Agreement to make DfE Data Extracts
available in a Secure Environment
(DfE = Controller; Requester=Controller,
ONS = DfE Processor)
THIS AGREEMENT is made on the date specified in the Schedule.
BETWEEN:
(1)
The
DEPARTMENT FOR EDUCATION whose details are specified in the Schedule
(2)
The
REQUESTER whose details are specified in the Schedule
who together are known as
"the Parties"
1.
INTRODUCTION
1.1. DfE is responsible for the collation and management of many databases including the
National Pupil Database (NPD), Individual Learner Record (ILR), Children in Need (CIN),
Children Looked After (CLA), Schools Workforce (SWF) data etc. DfE is also responsible
for linking DfE databases such as NPD and ILR to create longitudinal datasets and the
supply of DfE Data Extracts from the Longitudinal Education Outcomes (LEO) database or
the Feasibility All Education Dataset England.
1.2. For the purposes of this Agreement, DfE is the controller of DfE Data Extracts from all of
these databases described in clause 1.1. The Requester in making an application for DfE
Data Extracts has determined the purpose and manner in which the DfE Data Extracts shall
be processed and therefore assumes all of the obligations of a controller. DfE is proposing
to share DfE Data Extracts with the Requester who will process the DfE Data Extract for its
Permitted Use as an independent controller.
1.3. This Agreement documents that the DfE Data Extracts specified in the Schedule can be
processed by the Requester in a Secure Environment subject to the terms of this
Agreement.
1.4. This Agreement sets out the details of DfE Data Extracts, versions and estimated timings of
data transfer.
1.5. This Agreement is entered into for the purpose of ensuring compliance with the Data
Protection Legislation.
1.6. This Agreement may not be amended except in writing using the email address
xxxx.xxxxxxx@xxxxxxxxx.xxx.xx and signed by authorised representatives of both the DfE
and the Requester in accordance with clause 16.
1.7. The DfE has satisfied itself prior to entering into this Agreement that it has a legal basis for
sharing the DfE Data Extracts as specified in the Schedule.
2.
DEFINITIONS
2.1 In this Agreement, the following terms shall have the following meanings:
Agreement
This Agreement together with its Schedule.
2
Clearance Process
This process is operated by the Secure Environment Provider
and details of the process will be provided to the Requester
by the Secure Environment Provider.
Commencement Date
The commencement date of this Agreement as specified in
the Schedule.
Commissioner
The Information Commissioner as defined in the Freedom of
Information Act 2000.
Data Destruction Date
The date that the DfE Data Extracts, including the
Requester’s Analysis, will be destroyed by the Secure
Environment Provider.
Data Loss Event
Any event that results, or may result, in unauthorised
access, disclosure or use of the DfE Data Extracts held by
the Requester under this Agreement, and/or any actual or
potential loss and/or destruction of personal data in breach
of this Agreement, including any personal data breach.
Data Protection
(i)
the GDPR, the LED and any applicable
Legislation
national implementing Laws as amended
from time to time
(ii)
the DPA 2018 to the extent that it relates to
processing of personal data and privacy;
(iii)
all applicable Law relating to the processing
of personal data and privacy.
Data Subject Request
A request made by or on behalf of a data subject in
accordance with rights granted pursuant to the Data
Protection Legislation.
DPA 2018
Data Protection Act 2018
GDPR
The General Data Protection Regulation (Regulation
(EU) 2016/679))
Destroy
Means permanently destroy all hard and electronic copies of
the DfE Data Extracts and permanently expunge DfE Data
Extracts from the Secure Environment. For the avoidance of
doubt, DfE Data Extracts will not be recoverable from the
Secure Environment Provider after the Data Destruction
Date.
DfE Data Extracts
Any information contained within or derived from DfE
databases in the form of “bespoke DfE Data Extracts” or
“standard DfE Data Extracts”
3
Grace Period
The period between the Licence End Date and the Data
Destruction Date during which the DfE Data Extracts and
the Requester’s Analysis wil be archived by the Secure
Environment Provider. The Requester can request the DfE
to authorise the Secure Environment Provider to grant
additional access to the DfE Data Extracts and the
Requester’s Analysis archived in the Secure Environment.
