Terms and Conditions
1. ABOUT US
1.1 Company details. Skill Measure is a product of AHEX Ltd (company number C95809) (we and us) is a company registered in Malta and our registered office is at 217A New Mill Stree, Mellieha, Malta. Our VAT number is MT27248721.
2. OUR AGREEMENT WITH YOU
2.1 Our Agreement. These terms and conditions (Terms) apply to the order by you and supply of Services by us to you (Contract). They apply to the exclusion of any other terms that you seek to impose or incorporate, or which are implied by trade, custom, practice or course of dealing.
2.2 Change. This version was last updated on 19 May 2021 to simplify and rationalise the data protection particulars. Historic versions can be obtained by contacting us. We may make commercially reasonable changes to this Contract from time to time. If we make material changes to it, we will give you reasonable notice of the changes by emailing you and these shall be deemed to have been accepted by you and will be effective 30 calendar days from the date of notice for all subsequent orders unless we agree otherwise in writing.
2.3 Entire agreement. The Contract is the entire agreement between you and us in relation to its subject matter. You acknowledge that you have not relied on any statement, promise or representation or assurance or warranty that is not set out in the Contract.
2.4 Language. These Terms and the Contract are made only in the English language.
3. PLACING AN ORDER AND ITS ACCEPTANCE
3.1 Placing your order. You may submit an order by using the method set out on www.skillmeasure.co and www.ahex.eu (together Our Websites) or by emailing us at email@example.com. Each order is an offer by you to buy the services specified in the order (Services) subject to these Terms.
3.2 Correcting input errors. Our order process allows you to check and amend any errors before submitting your order to us. Please check the order carefully before confirming it. You are responsible for ensuring that your order is complete and accurate.
3.4 Accepting your order. Our acceptance of your order takes place when we send an electronic invoice or receipt to you to accept it (Order Confirmation), at which point and on which date (Commencement Date) the Contract between you and us will come into existence. The Contract will relate only to those Services confirmed in the Order Confirmation.
3.5 If we cannot accept your order. If we are unable to supply you with the Services for any reason, we will inform you of this by email and we will not process your order. If you have already paid for the Services, we will refund you the full amount.
4. CANCELLING YOUR ORDER AND OBTAINING A REFUND
4.1 You may cancel the order and receive a refund, if you notify us as set out in Clause 4.2 within 30 days of your receipt of the Order Confirmation. You cannot cancel orders that have been completed, even if the 30-day period is still running.
4.2 To cancel the order, you must contact us by email at firstname.lastname@example.org setting our your request for cancellation. We will email you to confirm we have received your cancellation.
4.3 If you cancel the order we will refund you in full for the price you paid for the Services by the method you used for payment. We may deduct from any refund an amount for the supply of the Services already delivered.
5. OUR SERVICES
5.1 Compliance with specification. Subject to our right to amend the specification (see Clause 5.2) we will supply the Services to you in accordance with the specification for the Services appearing on Our Websites at the date of your order in all material respects.
5.2 Changes to specification. We reserve the right to amend the specification of the Services if required by any applicable statutory or regulatory requirement or if the amendment will not materially affect the nature or quality of the Services.
5.4 Reasonable care and skill. We warrant to you that the Services will be provided using reasonable care and skill.
6. YOUR OBLIGATIONS
6.1 It is your responsibility to ensure that:
(a) the terms of your order are complete and accurate;
(b) you provide us with such information and materials we may reasonably require in order to supply the Services, and ensure that such information is complete and accurate in all material respects;
(c) you comply with all applicable laws, including the Equality Act and General Data Protection Regulation ((EU) 2016/679)
(d) you do not copy, reproduce, modify or adapt, translate, disassemble, reverse engineer, create derivative works from, republish, display, transmit, or distribute all or any portion of the Services in any form or media or by any means, except as permitted in accordance with the Contract;
(e) you do not make recruitment or employment decisions solely based on your use of the Services (we expect you to combine multiple assessments, interviews, and other criteria to form balanced employment decisions);
(f) you do not interfere with the security of, or disrupt or otherwise cause harm to the Services, or its system resources;
6.2 If our ability to perform the Services is prevented or delayed by any failure by you to fulfil any obligation listed in Clause 6.1 (Your Default):
(a) we will be entitled to suspend performance of the Services until you remedy Your Default, and to rely on Your Default to relieve us from the performance of the Services, in each case to the extent Your Default prevents or delays performance of the Services. In certain circumstances Your Default may entitle us to terminate the Contract under Clause 15 (Termination);
(b) we will not be responsible for any costs or losses you sustain or incur arising directly or indirectly from our failure or delay to perform the Services; and
(c) it will be your responsibility to reimburse us on written demand for any costs or losses we sustain or incur arising directly or indirectly from Your Default.
