses the Company’s Client Facing Systems to partly facilitate its compliance to cross-border withholding tax regulations.
- ICT Services. Under Chapter I, Article 3(16) of DORA the Company considers that TCT and ISD are systems that deliver ICT services.
- No Concentration Risk. The Client acknowledges that the Company does not represent or is a part of any ICT concentration risk for the Client as defined in Article 3(21).
- Responsible Officer. Pursuant to Chapter II Section I Article 4(3), the Client shall appoint a member of its management body or designated member of senior management to oversee the risk exposure posed by the Client Facing Systems.
- Documentation. Pursuant to Chapter II Section II Article 6 (5), on request, the Company shall provide adequate documentation and information to allow the Client to identify all processes that are dependent on the ICT services.
- Business Continuity. Pursuant to Chapter II Section II Article10(4), the Company will cooperate with the Client, at the Client’s expense, to test its ICT business continuity plans.
- Secondary Processing. Pursuant to Chapter II Section II Article 11(5), the Company warrants that it maintains at least one secondary processing site endowed with resources, capabilities, functionalities and staffing arrangements sufficient and appropriate to ensure the Client’s business needs from the ICT systems.
- Incident Management. Pursuant to Chapter III Articles 1 and 2, the Company warrants that it has an ICT-related incident management process to detect, classify, manage and notify the Client of any ICT related incidents to ensure that root causes are identified and eradicated to prevent re-occurrence.
- Non-Criticality. For the purposes of Chapter IV Article 21(6) of DORA, TCT and ISD systems are not considered critical.
- Management of Third-Party Risk. For the purpose of Chapter V of DORA, and in particular with respect to Chapter V Section I Article 25(5), the Client by signing this agreement, acknowledges that it has met its obligations with respect to management of ICT third party risk and the Company warrants that it will cooperate with the Client in the application of the general and specific principles identified in the Chapter including but not limited to audits and inspections.
- Alternative Consulting Services. If a Contract is terminated by the Client, the Company may meet its obligations under Chapter V Section I Article 25(9(b)) by means of consulting services separately contracted that do not include the use of the Company’s proprietary systems
- Non-Critical Party. Pursuant to Chapter V Section II Article 28 of DORA, the Client acknowledges that the Company is not designated as a critical ICT third party services provider and that Articles 28 to 39 of Chapter V Section II interpreted inclusively, do not apply.
- Reimbursement of expenses. [65-70].
- Where performance requires the presence of consultants at offices other than the offices of the Company, the Client will be liable for and pay travel, accommodation and subsistence expenses as detailed. The Company will obtain the Client’s prior approval for, book and pay for, reasonable travel and accommodation. The Client agrees to reimburse the Company.
- Travel. The Company is not subject to travel policies operated by the Client. The Company will book flights of under four hours in economy class and flights of four hours duration or over at the lower of premium economy or business class, dependent on availability.
- Hotels. The Company will book hotels at four or five-star level e.g., Hilton
- Subsistence. The Company will add subsistence of £75 per day to invoices.
- Renewal [70]
- Automatic Renewal. Retainer contracts including a natural expiry date will automatically renew for further periods of the same term unless the Client notifies the Company of its intention to allow the natural expiry the contract no later than one month prior to the natural expiry date.
- Miscellaneous [72-76]
- Failure of Client to Meet Obligations. The Company may terminate the Contract immediately if any sum due hereunder remains unpaid for more than 30 days or if the Client fails to meet any obligation imposed on it by a contract and does not correct such failure within 30 days of being notified of the failure by the Company.
- Changing Work Products and Retainer Types. The Client may, in its discretion, add or subtract Work Products by giving 30 days’ notice to the Company. The Company will advise of any early termination fees or additional fees that may apply and agree a migration plan with the Client. If the Client wishes to transfer Services to another type of contract offered by the Company, the Company will agree terms and issue a new contract to the Client and terminate the current contract by mutual consent.
- Jurisdiction. The formation, interpretation and operation of all Contracts and these Terms of Business will be subject to English law and the Company and Client submit themselves to the exclusive jurisdiction of the English Courts
- Conflict of terms. Where the terms of a Contract conflict with these Terms of Business, these Terms of Business shall take precedent.
- Updates. The Company, in its discretion, may make changes to these terms of business and will advise the Client by email within 30 days of such change.
- Contact information: for legal and contractual matters: [email protected]. For data privacy matters: [email protected]. For general information: [email protected] Telephone +44 (0) 1252413551.
LAST UPDATED: 14th November 2024