Terms and Conditions for Beacon User U3As

1. Introduction

1.1. The Beacon System (defined below) is an online management system designed to support the operation and administration of individual U3A organisations. The Beacon System supports multiple U3As. Each U3A can only administer and view its own data.

1.2.  Third Age Trust Trading Limited [Company Number 11899419] (TATTL) offers the Beacon System as a service to U3As. It provides support for the Beacon System and its Users via staff members from TATTL, a group of volunteers known as the Beacon Team and where necessary by professional Contractors and other service providers

1.3. This document explains the basis on which the Beacon System is provided by TATTL and states the Terms and Conditions which each U3A agrees to when it applies for a Licence to use, and uses, the Beacon System.

1.4. TATTL may, at its discretion, change and amend any or all of the terms and conditions contained within this document to address changing circumstances, best practice recommendations or regulations. Applicant U3As and User U3As will be given notice of any changes as soon as practicable.

1.5. The effective date of this document is 1st April 2019.

2. Terminology used in this document

Administrator   The person within a U3A with responsibility for administering the relevant U3A’s Beacon System site.

Applicant U3A   A U3A which has applied to use the Beacon System but has not yet loaded its data.

Beacon System The system provided under the name “Beacon” comprising the operating system, data storage and support services and materials.

Beacon Team     A team of volunteers which delivers the Beacon System as a service to U3As on behalf of TATTL.

Contractor          A commercial organisation contracted to maintain and support  the Beacon System under direction of the Beacon Team.

Controller           Has the meaning in the Data Protection Law.

Data Protection Law       All applicable laws and regulations, in each case pertaining to the security, confidentiality, protection or privacy of personal data, as amended or re-enacted from time to time, including the European General Data Protection Regulation (Regulation (EU) 2016/679) (the GDPR) and the Data Protection Act 2018.

Data Subject      Has the meaning in the Data Protection Law.

Installation         The date on which the relevant U3A’s Beacon System site becomes ‘Live’.

Intellectual Property means patents, utility models, rights to inventions, copyright and neighbouring and related rights, trade marks and service marks, business names and domain names, rights in get-up and trade dress, goodwill and the right to sue for passing off or unfair competition, rights in designs, database rights, rights to use, and protect the confidentiality of, confidential information (including know-how and trade secrets), and all other intellectual property rights, in each case whether registered or unregistered and including all applications and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

Personal data    Has the meaning in the Data Protection Law.

Processor            Has the meaning in the Data Protection Law.

Processing/process        Has the meaning in the Data Protection Law.

Trust      The Third Age Trust.

U3A       A University of the Third Age organisation for a locality, affiliated to the national Third Age Trust.

User U3A             A U3A which is using the Beacon System.

User U3A Member          A person who is, or has been, a member of a participating U3A, and whose personal details are held within the Beacon System.

User      A member who has been registered as an authorised User of the Beacon System and who has a password for access to the system. Users will be allocated access privileges by the Administrator depending on their role within their U3A.

You        The signatory for the User or Applicant U3A, usually the Chair of the executive committee.

3. Beacon System Licence and Intellectual Property

3.1. The Licence is the agreement under which you are permitted to use the Beacon System which includes these terms and conditions.

3.2. In consideration of the payment of the fee , TATTL grants to you a non-exclusive, non-sublicensable, non-transferable licence to use the Beacon System in the United Kingdom in accordance with the terms and conditions of this Licence. Your use of  the Beacon System constitutes your acceptance to be bound by the Licence and these terms and conditions.

3.3. We may terminate this Licence immediately by giving you written notice to your last known address.

3.4. Upon termination:

3.4.1. all rights granted to you to use the Beacon System under this Licence shall cease;

3.4.2. you must cease all activities authorised by this Licence; and

3.4.3. your access to the Beacon System may be disabled at any time.

3.5. You acknowledge that save as is granted by these terms and conditions, you will not acquire any right, title or interest in or to the Beacon System.

3.6. Subject to any Data Protection Law, User U3A hereby grants, and where applicable shall procure the grant, to TATTL a non-exclusive, sub-licensable, worldwide, perpetual, irrevocable and royalty free licence to use the Intellectual Property in any content, databases and information that is uploaded, hosted and/or stored by us, or on our behalf, on the Beacon System for the building, hosting, maintaining, managing, administering, modifying, developing, upgrading and improving the Beacon System.

