Ideal Postcodes Terms of Service (May 2018)
By using the Ideal Postcodes Service You agree to be bound by the following Terms of Service.
Part 1: Standard Contractual Clauses
API Calls means a request for data to our online services initiated by You
Annual Internal User Licence refers to the fixed cost annual licence We provide that facilitates address validation performed by an Internal User
Annual Website Licence refers to the fixed cost annual licence We provide that facilitates address validation across public website or application use for a single legal entity
Automated Top-Up refers to the automated billing service, which replenishes the balance on Your API Key
Automated Top-Up Threshold means the lookup balance, below which an Automated Top-Up would be triggered
API Key means the access key required to use our online HTTP API services
End User means the single legal entity licensed to use PAF Data, which could be You or a licensed organisation for which You are acting as an authorised representative
End User Customers means customers of the End User
IDDQD Group means IDDQD Limited and any of its Company Affiliates
Ideal Postcodes Service means the service provided by IDDQD Limited and Company Affiliates
Ideal Postcodes Website means https://ideal-postcodes.co.uk
Internal User means the employees, contractors, sub-contractors or other such representatives of the End User
PAF Data means Royal Mail's database known as the Postcode Address File (PAF)
Pay-As-You-Go Usage refers to the metered service We provide, which requires pre-purchasing of a balance of lookups on an API Key
Public Sector Licence means the licence provided by Royal Mail which permits a Public Sector Organisation's use of PAF Data
Public Sector Plans refers to the fixed cost annual or monthly licence We provide for Public Sector Organisations registered with Royal Mail
Royal Mail End Users' Terms means the document which outlines Your obligations as an End User of PAF data
Sub-contractor means a third party who manages the Ideal Postcodes account and API integration on behalf of the End User
Sublicensee means an End User acquired by You via our Sublicensing Platform
Sublicensing Platform refers the tool We provide that enables You to license End Users using API Calls to the Ideal Postcodes Service
Terms of Service means this document, which governs the commercial relationship between You and Us
Website means a website, application or other remotely-enabled means of communicating with End User Customers for products and services, made generally available to such customers
You or Your refers to the owner of the Ideal Postcodes Service account
We or Our or Us refers to the IDDQD Group
IDDQD Group grants You the non-exclusive, non-transferable licence to use the Ideal Postcodes Service, subject to the provisions of this Terms of Service.
You may use the Ideal Postcodes Service to retrieve, validate or cleanse addressing information.
You must not use the Ideal Postcodes Service for the purposes of identifying Data Subjects where You do not have the relevant permission or consent from the Data Subject.
You agree that email communications are contractually binding in the same way as properly signed and dated paper sent by post. Our e-mail message will also confirm details of Your purchase.
We may update the Terms of Service from time to time. You will be required to agree to any updates to the Terms of Service in order to make a new order submission.
You must be 18 years old or over to create or use an account on the Ideal Postcodes Website.
If You are a Sub-contractor managing an Ideal Postcodes account on behalf of Your client, by agreeing to these terms You confirm that Your client has agreed to both the Ideal Postcodes Terms of Service and Royal Mail End Users' Terms.
Nothing in this agreement or on the Ideal Postcodes Website shall confer on any third party any benefit under the provisions of the Contracts (Rights of Third Parties) Act 1999.
Interruption to the service for reasonable periods due to maintenance or causes beyond our control are not sufficient grounds for refund.
If any of these terms is at any time held by any jurisdiction to be void, invalid or unenforceable, then it shall be treated as changed or reduced, only to the extent minimally necessary to bring it within the laws of that jurisdiction and to prevent it from being void and it shall be binding in that changed or reduced form. Subject to that, each provision shall be interpreted as severable and shall not in any way affect any other of these terms.
No waiver by Us, in exercising any right, power or provision in this agreement shall operate as a waiver of any other right or of that same right at a future time; nor shall any delay in exercise of any power or right be interpreted as a waiver.
In the event of a dispute arising out of or in connection with these terms or any contract between You and Us, then You agree to attempt to settle the dispute by engaging in good faith with Us in a process of mediation before commencing any arbitration or litigation.
We are not liable for any breach of our obligations resulting from causes beyond our reasonable control.
This Terms of Service shall be governed by and construed in accordance with the law of England.
Legitimate Usage Only
You agree to provide accurate information about Yourself where requested. You are responsible for maintaining the confidentiality of Your account and password and for preventing any unauthorised person from using Your account.
The Terms of Service of an Ideal Postcodes API Key is bound by the type of API Key that You have created or has been provided to You.
We reserve the right to suspend Your account if You are not using Your API Key according to the Terms of Service.
Purchasing, Price and Payment
Our products can only be purchased online using a debit card, credit card, direct debit or BACS.
Payments by debit or credit card are billed at time of order and confirmed by email.