8.1 In consideration of us providing the Services you must pay our charges (Charges) in accordance with this Clause 8.
8.2 The Charges are the prices quoted in Schedule A.
8.3 Our Charges may change from time to time, but changes will not affect any order you have already placed.
8.4 Our Charges are, unless otherwise stated, exclusive of VAT. Where VAT is payable in respect of some or all of the Services you must pay us such additional amounts in respect of VAT, at the applicable rate, at the same time as you pay the Charges.
9. HOW TO PAY
9.1 We will send you an electronic invoice within seven days of us sending you the Order Confirmation. Unless otherwise stated on the invoice you shall pay all undisputed amounts on the invoice within 30 days. You can pay for the Services using a debit card or credit card, or bank transfer.
9.2 We will send you an electronic receipt of payment within seven days of us receiving the cleared funds.
9.3 If you fail to make a payment under the Contract by the due date, then, without limiting our remedies under Clause 15 (Termination), you will have to pay interest on the overdue sum from the due date until payment of the overdue sum, whether before or after judgment. Interest under this Clause 9.4 will accrue each day at 4% a year above the European Central Bank (ECB)’s base rate from time to time, but at 4% a year for any period when that base rate is below 0%.
10. INTENTIONALLY LEFT BLANK
11. INTELLECTUAL PROPERTY RIGHTS
11.1 All intellectual property rights in or arising out of or in connection with the Services (other than intellectual property rights in any materials provided by you) will be owned by us.
12. DATA PROTECTION
12.1 For the purposes of this Clause 12 and Schedule B, the following definitions shall apply:
Applicable Laws means:
(a) To the extent Malta GDPR applies, the law of Malta or of a part of Malta;
(b) To the extent EU GDPR applies, the law of the European Union or any member state of the European Union to which the Supplier is subject.
Applicable Data Protection Laws means:
(a) To the extent Malta GDPR applies, the law of Malta or of a part of the Malta which relates to the protection of personal data;
(b) To the extent the EU GDPR applies, the law of the European Union or any member state of the European Union to which the Supplier is subject, which relates to the protection of personal data.
Customer Personal Data means any personal data which we (the Supplier) processes in connection with this agreement, in the capacity of a processor on behalf of you (the Customer).
User Data means any third party personal data and test results from Users instructed by the Customer that accesses the Web Site and is not employed by AHEX Ltd and acting in the course of their employment.
EU GDPR means the General Data Protection Regulation ((EU) 2016/679).
Malta GDPR has the meaning given to it in the Data Protection Act.
12.2 the purposes of this Clause 12 and Schedule B, the terms controller, processor, data subject, personal data, personal data breach and processing shall have the meaning given to them in the Malta GDPR.
12.3 Both parties will comply with all applicable requirements of Applicable Data Protection Laws. This Clause 12 is in addition to, and does not relieve, remove or replace, a party's obligations or rights under Applicable Data Protection Laws.
12.4 The parties have determined that, for the purposes of Applicable Data Protection Laws the Customer and Supplier shall be the Joint data controllers and the Supplier and the listed third party suppliers shall be the joint data processors.
12.5 Without prejudice to the generality of Clause 12.3, the Customer will ensure that it has all necessary appropriate consents and notices in place to enable lawful transfer of the Customer Personal Data to the Supplier and lawful collection of the same by the Supplier for the duration and purposes of this agreement.
12.6 In relation to the Customer Personal Data, Schedule B sets out the scope, nature and purpose of processing by the Supplier, the duration of the processing and the types of personal data and categories of data subject.
