Terms and Conditions

Introduction
1. The definitions set out within clause 2 apply to this introduction. The Agreement is made between Vault and the Customer. Vault is a skilled and experienced provider of the Services. The Customer wishes to engage Vault to process the Personal Data as part of the Services and, where Consent is given, to share the Protected Data with third persons. Vault is willing to provide the Services to the Customer and, where Consent is given, to share the Protected Data with third persons on the terms and conditions of the Agreement.

Interpretation

In the Agreement, except where the context otherwise requires, the words and expressions set out below will have the following meanings:

2018 Act	the Data Protection Act 2018;
Account	an account with Vault, created by the downloading of the App by the Customer for:a)the Services; and b)where Consent is given, the sharing of the Protected Data with third persons;
Agreement	the terms and conditions of this agreement, from time to time in force;
Anonymisation	the processing by Vault of the Personal Data in such a manner the Personal Data can no longer be attributed to the Customer without the use of additional information, provided such additional information is kept separately and is subject to technical and organisational measures to ensure the Personal Data are not attributed to the Customer;
Anonymised Data	the Personal Data having undergone Anonymisation;
App	the Personal Data computing application known as Vault owned and operated by Vault;
Appropriate Safeguards	such legally enforceable mechanisms for the transfer of Personal Data, as may be permitted under the Data Protection Laws from time to time;
Applicable Laws	a)the laws of the United Kingdom or of a part of the United Kingdom including any law, legislation, regulation, byelaw, or subordinate legislation in force from time to time to which a party is subject and/or in any jurisdiction that the Services are provided to or in respect of;b)the common law and laws of equity as applicable to the parties from time to time; c)any binding court order, judgment, or decree; d)any applicable guidance, guidelines, or codes of practice issued by any relevant Data Protection Supervisory Authority, in each case whether or not legally binding; e)any applicable industry code, policy, or standard, in each case whether or not legally binding; and f)any applicable direction, policy, rule, or order that is binding upon a party and that is made or given by any regulatory body having jurisdiction over a party or any of that party’s assets, resources, or business;
Background Intellectual Property	Intellectual Property, belonging to a party, which:a)exists at the Commencement Date; or b)arises after the Commencement Date but not pursuant to the Agreement;
Business Day	a day, other than a Saturday, Sunday, or public holiday, when banks are open for business in London;
Cause Event	an act, omission, or cause committed by Vault giving rise or not giving rise to liability in accordance with clause 13, including but not limited to:a)breach of the Agreement or contract; b)breach of confidentiality; c)breach of the Data Protection Laws; d)misrepresentation or misstatement (or both); e)infringement of Intellectual Property; f)negligence; and/or g)any other act, omission, or cause, in each and every case arising directly from the Agreement;
CEDR	the Centre for Effective Dispute Resolution;
Commencement Date	the date upon which the Customer created the Account and the Agreement came into full force and effect;
Confidential Information	a)the Protected Data;b)in respect of Information provided in documentary form or by way of a model or in other tangible form, any Information which, at the time of its provision, is marked ‘confidential’ or with wording of a similar meaning, or otherwise designated to show, either expressly or by necessary implication, that it is imparted in confidence; c)in respect of Information that is imparted orally, any Information that the disclosing party, or its representatives, informs the receiving party or its representatives, at the time of its provision, is either expressly or by necessary implication imparted in confidence; d)in respect of Information that is imparted orally, any note or record of its disclosure; e)Information that is reasonably identifiable from the context of its disclosure, availability and/or nature as being confidential, including but not limited to Information that any reasonable person skilled in the Data Protection Laws would consider to be confidential; f)any copy of the foregoing; and g)the terms and conditions of the Agreement;
Consent	any freely given, specific, informed, and unambiguous indication of the Customer’s wishes by which the Customer, by a statement or by a clear affirmative action, signifies agreement to the Processing of the Personal Data relating to the Customer;
Controller	the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of the Personal Data;
Customer	the person responsible for:a)the downloading of the App to a mobile device or computer system; and b)the creating of the Account;
