The terms set out in the covering Letter of Engagement and the following Terms of Business are the terms on which Gordons Property Lawyers Limited (“GPL” “we” or “our”) will provide its services.

We are a Limited Company registered in England & Wales with number 03758842. Gordons Property Lawyers is a trading name of Gordons Property Lawyers Limited. The Registered Office of Gordons Property Lawyers Limited is SC House, Vanwall Road, Maidenhead, Berkshire SL6 4UB.

We are a law firm authorised and regulated by the Solicitors Regulation Authority (SRA). Our registration number is 463234. We comply with the SRA Handbook, which includes professional rules and regulations such as the SRA Code of Conduct, and is available on the SRA website at www.sra.org.uk

Any advice given to you or other work undertaken for you by a director, employee or consultant of GPL will be given or undertaken by that person on behalf of GPL and not in his or her individual capacity. Our directors, employees and consultants do not owe a personal duty of care nor assume any personal responsibility for the advice or other work.

All work carried out for you is subject to these Terms of Business and the terms set out in the Letter of Engagement, except to the extent that changes are expressly agreed in writing by a director of GPL.

These Terms of Business and the covering Letter of Engagement are effective from the outset of our relationship with you or after five business days from the date of supply of these Terms of Business to you if you are an existing client.

Our aim is to make our Terms of Business as clear as possible but please contact us if you would like a more detailed explanation of any of the terms.

1. INSTRUCTIONS

1.1 We will assume that where we are instructed to act on behalf of a corporate client, unless you instruct us to the contrary, that any of your directors or employees who give us instructions are authorised to do so and we may act on instructions given orally. We may take steps to ensure that the director or employees has authority to give instructions.

1.2 Where we act for two or more clients jointly it is on the clear understanding that liabilities towards us will be joint and several and that we are authorised to act on instructions from either, both or any of them. However, in order to satisfy ourselves, we may take steps to ensure that where one client gives instructions they have the authority to do so on behalf of all the clients.

2. RESPONSIBILITY AND LIABILITY

2.1 Our liability to you arising out of or in connection with your instructions shall be limited to £3,000,000. we will not be liable for any consequential, special, indirect or exemplary damages, costs or losses or any damages, costs or losses attributable to lost profits or opportunities.

2.2 We cannot and do not seek to limit our liability otherwise than where, and to the extent, the law allows. we cannot and do not seek to limit our liability in respect of death, personal injury, fraud or fraudulent misrepresentation.

2.3 Our responsibility is only to you as the client. we shall not be under a duty to, nor have responsibility or liability towards, any other person in connection with or in any way arising out of the work we have agreed to undertake (unless that person is also a client in relation to the work), even if the objective of your instructions is to confer a benefit upon such a person. you may not assign the benefit of any right or cause of action under, in relation to or arising out of our agreement to any person without our prior consent in writing.

2.4 You also agree that our liability shall not be increased by:

  • any limitation, exclusion or restriction of liability you have agreed with any other adviser or
  • your decision or inability to recover from that adviser.

3 CONFIDENTIALITY

Any information, not already in the public domain or known to us, that we may receive from you while acting for you in connection with any matter is confidential. However, in some circumstances we may be required to disclose confidential information and documents to the court or to regulatory or fiscal authorities or for inspection in connection with our Lexcel or other practice accreditation or standard. Should we be so required, we will, to the extent we are permitted, endeavour to give you as much advance notice as possible of the disclosures we are obliged to make.

Please note that by accepting our Terms of Business you are consenting to the inspection of your file should it be selected for audit or for regulatory compliance or for practice accreditation or standards checks.

4 INTELLECTUAL PROPERTY RIGHTS

You will have the right and licence to distribute copies of materials we create for you within your own organisation in relation to the work for which they were drawn up. However, all copyright and other intellectual property rights in all documents, reports, written advice or other materials provided by us remains with us. If you wish to distribute copies of these materials outside your own organisation, this will require our permission.

5 YOUR MONEY

5.1 Unless we agree otherwise with you, any money we hold for you will be deposited with a clearing bank. We will not be responsible for any loss due to any mistake by or failure of the clearing bank.