4. Charging Policy

4.1. The Beacon System licence fee is currently £1.00 (including VAT) per current member per annum.

4.2. The initial invoice will be sent by TATTL and will be due on the 1st of the month following Installation. The fee will be calculated on a pro rata basis to the following 31st March.

4.3. Thereafter, annual licence renewal fees will be due on 1st April.

5. Our Data Protection and Data Security Responsibilities

5.1. The Beacon System stores personal data about members of the participating U3As within its database (the Personal Data). The Personal Data includes (but are not limited to) the names, addresses, telephone numbers and email addresses of U3A members, and the Beacon System may store other data related to their activities within the U3A. TATTL acts as a processor of the Personal Data on behalf of the relevant participating U3A (as controller) in the performance of TATTL’s obligations under this agreement.

5.2 TATTL shall comply with its obligations under the Data Protection Laws.

5.3 TATTL shall only process the Personal Data for the purposes of performing its obligations under this agreement and in accordance with the written instructions given by you, unless TATTL is subject to an obligation under applicable law. TATTL shall notify you immediately if, in TATTL’s opinion, an instruction from you breaches a requirement of the Data Protection Law.

5.4 TATTL shall at all times process the Personal Data in a manner that ensures appropriate security for the Personal Data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organizational measures. TATTL shall ensure that, at a minimum, the measures required under this clause: (i) meet the standard required by the Data Protection Law and (ii) include the security measures set out in TATTL Information Security Policies.

5.5 The Personal Data are processed by  four groups:

5.5.1. Authorised Users of participating U3As, allowed to process it by their U3A’s management. They are only able to access data relating to their own U3A.

5.5.2. Beacon Team members who are authorised by TATTL and who process the data during uploading and may be able to view it while investigating system problems. Beacon Team members who assist U3As with migrating data to the Beacon System have access to data during Installation.

5.5.3. Third parties and their employees, authorised by TATTL who may be able to process it while investigating system problems, building, maintaining, managing, developing and improving the Beacon System.

5.5.4. TATTL who may be able to process it while investigating system problems, building, maintaining, managing, developing and improving the Beacon System.

5.6 TATTL shall ensure that all parties authorised by TATTL to have access to the Personal Data are subject to a contractual duty of confidence to hold the Personal Data in strict confidence and only process the Personal Data in the manner permitted by this agreement and in accordance with the Beacon Team’s data handling procedures and detailed data protection and privacy policies. The data protection and privacy policies are available on the website.

5.7. The Beacon System uses some service providers and business partners as sub-processors to process data (Approved Sub-processors). These are listed in the TATTL privacy policy. TATTL may add, replace or remove Approved Sub-processors from time to time.  The Terms of each sub-processor are reviewed regularly, and they have been judged to comply with requirements of the Data Protection Law. TATTL will notify you of any intended changes concerning the addition, replacement or removal of Approved Sub-processors.  You may object to such changes.  Your continued use of the Beacon System after notification indicates your authorisation of  the subcontracting of the processing of Personal Data to each Approved Sub-processor.

5.8. If online payment of membership fees is enabled at a U3A’s request, PayPal is used for fee collection and transfer to the U3A’s bank account. PayPal is not a TATTL sub-processor. TATTL does not have access to any members’ financial credit card/ debit card details.

5.9 TATTL shall assist you: (i) in responding to, and complying with, all data subject rights relating to the Personal Data (each a Request), including by providing such assistance as is contemplated by Article 28(3)(e) of the GDPR; and (ii) in ensuring compliance with the obligations in Articles 32 to 36 of the GDPR (and any equivalent requirements of the Data Protection Law). TATTL shall promptly notify you of each Request it receives and shall not respond to the Request, except as instructed by you.

5.10 TATTL shall promptly notify you in writing of each personal data breach (as defined by the GDPR) of which it becomes aware. TATTL shall (to the extent feasible) ensure that such initial notification contains the information required under Article 33(3) of the GDPR. TATTL shall take such steps and provide such assistance and information to you as may be reasonably required to deal with and respond to the personal data breach.