Data Protection Laws	a)the 2018 Act; andb)the UK GDPR;
Data Protection Supervisory Authority	any local, national, or multinational agency, department, official, parliament, public or statutory person or any government or professional body, regulatory or supervisory authority, board or other body responsible for administering the Data Protection Laws;
Dispute or Difference	a dispute or difference of opinion between the parties:a)arising directly from the Agreement; or b)any matter that threatens to disrupt the progress of or performance under the Agreement;
Foreground Intellectual Property	Intellectual Property arising from and as a result of the efforts of Vault in providing the Services;
Information	any commercial, business, economic, health, technical, or other information of a party, of whatever nature, in the control of the disclosing party, which is directly disclosed or made available by or on behalf of the disclosing party to the receiving party, whether orally or in documentary form;
Intellectual Property	any:a)patents, inventions and rights to inventions (patentable or non-patentable), novel and inventive steps, utility models or other incremental inventions (commonly termed petty patents, innovation patents, minor patents or small patents), including all substitutions, extensions, reissues, renewals, divisions, continuations, continuations-in-part and foreign counterparts, supplementary protection certificates, patent term restorations or similar instruments; b)forms of copyright and related rights, including rights in computer software, topographies and rights in topography, configuration and layout, data and/or database rights; c)service marks, trade marks, characteristics, symbols, brands and branding, trade names, trade dress, rights in get-up, rights in goodwill or to sue for passing off and/or domain names; d)designs, according to the Copyright, Designs and Patents Act 1988 (as amended by the Intellectual Property Act 2014) or the Registered Designs Act 1949 (or both), design patents and/or similar protection for the physical manifestation of any shape or configuration (whether internal or external) of the whole or part of an article; or e)any other intellectual property or rights in any of the above items, in every case, whether registered or unregistered, including all applications or rights to apply for such items and all similar or equivalent rights or forms of protection, which may now or in the future subsist in any part of the world;
Personal Data	any information relating to the Customer, by which information the Customer can be identified directly in particular by reference to an identifier, including but not limited to a name, an identification number, geolocation data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the Customer;
Personal Data Breach	any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to any of the Personal Data;
Processing	any operation or set of operations which is performed on the Personal Data or on sets of the Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction, or where applicable Anonymisation;
Processing Instruction	unless required to do otherwise by Applicable Laws, a written instruction of the Customer to process the Personal Data;
Processor	the natural or legal person, public authority, agency, or other body which processes the Personal Data on behalf of a Controller;
Profiling	any form of automated processing of any of the Protected Data consisting of the use of the Protected Data to evaluate certain personal aspects relating to the Customer, in particular to analyse or predict aspects concerning the Customer’s online and social behaviour, performance at work, economic situation, spending habits, personal preferences, interests, reliability, behaviour, geolocation, or movements;
Protected Data	subject to clause 4.3:a)the Personal Data received from or on behalf of the Customer; or b)Information otherwise obtained, created, generated, or compiled by Vault, (or both), in each case in connection with the performance of Vault’s obligations under the Agreement;
Report	a written report, in an electronic copy format, which report contains:a)the results of the Services; b)a personalised privacy score rating of the risk to the Personal Data; and c)where appropriate, recommendations for the improvement in security of the Personal Data and online activity; d)where appropriate, recommendations for suitable promotions to the user after Profiling of their Personal Data via the “Vault Rewards” pathway;
Services	the provision of services by Vault for and on behalf of the Customer for the Processing of the Personal Data, in accordance with clause 3.4;
Third Country	a country or territory outside of the United Kingdom;
UK GDPR	the General Data Protection Regulation, Regulation (EU) 2016/679, as it forms part of domestic law within the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018, including as further amended or modified by the laws of the United Kingdom or of a part of the United Kingdom, from time to time; and
Vault	Vault Data Limited (company number 13872962) of 16 Regent Place, Birmingham, B1 3NJ, United Kingdom.