5.2 When we hold money for you in our general client account, we will pay interest to you of a fair and reasonable amount when it is fair and reasonable to do so.
We do not pay interest if the amount calculated is £50 or less, or the amount held is
£1,000 or less, or where the money is held in a client deposit account for less than 1 week except where we otherwise agree with you in writing.
In all other circumstances, we will calculate interest at the end of a matter and account to you promptly. The rate of interest is the base rate of Allied Irish Bank (GB). This is unlikely to be as much interest as if you had held and invested the money yourself.

5.3 At the end of the matter we will provide you with details of the money we are holding for you. Where the sum is £10 or less, we would like with your permission to donate this amount to a charity of your choice or to our chosen charity, we will consider that these funds fall within rule 20.2 of the SRA Accounts Rules 2011 and we will make arrangements to donate them to a charity of our choice at the appropriate time.

6 VALUE ADDED TAX

Value Added Tax (“VAT”) chargeable upon amounts invoiced by us is payable in addition to our fees and expenses. We will deliver an appropriate VAT invoice to the client for whom we have performed our services. If you have arranged with a third party for that third party to pay our fees, the third party will not normally be entitled to recover any VAT element and you will remain responsible to use for payment of our fees and expenses. Our VAT registration number is 195851366.

7 PAYMENT OF FEES

A guarantee or agreement by a third party for payment of our fees and expenses does not absolve you from your ultimate responsibility for payment of our fees and expenses if the third party does not pay.

8 EQUALITY AND DIVERSITY

We are committed to eliminating unlawful, encouraging equality of opportunity and respect for diversity. We do not discriminate unlawfully on grounds of race, religion or belief, gender reassignment, sex and sexual orientation, age , disability or marriage and civil partnership in the provision of any of our services or when instructing counsel or other experts, or when deciding whether or not we are able to accept a client’s instructions. A copy of our Equality & Diversity Policy is available upon request.

9 CONFLICT OF INTEREST

We will check for conflicts of interest before taking on work and whilst we are retained by you. Where a conflict arises between your interests and the interests of another client of the firm during the course of a matter, we will discuss the position with you and determine the appropriate course of action. In order to protect your interests we may not be permitted to continue to act for you

10 COMPLAINTS RESOLUTION PROCEDURE

10.1 We wish to provide an extremely high service with efficiency and courtesy. It is our aim that our clients should be satisfied with all aspects of work undertaken by us.

10.2 However, if you are unhappy with any aspect of our service, or the amount of our bill, please your case handler who will try and resolve the issue with you. Alternatively, please contact the relevant Team Leader/Manager
who will review the complaint with the Case Handler. We have a Complaints Resolution Procedure in place a copy of which will be sent to you on request.

10.3 We undertake to investigate any complaint carefully and promptly and to do all we can to explain the position to you. If we have given you a less than satisfactory service we undertake to do everything reasonable to put it right and if you are still not satisfied, you may, of course, refer it to the Legal Ombudsman at PO Box 6806, Wolverhampton, WV1 9WJ or by telephone on 0300 555 0333 or by email to enquiries@legalombudsman.org.uk. You have 6 months from the date of our final response to contact the Legal Ombudsman or 6 years from the date of the act or omission giving rise to the complaint if the matter has not been brought to our attention previously.

11 ANTI – MONEY LAUNDERING

11.1 Please note that our relationship will be a business relationship for the purpose of the Money Anti-Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLR 2017).

11.2 We are required to obtain verification of the identity of our clients and will need to ask for evidence of your identity. In the absence of prompt provision of such evidence at or as soon as possible after the start of our relationship, we are unable to accept the receipt of funds into our client account and may have to decline to act or stop acting. In accordance with our money laundering reporting procedures, where suspicions of money laundering arise, there may be occasions where we are obliged to reveal information to the appropriate authorities.