Individual Declaration
A declaration (in the form specified by the DfE as amended
from time to time) to be signed by each Permitted User before
they may have access to the DfE Data Extracts and
thereafter upon request of DfE.
Insolvency Event
Means in respect of the Requester, any or all of the following:
a) a winding up petition is presented or an application is
made for the appointment of a provisional liquidator or an
administrator or a receiver, or a notice of intention to appoint
an administrator is filed at court, or a provisional liquidator or
an administrator or an administrative receiver or a receiver, is
appointed, or a scheme of arrangement or a voluntary
arrangement is proposed, or any moratorium comes into
effect; or
b) a shareholders’ meeting is convened for the purpose of
considering a resolution to wind up (except for a members'
voluntary liquidation exclusively for the purposes of a bona
fide solvent reconstruction or amalgamation and where the
resulting entity agrees to be bound by, or assumes, the
obligations of the Requester under this Agreement) a
resolution to wind up is passed or a winding up order is
made; or
c) the Requester is unable to pay its debts as they fall due
within the meaning of section 123 of the Insolvency Act 1986;
or
d) an encumbrancer takes possession of, or a receiver,
administrative receiver or similar officer is appointed over, the
whole or any part of the Requester’s business or assets or
any other similar process in any relevant jurisdiction which
has a similar or analogous effect.
Intellectual Property Rights
Copyrights and related rights, design rights, database rights,
patents, rights to inventions, know-how or trade secrets
(whether patentable or not), trade and domain and business
names, logos and devices, trade and service marks, moral
rights or similar intellectual property rights (whether registered
or unregistered and wherever in the world enforceable)
together with any extensions, revivals or renewals thereof,
4
and all pending applications therefore and rights to apply for
any of the foregoing in each case as may now or in the future
exist anywhere in the world.
Law
Any law, subordinate legislation within the meaning of Section
21(1) of the Interpretation Act 1978, bye-law, enforceable
right within the meaning of Section 2 of the European
Communities Act 1972, regulation, order, regulatory policy,
mandatory guidance or code of practice, judgment of a
relevant court of law, or directives or requirements with which
either Party is bound to comply.
LED
Law Enforcement Directive (Directive (EU) 2016/680).
Licence End Date
The date that the Secure Environment Provider will terminate
access to the Secure Environment and archive the DfE Data
Extracts and the Requester’s Analysis for the Grace Period.
Losses
Means any and all losses, liabilities, costs, claims,
proceedings, actions, judgments, damages and expenses
including (without limitation) any awards and/or penalties or
fines imposed by any regulator including the Information
Commissioner to the extent recoverable at law (and any
associated costs thereto) and any legal and other
professional fees, consultancy fees and expenses on a full
indemnity basis.
ONS Accredited Organisation
The status granted by the Secure Environment Provider to a
Status
researcher once a researcher has passed the Secure
Environment Provider’s security and connectivity
requirements and is authorised to access the Secure
Research Service from their own premises.
ONS Approved Researcher
The status granted by the Secure Environment Provider
Status
(Office for National Statistics Secure Research Service) once
a researcher has agreed to all terms and conditions required
by the Office for National Statistics Secure Research Service
and completed all of the specified training.
Permitted Intended Outputs
The permitted outputs from the Permitted Use as set out in
the Schedule
Permitted Use
The purposes for which the Requester (including any
Permitted Users) are authorised by the DfE to use the DfE
Data Extracts, including the Permitted Intended Outputs, as
set out in the Schedule.
Permitted User
An individual who has been authorised by the DfE to have
access to the DfE Data Extracts within the Secure
Environment and to process it for the Permitted Use and who
has signed and returned to DfE an Individual Declaration
Form.
Requester
The person or organisation to whom it has been agreed to
make available the DfE Data Extracts in a Secure
5
Environment under this Agreement, as specified in the
Schedule.
Requester’s Analysis
The analysis of the DfE Data Extracts generated by the
Requester and saved within the Secure Environment.
Requester Primary Contact
The primary contact of the Requester as specified in the
Schedule or such alternate as is notified by the Requester to
DfE.
Requester Secondary Contact The secondary contact of the Requester as specified in the
Schedule or such alternate as is notified by the Requester to
DfE.
Schedule
The Schedule of this Agreement.