The term ‘parties’ will mean Vault and the Customer together and the term ‘party’ will mean either of them.
The headings in the Agreement are inserted for convenience only and will not affect its construction.
Where appropriate words denoting a singular number will include the plural and vice versa and references to one gender will include a reference to the other gender.
Any reference to:
1. clauses will mean the clauses of the Agreement;
2. any statute, statutory, or regulatory provision includes a reference to the statute, statutory, or regulatory provision as from time to time amended, extended, or re‑enacted; and
3. a person will include a natural person, firm, unincorporated association, or body corporate.
Any and all notices referred to within the Agreement will be:
1. in writing; and
2. written in the English language.

The Services
1. From time to time from the Commencement Date, through the App, the Customer will disclose the Personal Data to Vault and Vault will receive the Personal Data from the Customer.
2. Subject to clause 4 and clause 5:
  1. the Personal Data disclosed and received in accordance with clause 1; and
  2. otherwise Protected Data,
    will be used solely for the purpose of the Services.
3. The Customer represents and warrants to Vault the Personal Data will be accurate and complete at the Commencement Date and undertakes to Vault to disclose details upon any changes that may affect, in any way, the accuracy or completeness of the Personal Data.
4. The Services will include:
  1. the collection, receipt, safe handling, and secure storage of and dealing with the Protected Data;
  2. the reasonable encryption of the Protected Data to prevent unauthorised access by means to be determined by Vault;
  3. the implementation of access controls to prevent unauthorised access to the Protected Data;
  4. using algorithms developed by or within the control of Vault, the assessment of the Protected Data, including but not limited to any internet or other computer network activity and behaviour of the Customer; and
  5. using algorithms developed by or within the control of Vault, the analysis of the Protected Data for the purpose of rating any risk to the security of the Protected Data, such rating to create a personalised privacy score; and
  6. for Customers who actively choose to adopt the “Vault Rewards” pathway in the app, they Consent to using algorithms developed by or within the control of Vault, the analysis of the Protected Data for the purpose of Profiling the Customer to allow for personalised promotion(s) selection;
  7. written recommendations, if any, to the Customer for the better protection and risk reduction of the Protected Data;
  8. written recommendations, if any, to the Customer for personalised promotion(s);
  9. the delivery of the Report in accordance with clause 6; and
  10. the provision of customer care and support services in connection with the Services.
5. Vault will use its reasonable endeavours to provide the Services:
  1. with all due care and skill;
  2. to the standards of a reasonable provider of data collection, management, and processing services;
  3. in compliance with all Applicable Laws and having obtained all necessary licences and consents;
  4. in compliance with each and all of the security practices of Vault; and
  5. efficiently and expeditiously, by allocating sufficient effort, equipment, facilities, skilled personnel, and other resources, to complete the Services on time.
6. Upon completion of the Services, as soon as reasonably practicable, Vault will use its reasonable endeavours to deliver to the Customer the Report.
Anonymisation and Anonymised Data
1. The Customer acknowledges, understands, and accepts, from the Commencement Date:
  1. the Customer Consents to Anonymisation;
  2. Anonymisation will not be included within the Services; and
  3. the Agreement is evidence of such acknowledgement, understanding, acceptance, and Consent.
2. By reason of the Consent given in accordance with clause 4.1.1, the Customer acknowledges, understands, and accepts:
  1. the Anonymised Data will be and remain within the absolute control of Vault;
  2. Intellectual Property subsisting within or registered for the Anonymised Data will be the absolute property of Vault;
  3. at the absolute discretion of Vault, the Anonymised Data may be used or exploited by Vault, its agents, contractors, or licensees in the course of dealings with any third person without the Consent of or the need to account to the Customer;
  4. the Customer will not call upon Vault to disclose or make available any of the Anonymised Data, whether to the Customer or any third person; and
  5. Vault will have no obligation or responsibility to disclose or make available to the Customer or any third person any of the Anonymised Data.
3. The parties acknowledge, understand, and accept Protected Data will not include the Anonymised Data.
Shared Protected Data
1. At the absolute discretion and option of the Customer, upon the creating of the Account, the Customer may opt to receive promotional notifications directly third persons and/or indirectly via Vault.
2. The Customer acknowledges, understands, and accepts that in order to receive notifications in accordance with clause 5.1:
  1. it may be necessary that Vault shares the Protected Data with third persons;
  2. by reason of such necessity, the Customer Consents to the sharing of the Protected Data with third persons; and
  3. the Account and the Agreement is evidence of such acknowledgement, understanding, acceptance, and Consent.