11.3 We use electronic identification service providers to confirm your identity and that of any third parties who are beneficial owners or beneficially interested. It is a condition of our agreement with you that you consent to us doing so, on your behalf and on behalf of those beneficial owners or beneficially interested. In addition, we will ask you to provide duly certified copies of one photo ID and two utility bills ID in accordance with our ID checking procedures. We would warn against the dangers of sending valuable original personal documents such as passports by normal post, because of the dangers of interception and fraud, and of course these dangers can even exist with registered and other guaranteed postal services.
The anti-money laundering guidance which UK banks and other finance services firms must adhere to is issued by the Joint Money Laundering Steering Group (“JMLSG”). The JMLSG considers all clients with funds deposited in a law firm’s pooled client account to be beneficial owners of that account. The JMLSG does not require banks to routinely identify the beneficial owners of law firm’s pooled accounts, as they do with most other accounts they issue. Pooled client accounts are granted this exemption on the proviso that this information is available upon request. In the event of Our bank requesting information about the beneficial owners of Our pooled client account, You agree to Us disclosing Your details to them.
11.4 Where you are acting on behalf of a business or other legal entity, we will in addition need to undertake verification of identity on each “beneficial owner” of the business or entity. We will let you know what is required in this respect once the nature of the business or entity is clear to us.

11.5 Under the provisions of the Proceeds of Crime Act 2002 (“POCA”), we may be required to make a report to the relevant authorities if at any time we become aware of or suspect (whether from you or any other person) the existence of the proceeds of crime in relation to any Services on which we are engaged. Our obligation to make such a report will, in certain circumstances, override our duty of solicitor/client confidentiality and we may not be permitted to inform you whether or not we have made, or might intend to make, such a report.We may terminate the provision of any Services to you or be instructed to do so by the relevant authorities, if you fail to comply with your obligation to provide evidence of identity or we suspect that you or any other party connected with you or with the Matter is involved in activities proscribed by POCA.
11.6 Our firm’s policy is not to accept cash from clients. If clients circumvent this policy by depositing cash direct with our bank, we reserve the right to charge for any additional checks we deem necessary regarding the source of the funds.

11.7 When clients or third parties send funds to us MLR 2017 requires us to identify the account from which the funds have been sent (‘source of funds’) and how the funds were accumulated (‘source of wealth’). It is essential that we hold this information on file before receiving or transacting the funds. As a consequence, you may be asked to provide detailed information concerning source of funds or wealth to satisfy these requirements.

12 FINANCIAL SERVICES

12.1 Our work may involve financial services. Although we are not authorised under the Financial Services and Markets Act 2000, we are able, in certain circumstances, to offer a limited range of financial services to clients because we are a member of the Law Society of England and Wales which is a designated professional body for these purposes

12.2 Responsibility for regulation and complaints handling has been separated from the Law Society’s representative functions. The Solicitors Regulation Authority is the independent regulatory body of The Law Society and The Legal Ombudsman is the independent complaints handling body for solicitors in England & Wales. Complaints and redress mechanisms for any financial services work which we undertake are provided through the Solicitors Regulation Authority and the Legal Ombudsman.

12.3 We are not authorised by the Financial Conduct Authority. However we are included on the Register maintained by the Financial Conduct Authority so that we can carry on insurance mediation activity, which is broadly the advising on, selling and administration of insurance contracts. This part of our business, including arrangements for complaints or redress if something goes wrong, is regulated by the Solicitors Regulation Authority. The Register can be accessed via The Financial Conduct Authority website at http://www.fca.org.uk

13 DATA PROTECTION

13.1 All information that we hold concerning you as an individual will be held and processed by us strictly in accordance with applicable Data Protection Legislation which for the purposes of these Terms of Business means unless and until the General Data Protection Regulation ((EU) 2016/679) (GDPR) is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation as amended or updated from time to time in the UK and then any successor legislation to the GDPR. Such information will be used by us to provide you with legal services and for related purposes. Please read our Privacy Notice which can be found at www.gplawyers.co.uk and which forms part of these Terms of Business.

13.2 You confirm by signing our Letter of Engagement that you will comply, with all requirements of the Data Protection Legislation that apply to you.

13.3 Where under our Letter of Engagement you act as a data controller (as defined in the Data Protection Legislation) and we also act as a data controller then the provisions of Part 1 of the Schedule to these Terms of Business shall apply.

13.4 Where, under our Letter of Engagement, you act as a data controller and we act as a data processor (as defined in the Data Protection Legislation) on your behalf the provisions of Part 2 of the Schedule to these Terms of Business shall apply.