Limitation of Liability
We may make improvements to the Ideal Postcodes Service without advance notice.
We give no warranty and make no representation, express or implied, as to:
- The appropriateness of the Products for Your purpose.
- The truth of any content on the Ideal Postcodes Website.
- Any implied warranty or condition as to merchantability or fitness of the Products for a particular purpose.
- Compatibility of the Ideal Postcodes Service with Your infrastructure.
The Ideal Postcodes Website contains links to other websites outside our control. You agree that We shall not be liable in any way for the content of any such linked website, nor for any loss or damage arising from Your use of any such website.
We are not liable in any circumstances for special, indirect or consequential loss or any damages whatsoever resulting from loss of use, loss of data or loss of revenues or profits, whether in an action of contract, negligence or otherwise, arising out of or in connection with Your use of the Ideal Postcodes Service.
In any claim against Us, any liability is limited to the value of the services You have purchased in the contract which is the subject of the dispute.
You agree to indemnify Us against any claim or demand, including reasonable lawyers’ fees, made by any third party due to or arising in any way out of Your use of the Ideal Postcodes Service, Your posting of any material, or the infringement by You, or by any other person using Your computer, of any intellectual property or other right of any person.
Pay-As-You-Go Lookup Usage
Pay-As-You-Go Lookup users agree to be additionally bound by the following Terms of Service:
- Lookups must be purchased ahead of time in order to access the Ideal Postcodes Service.
- Each purchased batch of lookups is valid for 12 months from their activation date and at the end of such period unused lookups in a purchased lookup batch shall expire.
- When Automated Top-Ups are enabled, You authorise Us to bill Your chosen payment method for the amount specified on the pre-agreed automated top-up plan.
- When Automated Top-Ups are enabled, You authorise Us to bill You up to 30 days in advance of Your unused balance expiring. This is to pre-empt any disruption in Your integration upon expiration of Your balance. You may request a reversal and refund up to 28 days following notification of such a top-up.
- Any test balance disbursed on Your account (including Your initial free balance) may only be used for testing and evaluation purposes.
Public Sector Plans Usage
Public Sector Plan users agree to be additionally bound by the following Terms of Service:
- You warrant that You hold a Public Sector Licence with Royal Mail.
- You agree to use the Ideal Postcodes Service within the terms laid out in Royal Mail's Public Sector Licence Use Terms.
- Upon the cancellation or expiry of the Public Sector Licence agreements or the termination of Your Public Sector Licence status, IDDQD Group reserves the right to terminate Your Public Sector Plan. In this case, You may be eligible for a partial refund for the remaining period of time left on the plan as determined by Us.
Our Public Sector Plans are available to You subject to Royal Mail's Public Sector Licence agreements and Your Public Sector Licence status. As such, the Public Sector Plans are only available to organisations that hold a Public Sector Licence with Royal Mail.
Annual Website Licence Usage
Annual Website Licence users agree to be additionally bound by the following Terms of Service:
- Your usage of this licence will only be deployed for public websites or applications to capture or verify address details of Your users where:
- Website users are not the End User's employees or concerned with the provision of services to the End User (unless acting in a personal capacity).
- Neither the use of the Website nor the End User's product and service offering is connected with the management of address data or data cleansing.
- The address capture or verification is carried out for the purpose of the receipt of products or services enabled by your public Website.
- Unless otherwise agreed in writing, IDDQD Group reserves the right to levy an additional fee if the annual quota for website usage is exceeded. This fee shall not be in excess of the difference between the purchased annual volume tier and the next suitable annual volume tier.
Annual Internal User Licence Usage
Annual Internal User Licence users agree to be additionally bound by the following Terms of Service:
- You agree to acquire an Internal User Licence for each Internal User that access PAF Data.
- You shall ensure that only licensed Internal Users (in respect of those whom You have paid licence fees) utilise the Annual Internal User Licence.
- In respect of Your use of Royal Mail data by means of batch processing or other automated use, each device used for that purpose is deemed to be an Internal User for the purposes of Internal User licence calculation.
Sublicensing Platform Usage
Sublicensing Platform users agree to be additionally bound by the following Terms of Service:
- You agree to acquire and administer Your Sublicensees in accordance with the following Terms of Service.
- You agree to undertake payment of any fees arising from Your Sublicensees utilising the Ideal Postcodes service. These Terms of Service do not preclude You from recouping any usage fees from Your End User.
- In the event of the violation of Royal Mail's End Users' Terms by Your Sublicensee, You agree to assist Your Sublicensee in bringing them into compliance. If Your Sublicensee fails to comply with these terms, You will suspend their access to our services and inform Us by email of a breach of the Terms of the End User's Licence.
- By acquiring and registering an End User with Your Sublicensing Platform Account, You agree to ensure:
- Sublicensees agree to the Royal Mail End Users' Terms.