3. The Customer may, at any time, withdraw Consent given in accordance with clause 2.2 by giving notice to Vault in accordance with clause 11.
4. In the event of a withdrawal of Consent in accordance with clause 3, Vault will:
  1. cease, with immediate effect, to share the Protected Data with third persons; and
  2. have no obligation, responsibility, or liability to recall or retrieve, in any way, the Protected Data from third persons to whom the Protected Data was lawfully shared in accordance with clause 5.2.
Data Protection Laws
1. During the provision and for the purposes of the Services, including any analytics, communications, advertising and marketing, fraud prevention, security and compliance, account management, Anonymisation, and where Consent is given to share the Protected Data with third persons, the sharing of Protected Data with third persons, the parties acknowledge, understand, and accept such activities will necessitate the
  Protected Data will be collected, handled, and stored by Vault. The parties acknowledge, understand, and accept that for the Protected Data, the Customer will be the Controller and Vault will be the Processor.
2. To this extent and for the purposes referred to within clause 1, the Customer:
  1. gives Consent for such activity and any other activity the parties may agree in writing from time to time;
  2. acknowledges, understands, and accepts such collection, handling, and storage is fair and lawful and does not contravene any Data Protection Laws; and
  3. the Agreement is evidence of such Consent, acknowledgement, understanding, acceptance, fairness, and lawfulness.
3. Subject to clause 4 and, where applicable, clause 5, Vault will:
  1. use the Protected Data for the Services and for no other purpose, without the written Consent of the Customer;
  2. keep the Protected Data confidential;
  3. not disclose, make available, or transfer the Protected Data to any third person within the United Kingdom without the prior written Consent of the Customer, save only where it is necessary for the Services or Anonymisation (or both) in which instance or instances the
    Customer’s Consent is acknowledged by the parties;
  4. not disclose, make available, or transfer the Protected Data to any Third Country save only where such disclosure, making available, or transfer is to a Third Country that adequately protects personal data according to the Data Protection Supervising Authority or is effected by way of Appropriate Safeguards and in accordance with the Data Protection Laws;
  5. comply with its obligations under the Data Protection Laws, the Services, and the exercise and performance of its respective rights and obligations under the Agreement and will not by any act or omission cause the Customer or any third person to be in breach of any Data Protection Laws;
  6. promptly and in any event not more than 72 (seventy-two hours) inform the Customer upon becoming aware of any Protected Data breach;
  7. assist the Customer in responding to any Customer access request, including by taking all appropriate technical and organisational measures and to ensure compliance with its obligations under the Data Protection Laws with respect to security, breach notifications and communications to data subjects, privacy impact assessments and consultations with supervisory authorities or regulators;
  8. immediately inform the Customer in writing if, in the reasonable opinion of Vault, a Processing Instruction infringes the Data Protection Laws or any other Applicable Laws relating to data protection and explain the reasons for its opinion that the Processing Instruction is infringing, provided that this will be without prejudice to clause 6.3.4;
  9. maintain complete and accurate records and information to demonstrate compliance with clause 6 and allow for a reasonable audit by the Customer or the designated auditor of the Customer, such audit being limited to 1 (one audit) during the Agreement; and
  10. upon termination of the Agreement or, if earlier, at the end of the Services, subject to Applicable Laws and clause 4, at the choice of the Customer, securely delete or return all of the Protected Data to the Customer.
Intellectual Property
1. Background Intellectual Property belonging to a party is and will remain the exclusive property of that party or, where applicable, the third person from whom that party has derived a right to use such background Intellectual Property.
2. Control of the Personal Data will be and remain with the Customer.
3. Further to clause 4 and clause 5, the Customer grants to Vault a non-exclusive, irrevocable, non-terminable, non-sublicensable, non-transferable, worldwide, royalty free licence and permission to use and exploit the Protected Data for the purposes of the Services.
4. Vault will have absolute ownership or control (or both) of:
  1. the Report;
  2. Foreground Intellectual Property subsisting within the Report;
  3. the Anonymised Data; and
  4. Foreground Intellectual Property subsisting within the Anonymised Data.
5. Vault grants to the Customer a non-exclusive, revocable, terminable, non-sublicensable, non-transferable, worldwide, royalty free licence to use the Report.
Holding of information
1. Vault will maintain complete, accurate, and up to date written records of all categories of processing and other activities carried out on behalf of the Customer.
2. Vault will, upon receipt of a data subject access request from the Customer, within 30 (thirty) Business Days make available to the Customer such Personal Data as Vault has within its possession, custody and control.
Confidential Information