Secure Environment Provider
The organisation who will provide the Secure Environment for
the purposes of this Agreement being the Office for National
Statistics Secure Research Service
Termination Date
The Data Destruction Date or such earlier date if the
Agreement is terminated in accordance with clause 11.
Working Days
A day (other than a Saturday or Sunday) on which banks are
open for general business in the City of London.
2.2 The terms “controller”, “processor”, “data subject”, “personal data”, “processing” (and
"process" and "processes" shall be construed accordingly), "personal data breach", "data
protection officer" and “special categories of personal data” shal have the meanings set out
in the Data Protection Legislation.
2.3 Clause, schedule and paragraph headings shall not affect the interpretation of this
agreement.
2.4 A person includes a natural person, corporate or unincorporated body (whether or not
having separate legal personality).
2.5 The Schedule forms part of this Agreement and shall have effect as if set out in full in the
body of this Agreement. Any reference to this Agreement includes the Schedule.
2.6 Unless the context otherwise requires, words in the singular shall include the plural and in
the plural shall include the singular.
2.7 Unless the context otherwise requires, a reference to one gender shall include a reference
to the other gender.
2.8 A reference to a statute or statutory provision is a reference to it as amended, extended or
re-enacted from time to time.
2.9 A reference to a statute or statutory provision shall include all subordinate legislation made
from time to time under that statute or statutory provision.
2.10 References to clauses and schedules are to the Clauses and Schedules of this Agreement
and references to paragraphs are to paragraphs of the relevant Schedule.
6
2.11 Any words following the terms “including”, “include”, “in particular” or “for example” or any
similar phrase shall be construed as illustrative and shall not limit the generality of the
related general words.
2.12 In the case of conflict or ambiguity between any provision contained in the body of this
Agreement and any provision contained in the Schedule, the provision in the Schedule to
this Agreement shall take precedence.
2.13 If the DfE is replaced by a successor body or have their relevant powers and
responsibilities transferred to another body, then references to them in this Agreement shall
be taken to apply to their successors until such time as this Agreement can conveniently be
updated to reflect the change.
3.
DURATION
3.1 This Agreement will commence with effect from the Commencement Date and end on the
Data Destruction Date, subject to earlier termination in accordance with clause 11 (the
earlier of these dates being the Termination Date).
3.2 The Licence End Date and Data Destruction Date may be extended in response to a
request by the Requester at the discretion of the DfE. Requests to extend the Licence End
Date and or the Data Destruction Date should be made in writing to DfE using the email
ad
dress xxxx.xxxxxxx@xxxxxxxxx.xxx.xx.
3.3 Permitted Users will not be granted access to the Secure Environment and/or the Linked
Data unless they achieve/continue to hold ONS Approved or Accredited Researcher Status.
4.
DATA PROTECTION ROLES
4.1 The Parties agree that each of them acts as an independent controller in connection with
their processing of the DfE Data Extracts and that nothing in this Agreement is intended to
construe either Party as:
4.1.1
the processor of the other; or
4.1.2
joint controllers with one another,
with respect to the DfE Data Extracts.
4.2 For the purposes of this Agreement the DfE shall determine the purposes for which, and the
manner in which their data is, or is to be, processed including:
4.2.1
Whether their data is made available in response to a request and, if so, which
data is to be made available and the terms on which it will be shared.
4.2.2
Any variations to the terms of this Agreement.
4.2.3
Any consultation which occurs between the DfE and the Requester is not to be
interpreted as the taking of a joint decision in respect of the release of the DfE
Data Extracts.
7
4.3 DfE and the Requester agree that DfE may vary the terms of this Agreement with the
Requester by exchange of email provided that the emails are exchanged between the
Requester Primary Contact and the DfE Contact as specified in the Schedule or such other
individuals as the Parties may notify to the other from time to time. Copies of the email
exchange shall be retained by DfE. All applications to DfE should be sent by email using
the email address
xxxx.xxxxxxx@xxxxxxxxx.xxx.xx
4.4 For the purposes of this Agreement, the Secure Environment Provider, in agreeing to
provide a secure environment for the DfE Data Extracts to be made available to the
Requester and operating the Clearance Process, is acting as a processor for DfE.
4.5 The Requester will agree to all terms and conditions, clearance policies and instructions,
(including any conditions set out in any Security Operating Procedures (SyOPs)) notified by
the Secure Environment Provider in relation to the use of the Secure Environment.