14 CLAIMS

14.1 You agree not to bring any claim in respect of loss or damage suffered by you out of or in connection with our services (including but not limited to delay or non-performance of our services) against any of our directors, employees or consultants. This restriction will not operate to limit or exclude the liability of the Company itself for the acts or omissions of any director, employee or consultant of the Company. It is agreed that any director, employee or consultant of the Company will have the right to enforce this clause pursuant to the Contracts (Rights of Third Parties) Act 1999.

14.2 Nothing in these Terms of Business or in the Letter of Engagement, however, excludes or limits our liability for death or personal injury caused by our negligence or any claim you may have against a director, employee or consultant of the LLP for fraud.

15 THIRD PARTIES

Except to the extent that our directors, employees and consultants can benefit under this paragraph, the Contract (Rights of Third Parties) Act 1999 does not apply to the terms of our engagement or any subsequent amendment of them unless expressly confirmed in writing by one of our directors that the Act shall apply. Accordingly, unless we agree in writing to the contrary, any advice we may give shall not be communicated to, or relied on by, any person other than you to whom it is directed and the covering Welcome Letter and these Terms of Business shall not create any right enforceable by a person who is not a party to the agreement between us.

16 COMMUNICATION

Correspondence from us to you shall be deemed to be in writing if it is in the form of a printed or handwritten letter or other document or in the form of a facsimile message or electronic mail message. Any such written correspondence (including without limit invoices) shall be deemed to have been delivered:

16.1 if sent by post to the address on the Welcome Letter (or any other address notified by you): 2 days from the date of posting (and in proving such service it shall be sufficient that such communication was properly addressed, stamped and put in the post);

16.2 if sent by facsimile transmission to a number notified by you: on the day and at the time of the transmission to the relevant number;

16.3 if sent by electronic mail to your notified email address: on the day and at the time it is transmitted to the relevant electronic mailbox.

Any correspondence under paragraph 16.2 or paragraph 16.3 which was not sent at a time which was during business hours on a business day shall be deemed to have been duly delivered on the commencement of business hours on the business day immediately following the day on which it was sent.

You agree to accept the risks of using electronic mail, including but not limited to the risks of viruses, interception, unauthorised access, delay, mis-routing and breakdown of service providers.

Electronic mail may be monitored for the purposes of ascertaining compliance with the Solicitors Regulation Authority’s and our regulatory practices and procedures.

17 STORAGE

17.1 On completion of our work, following payment of our fees, any original documents will be returned. We will retain your file in an electronic format for 7 years.

17.2 Unless you instruct us to the contrary, you, by acceptance of the terms of engagement, authorise us to destroy all records of our work 7 years after the date of our final invoice.

17.3 If we produce hard copies of files or documents from our electronic storage system at your request, we will be entitled to recover a reasonable charge for time and materials.

18 TERMINATION

You may terminate your instructions to us at any time. We may only stop working for you for good reason and on reasonable notice. If our relationship is ended by you or us, you will only be liable for our fees up until termination plus VAT and expenses. We will be entitled to retain all your files and documents while there is money owing to us.

19 LAW AND JURISDICTION

19.1 Our agreement with you, consisting of the covering Letter of Engagement and these Terms of Business, is deemed to be made in England and shall be interpreted and construed in accordance with English Law.

19.2 The Courts of England shall have exclusive jurisdiction to settle any dispute (including claims for set off and counterclaims) which may arise in connection with the validity, effect, interpretation or performance of our agreement with you.

20 WHOLE AGREEMENT

20.1 The covering Letter of Engagement with its enclosures, if any, and these Terms of Business set out the entire agreement between us in connection with the work you have instructed us to do. Should you instruct us to carry out additional work in the same area of our legal services, these Terms of Business and the terms of the Letter of Engagement, with the exception of the paragraph(s) headed “Scope” and “Fees”, will continue to apply and shall, with the agreement reached between us on the scope of the additional work, represent the entire agreement between us in connection with such additional work.

20.2 In the event that any part of the covering Letter of Engagement or any of these Terms of Business is or shall become invalid, illegal or unenforceable, the remainder shall survive unaffected.