1. Each party acknowledges, understands, and accepts that during the Agreement they will have access to Confidential Information of the other party. The parties undertake to each other:
  1. to hold and maintain as secret all Confidential Information obtained directly from the disclosing party in the course of or in anticipation of the Services;
  2. not to disclose or make available, whether in whole or in part, the Confidential Information of the disclosing party to any person except for the purposes of providing the Services;
  3. to respect the rights of the disclosing party in its Confidential Information;
  4. to use the Confidential Information of the disclosing party for the purpose of providing the Services and no other purpose;
  5. to disclose the Confidential Information of the disclosing party only to those of its directors, employees, and contractors pursuant to the Agreement (if any) to whom and to the extent that such disclosure is reasonably necessary for the purpose of providing the Services and no other purpose;
  6. not to copy, reduce to writing, or otherwise record the Confidential Information of the disclosing party, except where it is strictly necessary to do so for the purpose of providing the Services and for no other purpose and any such copies, reductions to writing, and records will be the absolute property of the disclosing party; and
2. Clause 1 will not apply to Confidential Information, which the receiving party can demonstrate by reasonable written evidence:
  1. was, prior to its receipt by the receiving party from the disclosing party, in the possession of the receiving party and not subject to obligations of confidentiality;
  2. is subsequently disclosed to the receiving party without any obligations of confidence by a third person; and
  3. is or becomes generally available to the public through no act or default of the receiving party, its directors, employees, or contractors.
3. In the event the receiving party is required to disclose to the courts of any competent jurisdiction, or to any government regulatory agency, or financial authority, Confidential Information of the disclosing party it will:
  1. inform the disclosing party as soon as reasonably practicable; and
  2. at the disclosing party’s request seek to persuade such court, agency, or authority to have the Confidential Information in question treated in a confidential manner, where this is possible under the court, agency, or authority’s rules or procedures.
4. Each receiving party will procure that all of its directors, employees, agents, and contractors pursuant to the Agreement who have access to Confidential Information will be made aware of and subject to these obligations and will have entered into written undertakings of confidentiality at least as restrictive as those in clause 9.
5. Each party undertakes to the other party that during the Agreement and for a period of 10 (ten) years after the Agreement, not to disclose, make available, or publish or cause any third person to disclose, make available, or publish the Confidential Information of the other party or any part of the Confidential Information of the other party to any third person.
Dispute or Difference
1. Either party may give written notice to another party as soon as they are aware of any Dispute or Difference.
2. Upon receipt of a written notice in accordance with clause 1, the affected parties will enter into good faith negotiations to seek to resolve the Dispute or Difference. In the event the Dispute or Difference cannot be resolved within 10 (ten) Business Days of the start of the negotiations, the Dispute or Difference will be referred immediately to a board director (or equivalent) of each affected party for resolution. Such persons will meet (in person or by telephone call) within 30 (thirty) Business Days thereafter to attempt to resolve the Dispute or Difference.
3. In the event the Dispute or Difference is not resolved in accordance with clause 2, the affected parties will, within 30 (thirty) Business Days of the end of such process, begin structured negotiations with the assistance of a neutral advisor or mediator (‘Neutral Advisor’), which Neutral Advisor the parties will seek to agree.
4. In the event the affected parties are unable to agree upon a Neutral Advisor or if the Neutral Advisor agreed upon is unable or unwilling to act, an affected party may apply to the CEDR to appoint a Neutral Advisor.
5. The affected parties will within 20 (twenty) Business Days of the appointment of the Neutral Advisor, or within such other period of time as the Neutral Advisor may otherwise provide, meet with him in order to agree a programme for the exchange of any relevant information and the structure to be adopted for the negotiations. If considered appropriate, the affected parties may at any stage seek assistance from CEDR to provide guidance on a suitable procedure.
6. The affected parties will bear the fees of the Neutral Advisor and the costs associated with his appointment equally.
7. All negotiations in connection with the Dispute or Difference will be conducted in good faith, in confidence and, unless concluded with a written legally binding agreement, be without prejudice to the rights of the affected parties in future proceedings.
8. In the event the affected parties fail to reach an agreement in the structured negotiations within 120 (one hundred and twenty) Business Days of the programme for the exchange of any relevant information and the structure to be adopted for the negotiations being agreed, in accordance with clause 5, or within such other period of time as the affected parties may agree or the Neutral Advisor may provide, any