4.6 In the event that a Requester becomes concerned that there is a conflict between the terms
of this Agreement and the terms and conditions, instructions, and /or policies produced by
the Secure Environment Provider the concern should be raised by the Requester with DfE
who will discuss the issue with the Secure Environment Provider on a case by case basis
and notify the Requester of their shared position.
5.
LICENCE
5.1 In consideration of the Requester agreeing to comply with its obligations under this
Agreement, the DfE grants to the Requester a non-exclusive, non-transferable licence to
use the DfE Data Extracts in the Secure Environment for the Permitted Use until the
Licence End Date and subject to successfully completing the Clearance Process and
applying the Statistical Disclosure Control to use data derived from the DfE Data Extracts in
the Permitted Outputs.
5.2 If the Requester wishes to use the DfE Data Extracts for any purpose which is not specified
in the Permitted Use, the Requester shall submit a written request for a new use of the DfE
Data Extracts for the DfE’s consideration.
6.
MAKING DfE DATA EXTRACTS AVAILABLE IN ONS SRS
6.1 DfE will make available the DfE Data Extracts specified in the Schedule to the Requester so
that it can be accessed by the Requester after the dates specified in the Schedule. The DfE
will not be liable for any Losses arising out of or in connection with the accuracy of the DfE
Data Extracts or any delay in making the DfE Data Extracts available in the ONS SRS,
however caused or any failure of the Permitted Users to access the data where they are
unable to acquire or lose the status of ONS Approved Researcher. No other form of
compensation shall be due to the Requester as a result of one or more Permitted Users not
being able to achieve ONS Approved Researcher Status.
6.2 The Requester acknowledges that the data held by DfE from which the DfE Data Extracts is
produced may not be the most up to date DfE data as changes may need to be made to the
source DfE databases.
8
6.3 For the avoidance of doubt, the terms of this Agreement shall apply to all data supplied in
connection with it regardless of whether the individual data items are listed in the Schedule.
6.4 To access the DfE Data Extracts, the Requester must agree with DfE and the Secure
Environment Provider as to the most appropriate accredited physical location from which to
access the Secure Environment. The Parties agree that this may change during the Licence
Period. If the Requester’s organisation has been awarded ONS Accredited Organisation
Status DfE may permit access to the Secure Environment from the Requester’s premises.
7.
DATA PROTECTION
7.1 The Parties agree that data within the DfE Data Extracts includes data which may be
personally identifiable, and shall be treated as personal data, and where appropriate as
special categories of personal data (and therefore as being subject to the provisions of this
clause), regardless of whether the Requester, or any third party, considers that there is a
risk of any particular individual being identified from that data.
7.2 The Requester shall ensure that its processing of the DfE Data Extracts complies with the
instructions provided by the Secure Environment Provider to assist the Secure Environment
Provider in ensuring that the data is held in strict confidence and securely and that
appropriate technical and organisational information security and processing procedures
are established and maintained to ensure that all DfE Data Extracts made available in
accordance with this Agreement are sufficiently protected against any Data Loss Event and
to comply with the requirements of Article 32 of the GDPR. In ensuring the security of the
DfE Data Extracts, the Requester shall restrict access to the DfE Data Extracts to the
Permitted Users for the Permitted Use and ensure that all Permitted Users have received
appropriate training regarding data protection and security.
7.3 Where the DfE Data Extracts contains information relating to the racial or ethnic origin,
physical or mental health, sexual orientation, gender identity, religion/belief, biometric
information, trade union membership, political or philosophical beliefs of an individual these
are special categories of personal data or are required to be treated as special categories
of personal data under this Agreement.
7.4 The DfE wil consider on a case by case basis the Requester’s proposed Permitted Users.
The Requester shall ensure that each proposed Permitted User receives appropriate
training regarding data protection and security including all training specified by the Secure
Environment Provider. Where the Requester has been granted a Licence Period in excess
of one year, the Requester shal ensure that on DfE’s request the Permitted Users sign and
return to DfE a new Individual Declaration within 30 Working Days.
7.5 The Parties shall comply with the provisions of the Data Protection Legislation so far as
such provisions apply to processing carried out under this Agreement and the Requester
shall procure that its Permitted Users observe and comply with the provisions of the Data
Protection Legislation.