12.7 Without prejudice to the generality of Clause 12.3 the Supplier shall, in relation to Customer Personal Data:
(a) process that Customer Personal Data only on the documented instructions of the Customer, which shall be to process the Customer Personal Data for the purposes set out in Schedule B, unless the Supplier is required by Applicable Laws to otherwise process that Customer Personal Data. Where the Supplier is relying on Applicable Laws as the basis for processing Customer Processor Data, the Supplier shall notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit the Provider from so notifying the Customer on important grounds of public interest. The Supplier shall inform the Customer if, in the opinion of the Supplier, the instructions of the Customer infringe Applicable Data Protection Legislation;
(b) implement the technical and organisational measures set out in Schedule C to protect against unauthorised or unlawful processing of Customer Personal Data and against accidental loss or destruction of, or damage to, Customer Personal Data, which the Customer has reviewed and confirms are appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures;
(c) ensure that any personnel engaged and authorised by the Supplier to process Customer Personal Data have committed themselves to confidentiality or are under an appropriate statutory or common law obligation of confidentiality;
(d) assist the Customer insofar as this is possible (taking into account the nature of the processing and the information available to the Supplier), and at the Customer's cost and written request, in responding to any request from a data subject and in ensuring the Customer's compliance with its obligations under Applicable Data Protection Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
(e) notify the Customer without undue delay on becoming aware of a personal data breach involving the Customer Personal Data;
(f) at the written direction of the Customer, delete or return Customer Personal Data and copies thereof to the Customer on termination of the agreement unless the Supplier is required by Applicable Law to continue to process that Customer Personal Data. For the purposes of this Clause 12.7 (f) Customer Personal Data shall be considered deleted where it is put beyond further use by the Supplier; and
(g) maintain records to demonstrate its compliance with this Clause 12.
12.8 The Customer hereby provides its prior, general authorisation for the Supplier to:
(a) appoint processors to process the Customer Personal Data, provided that the Supplier:
(i) shall ensure that the terms on which it appoints such processors comply with Applicable Data Protection Laws, and are consistent with the obligations imposed on the Supplier in this Clause 12;
(ii) shall remain responsible for the acts and omission of any such processor as if they were the acts and omissions of the Supplier; and
(iii) shall inform the Customer of any intended changes concerning the addition or replacement of the processors, thereby giving the Customer the opportunity to object to such changes provided that if the Customer objects to the changes and cannot demonstrate, to the Supplier's reasonable satisfaction, that the objection is due to an actual or likely breach of Applicable Data Protection Law, the Customer shall indemnify the Supplier for any losses, damages, costs (including legal fees) and expenses suffered by the Supplier in accommodating the objection.
(b) transfer Customer Personal Data outside of Malta as required for the Purpose, provided that the Supplier shall ensure that all such transfers are effected in accordance with Applicable Data Protection Laws. For these purposes, the Customer shall promptly comply with any reasonable request of the Supplier, including any request to enter into standard data protection clauses adopted by the EU Commission from time to time (where the EU GDPR applies to the transfer) or adopted by the Commissioner from time to time (where the Malta GDPR applies to the transfer).
13. LIMITATION OF LIABILITY
13.1 Nothing in the Contract limits or excludes our liability for:
(a) death or personal injury caused by our negligence, or the negligence of our employees, agents or subcontractors;
(b) fraud or fraudulent misrepresentation; or
13.2 Subject to Clause 13.1, we will not be liable to you, whether in contract, tort (including negligence), for breach of statutory duty, or otherwise, arising under or in connection with the Contract for:
(a) loss of profits;
(b) loss of sales or business;
(c) loss of agreements or contracts;
(e) loss of use or corruption of software, data or information;
(f) loss of or damage to goodwill; and
(g) any indirect or consequential loss.
13.3 We are not responsible for any recruitment or employment decision made by you or for any other decision made by you connected with your use of the Services. We will not be liable for any claims made against you or against us relating to recruitment or selection decisions made by you resulting from the use of the Services.
13.4 Subject to Clause 13.1, our total liability to you arising under or in connection with the Contract, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, will be limited to 100% of the total Charges paid under the Contract during the 12 months immediately preceding the date on which the claim arose.
13.5 Except as expressly stated in these Terms, we do not give any representations, warranties or undertakings in relation to the Services. Any representation, condition or warranty which might be implied or incorporated into these Terms by statute, by common law or otherwise are, to the fullest extent permitted by law, excluded from the Contract.