Schedule – Data Protection

Part 1 – Data Controller provisions

“Controller” For the purposes of this Schedule “data controller”, “processor”, “data processor”, “data subject”, “personal data”, “processing” and “appropriate technical and organisation measures” have the meanings set out or attributed to them in the Data Protection Legislation in force at that time.

1. DEFINITIONS

For the purposes of this Part 1 of the Schedule the following definitions shall apply:
Agreed Purposes: the purposes to which the scope of work set out in our Letter of Engagement relate and such other purposes associated with your instructions under our Letter of Engagement or agreed in writing between us, in each case being purposes for which personal data may be held.
Permitted Recipients: each of you and us, your and our employees and any third parties and their employees engaged to perform services and instructions in connection with our Letter of Engagement, and any other permitted recipients agreed between us in writing.
Shared Personal Data: the personal data to be shared between you and us under paragraph 2.1 of Part 1 of this Schedule. Shared Personal Data shall be confined to the types of information relevant to the categories of data subject agreed between us in writing.

2. DATA PROTECTION

2.1 Shared Personal Data. This paragraph 2 sets out the framework for the sharing of personal data between you and us each acting as data controllers. Each of us acknowledges that one of us (the Data Discloser) will regularly disclose to the other (the Data Recipient) Shared Personal Data collected by the Data Discloser for the Agreed Purposes.

2.2 Effect of non-compliance with Data Protection Legislation. Each of us will comply with all the obligations imposed on a data controller under the Data Protection Legislation, and any material breach of the Data Protection Legislation by one of us shall, if not remedied within 30 days of written notice from the other, give grounds for the other to terminate our Letter of Engagement with immediate effect.

2.3 Particular obligations relating to data sharing. Each of us shall:

(a) ensure that it has all necessary notices and consents in place to enable lawful transfer of the Shared Personal Data to the Permitted Recipients for the Agreed Purposes;

(b) give full information to any data subject whose personal data may be processed under our Letter of Engagement of the nature such processing. This includes giving notice that, on the termination of our Letter of Engagement, personal data relating to them may be retained by or, as the case may be, transferred to one or more of the Permitted Recipients, their successors and assignees;

(c) process the Shared Personal Data only for the Agreed Purposes;

(d) not disclose or allow access to the Shared Personal Data to anyone other than the Permitted Recipients;

(e) ensure that all Permitted Recipients are subject to written contractual obligations concerning the Shared Personal Data (including obligations of confidentiality) which are no less onerous than those imposed by our Letter of Engagement and these Terms of Business;

(f) ensure that it has in place appropriate technical and organisational measures, reviewed and approved by the other person, to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

(g) not transfer any personal data received from the Data Discloser outside the EEA unless the transferor:

(i) complies with the relevant provisions of the GDPR (in the event the third party is a joint controller); and

(ii) ensures that (i) the transfer is to a country approved by the European Commission as providing adequate protection pursuant to the GDPR; (ii) there are appropriate safeguards in place pursuant to the GDPR; or (iii) one of the derogations for specific situations in the GDPR applies to the transfer.

2.4 Mutual assistance. Each of us will assist the other in complying with all applicable requirements of the Data Protection Legislation. In particular, each of us shall:

(a) consult with the other about any notices given to data subjects in relation to the Shared Personal Data;

(b) promptly inform the other about the receipt of any data subject access request;

(c) provide the other with reasonable assistance in complying with any data subject access request;

(d) not disclose or release any Shared Personal Data in response to a data subject access request without first consulting the other wherever possible;

(e) assist the other, at the other’s cost, in responding to any request from a data subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;

(f) notify the other without undue delay on becoming aware of any breach of the Data Protection Legislation;

(g) at your written direction of the Data Discloser, delete or return Shared Personal Data and copies thereof to the Data Discloser on termination of our Letter of Engagement unless required by law to store the personal data;

(h) use compatible technology for the processing of Shared Personal Data to ensure that there is no lack of accuracy resulting from personal data transfers;

(i) maintain complete and accurate records and information to demonstrate its compliance with this paragraph 2 of Part 1 of the Schedule; and

(j) provide the other with contact details of at least one employee as point of contact and responsible manager for all issues arising out of the Data Protection Legislation, including the joint training of relevant staff, the procedures to be followed in the event of a data security breach, and the regular review of the parties’ compliance with the Data Protection Legislation.