7.6 The Requester shall only process the DfE Data Extracts solely for the Permitted Use and
shall not use the DfE Data Extracts to identify or enable identification of individuals or to
inform a decision to be made about any individual. The DfE Data Extracts may not be
reproduced by the Requester in a form that would allow a third party to identify or derive
9
information about individuals who are the data subjects without the prior written approval of
the DfE. No steps will be taken to contact any individual identified in the DfE Data Extracts
unless under the written instruction or authorisation of the DfE. No information derived from
the DfE Data Extracts may be removed from the Secure Environment unless it has
successfully completed the Clearance Process.
7.7 The Requester shall fully co-operate with the DfE to ensure compliance with the Data
Protection Legislation in respect of the DfE Data Extracts. The Requester shall assist the
DfE, in complying with and responding to:
7.7.1
Data Subject Requests (or purported Data Subject Request);
7.7.2
requests from data subjects for the rectification or erasure of personal data or
restriction of processing;
7.7.3
an information notice, or any other notice (including particular any de-registration,
enforcement or transfer prohibition notices) served by the Commissioner;
7.7.4
any other request, complaints or communication relating to either Paty’s
obligations under the Data Protection Legislation (whether from data subjects or
otherwise);
7.7.5
any investigation of any breach or alleged breach of the Data Protection
Legislation which relate to the DfE Data Extracts.
7.8 The Requester shal promptly report to the DfE email address
xxxx.xxxxxxx@xxxxxxxxx.xxx.xx, any circumstance which the Requester becomes aware
which:
7.8.1
may mean that this Agreement has not been complied with;
7.8.2
may cause any Party to breach the Data Protection Legislation as a result of
processing carried out in connection with this Agreement;
7.8.3
may mean that there has been unauthorised processing of any personal data
derived from the DfE Data Extracts which is the subject of this Agreement;
7.9 Where the Requester reports a matter to DfE under 7.8, and DfE has reasonable grounds
for believing that there has or may have been a breach by the Requester of clause 7, the
Requester shall immediately provide all reasonable co-operation to DfE to enable the DfE
to determine as far as possible:
7.9.1 whether such a breach has taken place, the scope of any breach and the cause of
any breach; and
7.9.2 action which is appropriate for the DfE or the Requester to take to remedy or mitigate
the impact of any such breach.
7.10 Reasonable co-operation under clause 7.9 shall include, but not be limited to, the provision
of documents and information and provision of access to personnel, premises and systems
on request within timescales specified by the DfE.
10
7.11 Without prejudice to the DfE rights under clause 7, where DfE investigates a potential
breach under this clause 7 and determines that a breach of clause 7 has taken place, the
Requester shall promptly carry out any reasonable steps which DfE specify to the
Requester as required to remedy or mitigate the impact of the breach.
7.12 DfE, and their agents, shall be entitled to audit the Requester’s compliance with its
responsibilities under this Agreement in respect of technical and organisational security
measures. This may include physical inspection and copying of records. The Requester
and its Permitted Users shall co-operate fully in allowing DfE, and their agents, access to
premises, documents and equipment.
7.13 Without prejudice to any other rights or remedies which the DfE may have, the Requester
acknowledges and agrees that damages would not be an adequate remedy for any breach
by the Requester and/or the Permitted Users of the provisions of this Agreement and the
DfE shall be entitled to the remedies of injunction, specific performance and other equitable
relief for any threatened or actual breach of any provision of this Agreement by the
Requester and/or the Permitted Users.
7.14 The Requester will not transfer or permit the transfer of the DfE Data Extracts to any other
country without the prior written consent of the DfE.
7.15 The Requester shall not link the DfE Data Extracts to any other data without the prior
written approval of the DfE unless such linking is included within the Permitted Use as
specified in the Schedule. Any application to link the DfE Data Extracts to other data shall
be made in writing to the DfE in accordance with clause 4.3
8.
PUBLICATION / REPRODUCTION OF THE DFE DATA EXTRACTS
8.1 The Requester shall not reproduce DfE Data Extract or include secondary analysis of the
DfE Data Extracts (including for the avoidance of doubt, data that has successfully
completed the Clearance Process) without the prior written consent of the DfE unless such
reproduction / publication is expressly permitted by the Permitted Use.