  Dispute or Difference, including any question regarding the existence, construction, validity, or termination of the Agreement will be referred to and finally resolved by arbitration under the rules of the Chartered Institute of Arbitrators, currently in force at the time, and such rules are deemed to be incorporated by reference to this clause 10.8.
9. For the avoidance of doubt, nothing in the Agreement will:
  1. prevent an affected party from seeking injunctive or other equitable relief in accordance with clause 2 and clause 14.3; or
  2. prevent the affected parties otherwise agreeing, in writing, to depart from or vary any of the procedures for the resolution of a Dispute or Difference set out within clause 10.
Notices
1. Any written notice or other communication in connection with the Agreement will be in writing and sent by a party to the other party’s address as set out upon the first page of the Agreement and will be copied to their respective email address as set out within this clause 11.1. Any written notices will be given and will be deemed by the parties received:
  1. by recorded first class delivery: 3 (three) Business Days after posting;
  2. by hand: upon delivery; and
  3. by email: within 3 (three) hours of sending.
Term and termination
1. The Agreement will come into full force and effect on the Commencement Date and will continue for a period of 1 (one) year unless terminated earlier in accordance with the provisions of clause 12.
2. Without prejudice to any other right or remedy either party may have under the Agreement, whether at law or in equity, either party may terminate the Agreement with immediate effect by written notice to the other party in the event the other party:
  1. commits a material breach of any of the terms or conditions of the Agreement and, in the case of a breach that can be remedied, fails to remedy the breach within 30 (thirty) Business Days after receiving written notice identifying the breach and requiring its remedy; or
  2. becomes insolvent or goes bankrupt, if an order is made or a resolution is passed for the winding up of the other party, other than voluntarily for the purpose of solvent amalgamation or reconstruction, if an administrator, administrative receiver or receiver is appointed in respect of the whole or any part of the other party’s assets or business, if the other party makes any composition with its creditors or takes or suffers any similar or analogous action in consequence of debt or if the other party ceases to exist or carry on business.
3. Either party may terminate the Agreement, at will and without cause upon the expiry of not less than 30(thirty) Business Days’ written notice to the other party.
4. Any delay by the Client in exercising its rights to terminate the Agreement will not constitute a waiver of those rights.
5. Upon termination of the Agreement, all provisions of the Agreement will cease to have effect, save that the following clauses will survive termination of the Agreement and continue in full force and effect clauses 2, 3.3, 4 to 11, 12.5, 13, and 14.
Exclusion, limitation, and liability
1. Vault will not be held responsible or liable to the Customer for any indirect, consequential, or unforeseeable losses, liabilities, costs, expenses, and/or damages including but not limited to losses of:
  1. business or contract (or both);
  2. opportunity;
  3. profit;
  4. goodwill or reputation (or both);
  5. wasted expenditure; and/or
  6. any interest, penalties, and/or legal and other professional costs and expenses,
    in each and every case incurred or suffered by the Customer as a result or in consequence of a Cause Event.
2. The extent Vault’s liability to the Customer under or in connection with the Agreement, arising from any Cause Event or otherwise, will be limited absolutely to the maximum amount accepted by the insurers of Vault.
3. Notwithstanding any other provision of the Agreement, the liability of the parties will not be limited in any way in respect of:
  1. death or personal injury caused by negligence;
  2. fraud or fraudulent misrepresentation;
  3. any other losses which cannot be excluded or limited by applicable law;
  4. any losses caused by wilful misconduct.
Miscellaneous
1. No person other than a party has any right under the Contracts (Rights of Third Parties) Act 1999 to rely upon or enforce any provisions of the Agreement, save that this will not affect any right or remedy of a third person which exists or is available to such third person.
2. The Agreement and any Dispute or Difference arising out of or in connection with them, their subject matter, or formation will be governed by and construed in accordance with the laws of England and Wales.
3. The parties irrevocably agree that the courts of England and Wales will have exclusive jurisdiction to settle any Dispute or Difference arising out of or in connection with the Agreement and the Option granted under it, their subject matter, or formation.
4. The Customer acknowledges, understands, and accepts, from time to time, Vault may amend, update, or vary the Agreement. Accordingly:
  1. the Customer Consents to such amendment, update, or variation; and
  2. the Account and the Agreement is evidence of such acknowledgement, understanding, acceptance, and Consent.
Vault Free Prize Draws
1. From time-to-time Vault will offer the Customer an opportunity to enter a Free Prize Draw. Specific Terms and Conditions of these Free Prize Draws can be found separately in the “Promotions Appendix” of these Terms and Conditions.