2.5 Indemnity. Each of us shall indemnify the other against all liabilities, costs, expenses, damages and losses (including but not limited to any direct, indirect or consequential losses, loss of profit, loss of reputation and all interest, penalties and legal costs (calculated on a full indemnity basis) and all other reasonable professional costs and expenses) suffered or incurred by the party indemnified arising out of or in connection with a breach of the Data Protection Legislation by the indemnifier, its employees or agents, provided that the party indemnified gives prompt notice of such claim, full information about the circumstances giving rise to it and reasonable assistance in dealing with the claim, and sole authority is given to the indemnifier to manage, defend and/or settle the claim. To the extent it is permissible to do so by law (but not otherwise) Gordons Solicitors Limited’s liability under this paragraph shall be subject to the limits set out in paragraph 2 (Responsibility and Liability) of these Terms of Business.

Part 2 – Data Processor provisions

DATA PROTECTION

1. Each of us acknowledges that for the purposes of the Data Protection Legislation, you are the data controller and we are the data processor. You and we shall act in good faith and use reasonable endeavours to agree as soon as reasonably practicable the extent of the scope, nature and purpose of processing by us, the duration of the processing and the types of personal data and categories of data subject.

2. You will ensure that you have all necessary appropriate consents and notices in place to enable lawful transfer of the personal data to us for the duration and purposes of our Letter of Engagement.

3. We shall, in relation to any personal data processed in connection with the performance by us of our obligations under our Letter of Engagement:

(a) process that personal data only on your written instructions unless we are required by the laws of any member of the European Union or by the laws of the European Union applicable to us to process personal data (Applicable Laws). Where we are relying on laws of a member of the European Union or European Union law as the basis for processing personal data, we shall promptly notify you of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit us from so notifying you;

(b) ensure that we have in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of our systems and services, ensuring that availability of and access to personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by us);

(c) ensure that all our personnel who have access to and/or process personal data are obliged to keep the personal data confidential; and

(d) not transfer any personal data outside of the European Economic Area unless your prior written consent has been obtained and the following conditions are fulfilled:

(i) you or we have provided appropriate safeguards in relation to the transfer;

(ii) the data subject has enforceable rights and effective legal remedies;

(iii) we comply with our obligations under the Data Protection Legislation by providing an adequate level of protection to any personal data that is transferred; and

(iv) we comply with reasonable instructions notified to us in advance by you with respect to the processing of the personal data;

(e) assist you, at your cost, in responding to any request from a data subject and in assisting your compliance with your obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;

(f) notify you without undue delay on becoming aware of a personal data breach;

(g) at your written direction, delete or return personal data and copies thereof to you on termination of our Letter of Engagement unless required by Applicable Law to retain and/or store the personal data; and

(h) maintain complete and accurate records and information to demonstrate our compliance with this paragraph 3 of Part 2 of the Schedule.

4. You do not consent to us appointing any third party processor of personal data under our Letter of Engagement. If you subsequently consent in writing to us appointing a third party processor of personal data under our Letter of Engagement, it is agreed you will only do so on the basis we confirm that we have entered or (as the case may be) will enter with the third party processor into a written agreement incorporating terms which are substantially similar to those set out in this Part 2 of the Schedule. As between you and us, we shall remain fully liable for all acts or omissions of any third party processor appointed by it us.

5. Either of us may, at any time on not less than 30 days’ notice, revise this Part 2 of the Schedule by replacing it with any applicable controller to processor standard clauses or similar terms forming part of an applicable certification scheme (which shall apply when replaced by attachment to our Letter of Engagement).

6. The processing that shall be carried on by us shall be limited as follows:

Scope, nature and purpose – processing associated with the scope of work set out in our Letter of Engagement.

Duration – for the duration of our Letter of Engagement and thereafter as required for the purposes of our Letter of Engagement and in accordance with our obligations under Applicable Laws and regulations.

Types of personal data – such types of personal data as are required by and/or relevant to our Letter of Engagement.

Categories of data subject – such categories of data subject as are required by and/or relevant to our Letter of Engagement.