8.2 Consent is only valid if given in writing, in advance of reproduction or publication of the DfE
Data Extracts. The Requester must request permission to publish research, and/or
analysis, no less than 2 Working Days prior to publication being released. Consent will only
be given within 2 Working Days in exceptional circumstances at the DfE’s sole discretion.
8.3 The Requester undertakes that whenever information derived from the DfE Data Extracts is
reproduced or used in a publication by it or on its behalf an attribution and caveat are
included on behalf of the DfE in a form previously approved in writing by DfE. In any event,
the caveat must name the DfE as the organisation whose data has been used in the
publication and state that the DfE does not accept responsibility for any inferences or
conclusions derived from the DfE Data Extracts by third parties.
8.4 For the avoidance of doubt, “publication" shal include both publication in hard copy form
and inclusion of material on an internet website, intranet, extranet or other method of
accessing information electronically, for which the prior written consent of the DfE is
expressly permitted by the Intended Permitted Outputs.
11
8.5 The Requester undertakes to ensure that all statistics published are at a level of
anonymisation and aggregation to ensure that no personal data or special categories of
personal data are taken out of the Secure Environment, and will thereby ensure the
confidentiality and privacy of individuals. More specifically, the Requester undertakes to
complete the Office for National Statistics Secure Research Service Clearance Process
unless an alternative disclosure control mechanism has been agreed in the Schedule or in
writing in advance of publication by DfE.
9.
WARRANTIES AND INDEMNITIES
9.1 No warranty is given by the DfE as to the quality or accuracy of the DfE Data Extracts.
9.2 The Requester warrants and represents to the DfE that at all material times it will comply
with the provisions of the Data Protection Legislation so far as such provisions apply to it in
respect of this Agreement and that it will procure that its employees, agents and contractors
observe the provisions of the Data Protection Legislation and the terms of this Agreement.
9.3 The Requester warrants and represents to the DfE that at all material times it will comply
with the provisions of the Data Protection Legislation such that:
9.3.1 it shall use the DfE Data Extracts only in accordance with the Data Protection
Legislation;
9.3.2 in particular and without prejudice to the generality of clause 7, where the Permitted
Use include the linking of the DfE Data Extracts to data from any other source, there
is a lawful basis for this processing of the other data and in particular it will not
contravene the Data Protection Legislation or any legal duty of confidentiality;
9.3.3 where the Requester has provided information about its arrangements to ensure
security of information prior to entering into this Agreement, that such information is
and continues to be correct and accurate;
9.3.4 it shall use the DfE Data Extracts only in accordance with the Permitted Use and the
terms of this Agreement;
9.3.5 it has complied with any advice, undertaking or enforcement notice issued to it by the
Information Commissioner following:
9.3.5.1
any audit by the Information Commissioner; or
9.3.5.2
any notification of a data security breach or any other breach of the DP
Legislation by the Requester; and
9.3.6 it will not make or permit or pursue any analyses which allow the identification of
individuals or which permit or enable any other person to identify individuals.
9.4 Each Party warrants and undertakes that it has the capacity and full legal authority to enter
into this Agreement, this Agreement has been executed by its duly authorised
representative, the making of this Agreement does not conflict with any of its existing
12
obligations and once signed, this Agreement shall constitute its legal, valid and binding
obligations.
9.5 The Requester indemnifies on demand and holds harmless the DfE against any Losses
suffered or incurred by the DfE arising out of or in connection with:
9.5.1
any breach by the Requester of the Data Protection Legislation;
9.5.2
the Requester causing the DfE to be in breach of any of the Data Protection
Legislation; and
9.5.3
the Requester breaching this Agreement.
10. EXCLUSION OF LIABILITY
10.1 The DfE does not have any obligations to the Requester, whether in contract, tort, breach of
statutory duty or otherwise, beyond their obligations expressly set out in this Agreement.
10.2 The DfE shall not have any liability (however caused) for any loss of profit, business,
contracts, damage to reputation, revenues, increased costs or expenses or any indirect or
consequential loss arising under or in connection with this Agreement.
10.3 Nothing in this Agreement shall operate to exclude or limit the liability of either Party to the
other for:
10.3.1 fraud or fraudulent misrepresentation;
10.3.2 death or personal injury caused by negligence of that Party;
10.3.3 any matter for which it would be unlawful for the Parties to exclude liability.