Promotions Appendix

Vault Data £100 Free Prize Draw – TERMS AND CONDITIONS

BACKGROUND:

These Terms and Conditions set out the terms governing the Vault Data £100 Free Prize Draw. The promoter of the Prize Draw is Vault Data Ltd. Please read these Terms and Conditions carefully and ensure that you understand them before submitting your entry for the Prize Draw.

Vault Data Ltd is a limited company registered in England and Wales under company number 13872962. Our registered address is 7 Marconi Gate, Stafford, England, ST18 0FZ, United Kingdom and Our main trading address is 16 Regent Place, Birmingham, West Midlands, B1 3NJ, United Kingdom.

By submitting an entry to the Prize Draw, you are agreeing to accept and be bound by these Terms and Conditions. If you have any questions, please contact Us at info@vaultdata.io. Please note that We reserve the right to refuse entry or refuse to award a prize to anyone who is in breach of these Terms and Conditions.

Definitions and Interpretation

In these Terms and Conditions, unless the context otherwise requires, the following expressions have the following meanings:

“Closing Date”	means the closing date of the Prize Draw, as set out in Clause 3;
“Draw Date”	means the date on which the winners will be chosen, as set out in Clause 5;
“Opening Date”	means the opening date of the Prize Draw, as set out in Clause 3;
“Prize Draw”	Means “VAULT DATA £100 FREE PRIZE DRAW”; and
“We / Us / Our”	Means Vault Data Ltd, whose details are provided above.