- Sublicensees continue to comply with Royal Mail’s End Users’ Terms.
- Sublicensee information is accurate and kept up-to-date.
Third Party Data
Royal Mail Data
You agree to use Ideal Postcodes, and any Royal Mail data obtained through this service, in accordance with the Royal Mail End Users' Terms. These terms are available on Our Website.
Certain API Calls will yield Open Data, which are provided at no additional cost. These API Calls and the provenance of their data are documented in the Ideal Postcodes documentation. You agree to use any Open Data obtained through the Ideal Postcodes Service, in accordance with the terms of the relevant Open Data licence.
Ideal Postcodes may supply data from Ordnance Survey datasets (e.g. geolocation data), which carries an Open Government Licence. Open Government Licensed data may be extracted and used freely for commercial and/or non-commercial use. If Open Government Licensed data is used, the following attribution statements apply:
- Contains Ordnance Survey data © Crown copyright and database right [year]
- Contains Royal Mail data © Royal Mail copyright and database right [year]
- Contains National Statistics data © Crown copyright and database right [year]
Part 2: Data Protection
The Part 2 of the Terms of Service shall come into effect on May 24th 2018
Data Protection Definitions
Applicable Laws means (a) European Union or Member State laws with respect to any Personal Data is subject to EU Data Protection Laws; and (b) any other applicable law with respect to any Personal Data in respect of which the Client is subject to any other Data Protection Laws
Client means You, in your capacity as the Data Exporter
Client Group means the Client (You) and any Company Affiliates established and/or doing business in the EEA, or United Kingdom
Company Affiliate means an entity that owns or controls, is owned or controlled by or is or under common control or ownership with Company, where control is defined as the possession, directly or indirectly, of the power to direct or cause the direction of the management and policies of an entity, whether through ownership of voting securities, by contract or otherwise
Data Controller means the person, public authority or any other body which alone or jointly with others determines the purposes and means of the processing of Personal Data; where the purposes and means of processing are determined by EU or Member State laws, the Data Controller (or the criteria for nominating the controller) may be designated by those laws
Data Exporter means the Data Controller or Data Subprocessor who transfers the personal data
Data Importer means the Data Processor who agrees to receive from the Data Exporter personal data intended for processing on the Data Exporter's behalf after the transfer in accordance with the Data Exporter's instructions
Data Protection Laws means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other jurisdiction
Data Subject means an identifiable natural person about whom a Data Controller holds Personal Data
EEA means the European Economic Area
EU Data Protection Laws means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to time, including by the GDPR and laws implementing or supplementing the GDPR
GDPR means EU General Data Protection Regulation 2016/679
IDDQD means IDDQD Limited
IDDQD Group means IDDQD Limited and any of its Company Affiliates
Personal Data means all data which is defined as ‘Personal Data’ under EU Data Protection Laws and to which EU Data Protection Laws apply
Data Processor means a person, public authority, agency or any other body which processes Personal Data on behalf of the Data Controller
Data Subprocessor means a person, public authority, agency or any other body appointed by or on behalf of a Data Processor to process Personal Data on behalf of a Data Controller
In respect of the parties' rights and obligations under this Terms of Service regarding the Personal Data, the parties hereby acknowledge and agree that the Client is the Data Controller or Data Processor, and IDDQD Group is the Data Processor or Data Subprocessor, as applicable.
IDDQD Group agrees that it shall process all Personal Data in accordance with its obligations pursuant to the Terms of Service.
If Client is a Data Processor, the Client warrants to IDDQD Group that Client Group’s instructions and actions with respect to the Personal Data, including its appointment of IDDQD Group as another Data Processor have been authorised by the relevant Data Controller.
Obligations of IDDQD Group
IDDQD Group, in its role as Data Importer, will comply with all applicable Data Protection Laws in the processing of Personal Data.
The Data Importer will process Personal Data only insofar as is reasonable to provide the Ideal Postcodes Service, and will act in accordance with: (i) the Terms of Service, (ii) the Data Exporter's written instructions, (iii) any Applicable Laws.
The Data Importer will notify the Data Exporter without undue delay of any requests from a Data Subject exercising their rights under Privacy and Data Protection Regulations.
The Data Importer will notify the Data Exporter in regards to any legally binding request for disclosure of the Personal Data by a law enforcement authority.
The Data Importer will inform the Data Exporter if any instructions provided by the Data Exporter infringe GDPR.
The Data Importer will comply with requests to amend, transfer or delete Personal Data on behalf of the Client's Data Subjects.
Other than to the extent required to comply with the Applicable Laws, following termination or completion of the Service, IDDQD Group will, upon request, delete or return all Personal Data processed pursuant to the Terms of Service and the Applicable Laws.