11. TERMINATION
11.1 In the event that either Party wishes to exit from this Agreement, that Party shall serve a
notice by e-mail to the named primary and secondary contacts of the other Party (as set out
in the Schedule) of a date not less than 30 days from the date of the said notice on which
the Party proposes to exit this Agreement.
11.2 DfE may without liability terminate this Agreement immediately by written notice to the
Requester, if:
11.2.1 the Requester commits a material breach of this Agreement and, where such
breach is capable of remedy, if in the reasonable opinion of DfE, this has not been
properly remedied within 7 days of written notice of the breach being given by or
on behalf of the DfE;
11.2.2 the Requester is acting, or has acted, in a manner materially prejudicial to the
DfE’s goodwill and reputation or to the detriment of the DfE’s relationship with
other government departments and public organisations;
13
11.2.3 the DfE no longer requires this Agreement where this Agreement has been
replaced by a subsequent agreement and the Parties have agreed to terminate
this Agreement;
11.2.4 the Requester suffers an Insolvency Event;
11.3 The Requester may, without liability, terminate this Agreement immediately by written
notice to the DfE if:
11.3.1 the DfE commits a material breach of this Agreement and, where such breach is
capable of remedy, if in the reasonable opinion of the Requester, this has not been
properly remedied within 7 days of written notice of the breach being given by or
on behalf of the Requester.
11.3.2 the Requester no longer requires the DfE Data Extracts for the Permitted Use.
11.4 This Agreement will otherwise terminate at the Destruction End Date, as specified in the
Schedule.
12. CONSEQUENCES OF TERMINATION
12.1 Termination of this agreement, for any reason, shall not affect the accrued rights, remedies,
obligations or liabilities of the Parties existing at termination.
12.2 The following clauses shall survive the termination of this Agreement:
12.2.1 Definitions
12.2.2 Clause 3 – Duration
12.2.3 Clause 4 – Data Protection Roles
12.2.4 Clause 6 – Making DfE Data Extracts Available in ONS SRS
12.2.5 Clause 7 – Data Protection
12.2.6 Clause 8 – Publication/Reproduction of the DfE Data Extracts
12.2.7 Clause 9 – Warranties and Indemnities
12.2.8 Clause 10 – Exclusion of Liability
12.2.9 Clause 11 – Termination
12.2.10 Clause 12 – Consequences of Termination
12.2.11 Clause 13 – Publication of Agreement Details
12.2.12 Clause 14 – Information Requests
12.2.13 Clause 15 – Alternative Dispute Resolution
12.2.14 Clause 16 – Notices
12.2.15 Clause 17 – General
12.2.16 Clause 18 – Intellectual Property Rights - DfE Data Extracts
13. PUBLICATION OF AGREEMENT DETAILS
13.1 The Requester consents to DfE publishing the following details on GOV.UK:
13.1.1 A brief description (150 words) of the Permitted Use.
13.1.2 The name of the Requester
13.1.3 The classification of the data
14
13.1.4 Licence End Date
13.1.5 Frequency of the data share
13.1.6 Delivery mechanism (via secure transfer mechanism or a Secure Environment)
14. INFORMATION REQUESTS
14.1 The Requester acknowledges that DfE and the Secure Environment Provider are subject to
the requirements of the Freedom of Information Act 2000 and the Environmental
Information Regulations 2004 and agrees to provide all necessary assistance as required
by DfE and the Secure Environment Provider to enable them to comply with its obligations
under this legislation.
15. ALTERNATIVE DISPUTE RESOLUTION
15.1 If any dispute arises in connection with this Agreement, directors or other senior
representatives of each Party with authority to settle the dispute will, within 10 Working
Ways of a written request from one Party to the others, meet in a good faith effort to resolve
the dispute.
15.2 If the dispute is not resolved at that meeting, the Parties will attempt to settle it by mediation
in accordance with the Centre for Effective Dispute Resolution (CEDR) Model Mediation
Procedure. Unless otherwise agreed between the Parties, the mediator will be nominated
by CEDR. To initiate the mediation a Party must give notice in writing ("ADR notice") to the
other Parties to the dispute requesting mediation. A copy of the request should be sent to
CEDR Solve. The mediation will start not later than 20 Working Days after the date of the
ADR notice.