13.6 This Clause 13 will survive termination of the Contract.
14.1 Each of us may use the other’s confidential information only for the purpose of fulfiling our respective obligations under the Contract.
14.2 Each party agrees that it shall keep any non-public information that it receives from the other party strictly confidential and shall not disclose it to a third party unless (a) it is required to by a legal or regulatory authority or (b) has the prior written consent of the disclosing party.
15.1 Without limiting any of our other rights, we may suspend the performance of the Services, or terminate the Contract with immediate effect by giving written notice to you if:
(a) you commit a material breach of any term of the Contract and (if such a breach is remediable) fail to remedy that breach within 5 days of you being notified in writing to do so;
(b) you fail to pay any amount due under the Contract on the due date for payment;
(c) you take any step or action in connection with you entering administration, provisional liquidation or any composition or arrangement with your creditors (other than in relation to a solvent restructuring), being wound up (whether voluntarily or by order of the court, unless for the purpose of a solvent restructuring), having a receiver appointed to any of your assets or ceasing to carry on business; or
(e) your financial position deteriorates to such an extent that in our opinion your capability to adequately fulfil your obligations under the Contract has been placed in jeopardy.
15.2 Either party may terminate the Contract by giving not less than 30 days prior written notice to the other.
15.3 Termination of the Contract will not affect your or our rights and remedies that have accrued as at termination.
15.4 Any provision of the Contract that expressly or by implication is intended to come into or continue in force on or after termination will remain in full force and effect.
15.5 Effect of Termination. Upon termination of the Contract for any reason:
(a) Any rights or licences granted under or pursuant to the Contract shall cease to have effect;
(b) Any provision of the Contract that expressly or by implication is intended to come into or continue in force on or after termination will remain in full force and effect; and
(c) All sums owing pursuant to the Contract shall become due.
16. EVENTS OUTSIDE OUR CONTROL
16.1 We will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations under the Contract that is caused by any act or event beyond our reasonable control (Event Outside Our Control).
16.2 If an Event Outside Our Control takes place that affects the performance of our obligations under the Contract:
(a) we will contact you as soon as reasonably possible to notify you; and
(b) our obligations under the Contract will be suspended and the time for performance of our obligations will be extended for the duration of the Event Outside Our Control. We will arrange a new date for performance of the Services with you after the Event Outside Our Control is over.
16.3 You may cancel the Contract affected by an Event Outside Our Control. To cancel please contact us. If you opt to cancel we will refund the price you have paid, less the charges reasonably and actually incurred us by in performing the Services up to the date of the occurrence of the Event Outside Our Control.
17. COMMUNICATIONS BETWEEN US
17.1 When we refer to “in writing” in these Terms, this includes email.
17.2 Any notice or other communication given by one of us to the other under or in connection with the Contract must be in writing and be delivered by email.
17.3 A notice or other communication sent by email is deemed to have been received at 9.00 am the next working day after transmission.
17.4 In proving the service of any notice, it will be sufficient to prove, in the case of an email, that such email was sent to the specified email address of the addressee.
17.5 The provisions of this clause will not apply to the service of any proceedings or other documents in any legal action.
18.1 Waiver. If we do not insist that you perform any of your obligations under the Contract, or if we do not enforce our rights against you, or if we delay in doing so, that will not mean that we have waived our rights against you or that you do not have to comply with those obligations. If we do waive any rights, we will only do so in writing, and that will not mean that we will automatically waive any right related to any later default by you.
18.2 Severance. Each paragraph of these Terms operates separately. If any court or relevant authority decides that any of them is unlawful or unenforceable, the remaining paragraphs will remain in full force and effect.
18.3 Third party rights. The Contract is between you and us. No other person has any rights to enforce any of its terms.
18.4 Governing law and jurisdiction. The Contract is governed by Maltese law and we each irrevocably agree to submit all disputes arising out of or in connection with the Contract to the exclusive jurisdiction of the Maltase courts.
The Charges are the prices quoted on Our Websites at the time you submit your order.
PARTICULARS OF THE PROCESSING
1. PARTICULARS OF PROCESSING
The Provider will process Customer Personal Data as necessary to perform the Service pursuant to the Contract, and as further instructed by Customer in its use of the Service.