6. Your Data Protection and Data Security Responsibilities

6.1. The executive committee of each User U3A is responsible for deciding its own Data Protection Policy, and how this should be applied to the Beacon System by the committee member appointed as the Administrator.

6.1.1. You confirm that you have a Data Protection Policy which complies with the Data Protection Laws and which includes your legal basis for processing, what personal data will be collected, how that data will be used and who can access it (as described in 5).

6.1.2. You confirm that UserU3A Members have access to your Data Protection Policy.

6.1.3. You confirm that your executive committee is responsible for ensuring that its Users understand your U3A’s Data Protection Policy and adhere to it.

6.2. You confirm that when using the Beacon System, you will always process any personal data collected in compliance with all applicable laws including, but not limited to, the Data Protection Law.

6.3. You confirm that when using the Beacon System, you will take appropriate technical and organisational measures against the unauthorised or unlawful access and processing of personal data and against the accidental loss or destruction of, or damage to, personal data and as required by the Data Protection Law.

6.3.1. Access to data within a U3A site is controlled by the Administrator. User names, passwords and the privileges associated with each user role are allocated by the Administrator.

6.3.2. Each User U3A Member ensures that their password is kept securely and secret from others.

6.3.3. The Administrator ensures that any person granted specific access provides written assurances that adequate security measures have been taken to keep their computer free of viruses and other malware which might enable unauthorised access to Beacon System.

6.3.4. The Administrator ensures that any User granted specific access provides written assurances confirming that they will not allow any other person to use or to have access to their Beacon System account. In particular, a shared computer must not be used to access a Beacon System account unless the User has a personal logon for the shared computer.

6.3.5. Access to the Beacon System via a public computer, e.g. in a public library, is strictly prohibited.

6.4. You will promptly notify TATTL in writing of each personal data breach (as defined by the GDPR) of which you become aware.

7. System Availability

7.1. The Beacon System is designed to be available at all times and it is anticipated that disruption of service will be rare. However, TATTL cannot guarantee that the Beacon System or any content on it will always be available, be uninterrupted or free from errors or omissions. TATTL will not be liable to you if, for any reason, the Beacon System is unavailable at any time or for any period.

7.2. You acknowledge that the Beacon System has been developed and is being maintained and delivered mainly by the Beacon Team of volunteers.

7.3. The Beacon Team will use reasonable efforts to assist you if you have any problems using the Beacon System or if there are any failures or disruptions on the Beacon System, but TATTL  cannot guarantee how long it might take to respond to your queries or to address and fix any failures or disruptions.

7.4. Planned periods of unavailability will be posted on the Beacon System home page and on the Beacon website in advance. Any additional downtime will be notified to Administrators by email with as much notice as can be provided.

8. Backup

8.1. All Beacon System data is automatically backed up daily and kept for 30 days. A separate daily data backup is automatically stored on a separate host.

8.1.1. Backup data can be restored following any major server failure.

8.1.2. In the event of a failure, User U3As should be aware that they would lose data changed since the previous backup, so it is advisable to keep the original data sources (e.g. membership forms) for 24 hours before disposal.

8.1.3. Data backups are intended to protect against major system faults. They cannot be used to recover from mistakes affecting a single U3A.

8.1.4. User U3As may use the data download facility to make a copy of its own data, particularly before making large-scale data changes. There is no facility to reload data to the Beacon System from a local download.

9. User Support

9.1. The Beacon Team provides various levels of support to both Applicant U3As and User U3As. These include but are not limited to:

9.1.1. User Documentation including a user guide is available on the Beacon System home page and other ‘How-to’ guides.

9.1.2. An online user forum. The forum provides a facility for the Beacon System community to ask questions and post answers in the best tradition of mutual help. The Beacon Team monitors the forum and responds if no community answer is forthcoming or if the issue is technical.

9.1.3. A website providing information about the Beacon System and links to key documentation and other support.

9.2. The provision of support to User U3As by the Beacon Team is very much dependent on its pool of suitably experienced volunteers. Generally, a response from the Beacon Team should be expected, but cannot be guaranteed, within 72 hours.