15.3 No Party may commence any court proceedings in relation to any dispute arising out of this
Agreement until it has attempted to settle the dispute by mediation and either the mediation
has terminated or one of the other Parties has failed to participate in the mediation,
provided that the right to issue proceedings is not prejudiced by a delay.
15.4 Nothing in this clause shall prevent any Party seeking a preliminary injunction or other
judicial relief at any time, if in its judgement such action is necessary to prevent irreparable
damage.
15.5 This Agreement shall be governed by and construed in accordance with English Law and,
to the extent disputes arising out of or relating to this Agreement are not settled under the
above procedures, the Requester submits to the exclusive jurisdiction of the English Courts.
16. NOTICES
16.1 Any notice to be given pursuant to this Agreement;
16.1.1 shall be in writing; and
16.1.2 sent by email to:
15
• DfE at
xxxx.xxxxxxx@xxxxxxxxx.xxx.xx.
• the Requester at the email address specified as the Requester Primary Contact in
the Schedule
• or such other email addresses as may be notified by the Parties from time to time.
16.1.3 In the absence of evidence of earlier receipt any such notice shall be deemed to
have been given or received on the second business day following the day of sending the
email.
17. GENERAL
17.1 This Agreement may not be assigned, or otherwise transferred, in whole, or in part, by the
Requester without the prior written consent of the DfE.
17.2 Subject to clause 4.2 no variation to this Agreement shall take effect unless it is in writing
and agreed by all Parties to this Agreement. DfE will have the final say on any proposed
variation to this Agreement.
17.3 No amendment or variation to this Agreement, or any revocation or extension of this
Agreement, shall be effective unless it is made in writing and signed by the Parties.
17.4 At any time the DfE may, with 30 Working Days notice in writing to the Requester, change
the Agreement to ensure it complies with guidance issued by the Commissioner.
17.5 The Requester shall not be entitled to sub-licence any of the rights granted to it by the DfE
under this Agreement.
17.6 For the purpose of section 1(2) of the Contracts (Rights of Third Parties) Act 1999 the
Parties state that they do not intend any terms of this Agreement to be enforced by any
third parties; but any third party right which exists or is available independently of that Act is
preserved.
17.7 This Agreement, and the Individual Declarations contain the whole agreement between the
Parties and supersede any prior written, or oral, agreement between them in relation to its
subject matter and the Parties confirm that they have not entered into this Agreement on
the basis of any representations that are not expressly incorporated into this Agreement
other than those contained within the DfE Data Extracts Request Application Form and the
Information Security Questionnaire.
17.8 The rights and remedies of either Party in respect of this Agreement shall not be
diminished, waived or extinguished by the granting of any indulgence, forbearance or
extension of time granted by one Party to the other nor by any failure of, or delay by the
said Party in ascertaining or exercising any such rights or remedies. The waiver by either
Party of any breach of this Agreement shall not prevent the subsequent enforcement of that
provision, and shall not be deemed to be a waiver of any subsequent breach of that or any
other provision.
16
17.9 Any provision of this Agreement which is held invalid or unenforceable shall be ineffective
to the extent of such invalidity or unenforceability without invalidating or rendering
unenforceable the remaining provisions hereof.
17.10 This Agreement may be executed in any number of counterparts, each of which when
executed and delivered shall constitute an original of this Agreement, but all the
counterparts shall together constitute the same contract. No counterpart shall be effective
until each Party has executed at least one counterpart.
18. INTELLECTUAL PROPERTY RIGHTS - DfE DATA EXTRACTS
18.1 All Intellectual Property Rights in the DfE Data Extracts and in any database containing DfE
Data compiled by DfE are vested and shall remain vested in DfE. The Requester
acknowledges that the DfE Data Extracts is derived from databases compiled and owned
by DfE and that DfE retains all rights in the DfE Data Extracts and such databases under
the Copyright Rights in Databases Regulations 1997.
© Crown copyright 2018
You may re-use this document / publication (not including logos) free of charge in any
format or medium, under the terms of the
Open Government Licence v3.0.
Where we have identified any third party copyright information you will need to obtain
permission from the copyright holders concerned.
Any enquiries regarding this document should be sent to us at
xxxx.xxxxxxx@xxxxxxxxx.xxx.xx
17