The Provider will process (including, as applicable to the Contract and the Customer’s instructions, collecting, recording, structuring, organising, consultation, storing, altering, retrieving, using, disclosing, combining, erasing, and destroying) personal data for the purpose of providing psychometric assessments and any related technical support in accordance with this Agreement.
1.3 PURPOSE OF PROCESSING
The Provider shall process Customer Personal Data in order to fulfil its obligations under the Contract, in particular for the purposes of conducting psychometric assessment and providing technical support.
1.4 DURATION OF THE PROCESSING
The duration of the processing will be until the earliest of either (i) expiry/termination of the Contract, or (ii) 24 months, or (iii) a request by the Customer to cease processing.
2. TYPES OF PERSONAL DATA
Personal Data processed by the Provider on the Customer’s behalf in providing the Service is expected to include, but is not limited to, the following types of personal data:
- First and last name
- Business or personal email address
- Business or personal phone number
- Physical address of company/organisation where applicable
- Online identifiers (including cookie identifiers, connection data, internet protocol addresses and device identifiers, and browser identifiers)
3. CATEGORIES OF DATA SUBJECT
- data subjects about whom the Provider collects personal data in its provision of the Services; and
- data subjects about whom the personal data is transferred to the Provider in connection with the Services by, at the direction of, or on behalf of, the Customer.
These data subjects may include individuals: (a) who have been directed by the Customer to visit the Provider’s premises or online properties; and/or (b) whose details have been transferred by the Customer to the Provider; and/or natural persons authorised by the Customer to use the Service.
4. APPROVED SUBCONTRACTORS
Wix website creator -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Amazon Web Services, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Box, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Cloudflare, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Cronos Internet -- UK Based, Passed Provider’s due diligence process.
Dropbox, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Google LLC -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
HubSpot, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Microsoft Corporation -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Test Partnership Ltd -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
SendGrid, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Stripe, Inc. -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
Zendesk, Inc -- Use EU-approved Standard Contractual Clauses. Passed our due diligence process
TECHNICAL AND ORGANISATIONAL MEASURES
AHEX Ltd has an acceptable use policy in place and we require all staff to read and understand it.
AHEX Ltd requires all staff to take at least on an annual rolling basis GDPR training which includes GDPR compliance, information security, privacy, data storage and retention, access rights security breaches, and cyber risks. AHEX Ltd trains staff in its privacy and data security policies and procedures.
2. ORGANISATION OF INFORMATION
AHEX Ltd has a comprehensive set of information security policies, approved by senior management and disseminated to all employees.
3. PHYSICAL ACCESS
AHEX Ltd uses third party service providers to store personal information. All our thrid party providors are required to meet the highest levels of building security, including constant security by trained security staff 24/7, electronic access management, proximity access control systems and CCTV.
4. SYSTEM ACCESS
To ensure systems containing personal data are used only by approved, authenticated users:
(a) access to test service systems is granted only to permitted employees and approved subcontractors and access is strictly limited as required for those persons to fulfil their function.
(b) all users who access test services servers have a unique identifier;
(c) AHEX Ltd has a password policy that prohibits the sharing of passwords and requires passwords to be changed on a regular basis and default passwords to be altered. All passwords must fulfil defined minimum complexity requirements and are stored in encrypted form;
(d) users who no longer need to access data or who leave the company have their access revoked; and
(e) all access to systems is logged.
5. DATA ACCESS
AHEX Ltd restricts access to personal data on a "need-to-know” basis, with each such access logged.
6. DATA TRANSMISSION
Customer access to personal data is protected by TLS version 1.2 or above.
AHEX Ltd maintains a busines continuity and disaster recovery plan which is reviewed at least annually.
8. DATA SEPARATION
To ensure applicable personal data is processed separately:
(a) AHEX Ltd uses logical (but not physical) separation within its multi-tenant architecture to enforce data segregation between customers as applicable; and
(b) personal data is assigned a unique identifier so data is logically separated.
9. INCIDENT MANAGEMENT
AHEX Ltd maintains an up-to-date incident response plan that includes responsibilities, how information security events are assessed and classified as incidents and response plans and procedures.