10. Suspension or Termination of the Licence

10.1. TATTL reserves the right to suspend, disable, edit or terminate any User U3A’s Licence if they don’t abide by the following conditions:

10.1.1. In TATTL’s reasonable opinion you or your User U3A Members are using the Beacon System inappropriately or incompetently, or in a way that might bring into disrepute, or

10.1.2. You or your User U3A Members fail in your responsibilities to protect the Beacon System and its data, or

10.1.3. You or your User U3A Members breach these Terms in a way that cannot be corrected, or

10.1.4. You or your User U3A Members fail to correct a breach within a reasonable time period if TATTL asks you to do so, or

10.1.5. There is, in TATTL’s reasonable opinion, a similar very serious reason that requires your access to the Beacon System to be terminated, or

10.1.6. You fail to pay the appropriate licence fee.

11. Warranties

11.1. TATTL will do its best to ensure that the Beacon System performs well, but TATTL does not and cannot guarantee:

11.1.1. that the information TATTL provides, or that is provided through the Beacon Team, or on the Beacon System is accurate, complete, up-to-date, reliable or correct;

11.1.2. that the Beacon System will meet your requirements;

11.1.3. that the Beacon System will be available at any particular time or location;

11.1.4. that the Beacon System will function in an un-interrupted manner or be secure;

11.1.5. that any defects or errors will be corrected;

11.1.6. and/or that the Beacon System  is at all times secure, free of viruses or other harmful components.

11.2. Any subject matter downloaded or otherwise obtained through the Beacon System is done so at your own risk and you will be solely responsible for any damage to your property or loss of data that results from such download or use of any such material.

11.3. the Beacon System is provided to you on an “as is” and “as available” basis.

11.4. To the maximum extent permitted by law, TATTL expressly disclaims any and all guarantees and conditions of any kind, whether express, implied or statutory, including without limitation any implied warranties of satisfactory quality, fitness for a particular purpose and non-infringement.

12. Liabilities

12.1. In compliance with any current legislation:

12.1.1. TATTL shall not in any circumstances have any liability for any losses or damages which may be suffered by you (or any Users), whether:

12.1.1.1. the losses or damages are suffered directly or indirectly,

12.1.1.2. the losses or damages are immediate or consequential,

12.1.1.3. and whether the losses or damages that arise in contract, tort (including negligence) or otherwise which fall within any of the following categories:

12.1.1.3.1. special damages even if TATTL were aware of the circumstances in which such special damage could arise:

12.1.1.3.2. loss of profits;

12.1.1.3.3. loss of anticipated savings;

12.1.1.3.4. loss of business opportunity;

12.1.1.3.5. loss of goodwill;

12.1.1.3.6. loss or corruption of data.

13. General Terms

13.1. TATTL shall have no liability to you under these Terms if TATTL is prevented from or delayed in performing its obligations under these Terms, or from carrying on its business, by acts, events, omissions or accidents beyond its reasonable control.

13.2. If any provision (or part of a provision) of these Terms is found by any court to be invalid, unenforceable or illegal, the other provisions shall remain in force.

13.3. These Terms are the whole agreement between the parties and replace any previous understanding or agreement between TATTL and the participating U3A.

13.4. TATTL may, at any time, and at its sole discretion, modify these Terms, and will seek to give you advance notice of any such modifications.

13.5. Your continued use of the Beacon System following any such modification constitutes your acceptance of these modified Terms.

13.6. You may not assign, transfer, charge, or sub-license any of your rights or obligations under these Terms to any other person.

13.7. TATTL may at any time assign, transfer, charge, sub-contract or deal in any other manner with all or any of its rights or obligations under these Terms.

13.8. Nothing in these Terms is intended to or shall operate to create a partnership between the parties or authorise either party to act as agent for the other, and neither party shall have the authority to act in the name or on behalf of or otherwise to bind the other in any way.

13.9. These Terms do not confer any rights on any person or party (other than the parties and, where applicable, their successors and permitted assigns) pursuant to the Contracts (Rights of Third Parties) Act 1999.

13.10. These Terms and any dispute or claim arising out of or in connection with these Terms (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales and the courts of England and Wales shall have exclusive jurisdiction.