Prize Draw Entry Rules
1. The Prize Draw is open to all UK residents aged 18 and above, subject to the following exceptions.
2. The following may not enter the Prize Draw:
  1. Our employees or their families; and/or
  2. Our agents, subcontractors, and any other third parties involved in or directly associated with the running of the Prize Draw.
3. Only one entry per person is permitted.
Opening and Closing Date
1. The Opening Date for the 15th March 2024 Prize Draw is 12 AM UTC on 9th February 2024 with a Closing Date of 11:59 PM UTC on the 15th March 2024.
2. The Opening Date for the 15th of April 2024 Prize Draw is 12 AM UTC on 16th March 2024 with a Closing Date being 11:59 PM UTC on the 15th April 2024.
3. Entries received after the Closing Date will not be valid, accepted, or considered.
How to Enter the Prize Draw
1. Prize Draw entries are free. No purchase is necessary.
2. To submit your entry to the Prize Draw:a)Click on the “Vault Rewards” button in the app.
  b)Click on the “I agree” button to these Terms and Conditions.
  c)You will be now entered into the Free Prize Draw.
3. Please note that We do not accept any responsibility for any entries which are not successfully completed (e.g. lost or delayed) due to technical faults (including, but not limited to, hardware, software, and network faults) or for entries which We do not receive.
The Prize Draw
1. The Winners will be selected by random draw, which shall be performed by a computer process on the following Draw Dates: 29th February 2024 and 29^th March 2024.
2. The Prizes will be as follows:
  a)10 x £100 prizes for the 29th February 2024 draw (total £1000)
  b)10 x £100 prizes for the 29th March 2024 draw (total £1000)
3. The winners will be notified by mobile app notifications and/or email (using the details provided in their entry) within five (5) days after the Draw Date and must respond with a postal address and bank details in order to claim their prize.
4. If a winner does not respond to Us within 10 days of being notified, their prize will be forfeited, and We shall be entitled to select another winner using the process set out above.
5. The Winners will receive their prize by electronic bank transfer within 10 days of their response.
6. Prizes are non-exchangeable and non-transferrable. No cash alternative is offered. We reserve the right to substitute a prize with an alternative prize of equal or greater value in the event that circumstances beyond Our control make it necessary for Us to do so.
7. Our decision regarding any aspect of the Prize Draw is binding and final. We will not enter into any correspondence about the decision.
8. We are required to publish or otherwise make available information which indicates that a valid award has taken place. The surname and county of major prize winners (and, where applicable, copies of winning entries) will be provided and made available from Us by:a)Writing to Us at Vault Data, 16 Regent Place, Birmingham, West Midlands, B1 3NJ, United Kingdom, enclosing a self-addressed envelope; or
  b)Sending an email to Us at info@vaultdata.io;within six (6) months after the Closing Date.
9. If you object to any of your information, as set out above in sub-Clause 5.8, being published or otherwise made available, please contact Us by post at Vault Data, 16 Regent Place, Birmingham, West Midlands, B1 3NJ, United Kingdom, by email at privacy@vaultdata.io, or by telephone on +44 1213142898. Please note that We are still required to provide such information and winning entries to the
  Advertising Standards Authority on their request.
10. We reserve the right to hold void, cancel, suspend, or amend the promotion if it becomes necessary for us to do so.
Limitation of Liability
1. Nothing in these Terms and Conditions limits or excludes your legal rights as a consumer. For more information on your rights as a consumer, please contact your local Trading Standards Office or Citizens Advice Bureau.
2. Nothing in these Terms and Conditions limits or excludes Our liability (or that of Our agents or distributors, or that of their employees) for death or personal injury caused by negligence, for fraud or fraudulent misrepresentation, or for any other form of liability that cannot be excluded or limited by law.
3. To the extent permitted by law, and subject to sub-Clauses 6.1 and 6.2, We (and Our agents and distributors) shall not be responsible or liable to compensate any winner and shall not accept any liability for any loss, damage, death, or personal injury, as a result of accepting a prize.
Privacy and Personal Data
We will only use your personal information as set out in Our Privacy Policy, available from https://vaultdata.io/trust-center/privacy-statement-uk/, and as explained above in Clauses 5.8 and 5.9.
Law and Jurisdiction
1. These Terms and Conditions, the Prize Draw, and the relationship between Us and you (whether contractual or otherwise) shall be governed by, and construed in accordance with, English law.
2. Any dispute, controversy, proceedings, or claim between Us and you relating to these Terms and Conditions, the Prize Draw, or to the relationship between Us and you (whether contractual or otherwise) shall be subject to the jurisdiction of the courts of England, Wales, or Scotland, as determined by your residency.