Obligations of the Client
With respect to all Personal Data, as the Data Exporter, the Client Group warrants that it shall process and transfer Personal Data in accordance with the relevant provisions of the Applicable Laws.
The Client accepts that, where it is the Data Controller, the Client is solely responsible for determining the lawful processing condition upon which it shall rely in providing instructions to process Personal Data.
The Client accepts that, where it is the Data Processor, the Client Group has been provided authorisation by the Data Controller to process Personal Data.
Where the Client Group consumes third party data as part of the Ideal Postcodes Service, the Client Group acknowledges that third party data may be subject to additional terms to which the Client Group shall comply.
Each Company Group member authorises IDDQD Group to appoint Data Subprocessors.
IDDQD Group will maintain a list of Data Subprocessors in the Terms of Service and will add the names of new and replacement Data Subprocessors to the list prior to them commencing any subprocessing of Personal Data.
IDDQD Group shall give the Client Group prior written notice of the appointment of any new Data Subprocessor, including full details of the Processing to be undertaken by the Data Subprocessor.
If, within 10 days of receipt of that notice, the Client notifies IDDQD in writing of any objections (on reasonable grounds) to the proposed appointment, IDDQD shall not appoint that proposed Data Subprocessor until reasonable steps have been taken to address the objections raised by the Client Group has been provided with a reasonable written explanation of the steps taken.
With respect to each Data Subprocessor, IDDQD Group shall:
- Carry out reasonable due diligence to ensure that the Data Subprocessor is capable of providing sufficient protection for Personal Data.
- Ensure that the arrangement between IDDQD Group and the Data Subprocessor, is governed by a written contract including terms which offer at least the same level of protection for Personal Data as those set out in this Data Processing Addendum and meet the requirements of the GDPR.
- Provide to the Client for review such copies of the Contracted Data Processors' agreements with Data Subprocessors (which may be redacted to remove confidential commercial information not relevant to the Applicable Laws) as the Client may request from time to time.
- Remain liable for any act of a Data Subprocessor that does not comply with the obligations as set out in this Data Processing Addendum.
Transfers outside of EEA
IDDQD Group shall not cause or permit any Personal Data belonging to an EEA resident to be transferred outside of the EEA unless such transfer is necessary for the purposes of IDDQD Group carrying out its obligations.
If an EEA resident’s Personal Data is to be processed outside of the EEA, IDDQD Group agrees to provide and maintain reasonable safeguards as set out in GDPR to lawfully transfer the Personal Data to a third country. These safeguards may include:
- The requirement for IDDQD to execute or procure that the Data Subprocessor execute to the benefit of the Client Group standard contractual clauses approved by the EU authorities under EU Data Protection Laws.
- The requirement for the Data Subprocessor to be certified under the EU-U.S. Privacy Shield Framework.
Security & Personal Data Breach
IDDQD Group will take all security measures required in accordance with Privacy and Data Protection Requirements, and at the request of the Client Group provide a written description of, and rationale for, the technical and organisational measures implemented, or to be implemented, to protect the Personal Data.
IDDQD Group shall ensure that IDDQD Group staff processing Personal Data are subject to a duty of confidence.
In the event of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data processed by IDDQD Group or its Data Subprocessors, IDDQD Shall:
- Notify the Client of the breach
- Co-operate with the Client Group and take such reasonable commercial steps as are directed by the Client to assist in the investigation, mitigation and remediation of each such Personal Data Breach.
IDDQD Group shall provide reasonable assistance to the Client with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required of any Company Group Member, in each case solely in relation to Processing of Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Data Processors.
The Client Group may exercise its right of audit under EU Data Protection Laws in relation to Personal Data.
IDDQD Group shall make available to the Client Group such information (which may be redacted to remove confidential information not relevant to the requirements of the Applicable Law) as the Client Group may reasonably request to demonstrate IDDQD Group's compliance with the obligations of Data Processors under EU Data Protection Laws.
IDDQD Group shall promptly send a copy of any Data Subprocessor agreement it concludes to the Data Exporter upon request.
Any audit carried out by the Client will be conducted in a manner that does not disrupt, delay or interfere with IDDQD Group's performance of its business.
Data Subprocessor List
Listed below is a current list of Data Subprocessors engaged by IDDQD Limited that process some Personal Data in our capacity as a Data Processor or Data Subprocessor.
The Personal Data transferred will be subject to the following basic processing activities:
- Address Validation and Cleansing
- Licensing of entities to access PAF Data via the Ideal Postcodes Services (for users of the Sublicensing Platform)
IDDQD Limited is registered in England & Wales
Company Number: 08302922
VAT Registration Number: 198 3874 41
Registered Office: IDDQD Limited, 40 Bloomsbury Way, Lower Ground Floor, London, WC1A 2SE