Data protection agreement between HESA and IFF Research
Below are the paragraphs from the contract between HESA and IFF Research detailing the data protection agreements for the first survey.
IFF Research warrants that:
- 7.2.1 the Survey shall be accurate in all respects;
- 7.2.2 it is registered under the Data Protection Act 1998 (the “Act”) and has all necessary technical, organisational and security measures in place to comply with the terms of the Act;
- 7.2.3 it shall at all times comply with the terms of the Act.
Confidentiality and security
- 15.1 The definition in this clause applies in this Agreement.
Confidential Information: all information, whether technical or commercial (including all specifications, drawings and designs, disclosed in writing, on disc, orally or by inspection of documents or pursuant to discussions between the parties), where the information is: a) identified as confidential at the time of disclosure; or b) ought reasonably to be considered confidential given the nature of the information or the circumstances of disclosure.
- 15.2 Each party shall protect the Confidential Information of the other party against unauthorised disclosure by using the same degree of care as it takes to preserve and safeguard its own confidential information of a similar nature, being at least a reasonable degree of care.
- 15.3 IFF Research undertakes to make all relevant employees, agents and sub-contractors aware of the confidentiality of the information and the provisions of this clause and without prejudice to the generality of the foregoing to take all such steps as shall from time to time be necessary to ensure compliance by its employees agents and sub-contractors with the provisions of this Clause.
- 15.4 All confidential Information obtained or received by either party during the course of this Agreement is confidential and save as set out herein, or where the other party has given their written consesnt, must not be disclosed to any other individual, body, firm or company except where the receiving party can demonstrate that such information:
- 15.4.1 is or has become publicly known other than through breach of this clause 15; or
- 15.4.2 was in possession of the receiving party prior to disclosure by the other party; or
- 15.4.3 was received by the receiving party from an independent third party who has full right of disclosure; or
- 15.4.4 was independently developed by the receiving party; or
- 15.4.5 was required to be disclosed by a governmental authority or regulatory body, under any applicable law or by order of a court or other authority of competent jusrisdiction provided that the party subject to such requirement to disclose gives the other party prompt written notice of the requirement.
- 15.5 The obligations of confidentiality in this clause 15 shall not be affected by the expiry or termination of this Agreement.
- 15.6 IFF Research will take all reasonable steps to ensure the security and integrity of the assets of HESA are maintained. Assets include, but are not limited to, all databases, data files, system documentation, user manuals, training materials, operational and support procedures, continuity plans, archived information, application software, system software, development tools and utilities, computers, monitors, printers, routers, switches, modems, telephones, PABXs, fax machines, answering machines, tapes, disks, power supplies, air-conditioning equipment, furniture, accommodation and related services.
- 15.7 IFF Research will ensure that all its employees or sub-contractors granted access, whether physical or otherwise, to assets of HESA are made aware of this Agreement and will themselves ensure that the assets, security and integrity are maintained.
IFF Research and HESA are also working in line with the information provided in frequently asked questions for graduates and frequently asked questions for providers.