Gapsquare LTD, Software Licence

Gapsquare Ltd, registered company 10632760

The Registered office address is Engineshed,  Station Approach Road, Temple Meads, Bristol, England, BS1 6QH.


The software described in this document is furnished under a license and may be used only in accordance with the terms of such license. The documentation is issued in confidence for the purposes only for which it is supplied.


The trademarks used throughout this publication are the property of their respective owners.

All URLs given were active at the time of going to press. Gapsquare makes no guarantee of their continued validity and takes no responsibility for their content.


Written and published by Gapsquare.


These STANDARD TERMS AND CONDITIONS (“Terms”) set out the terms and conditions on which Gapsquare Ltd, whose registered office address is Engineshed Approach Road, Temple Meads, Bristol, England, BS1 6QH, shall supply the Customer with the Services (as hereunder defined)



The definitions and rules of interpretation contained in the Conditions shall apply together with the definitions and rules of interpretation contained in this paragraph.

“Affiliate” means any enterprise or other entity which, directly or indirectly, controls, or is controlled by the Customer;

the term “control” means ownership of more than (including) fifty percent (50%) of the paid-up Capital and/or assets or the power to appoint or direct the majority of management of an enterprise or other entity or appoint or elect the majority of the directors of a company.

“Annual Fee” the fee payable in advance for the use of Gapsquare.

“Authorised User” means an employee or agent of the Customer who is authorised by the Customer to use the Software or Services under this Contract.

“Commencement Date” means the date set out in Clause 3.1.

“Contract” means together these Terms and any Sales Proposal and/or Order Form specifying the Services.

“Customer” means the person, firm or company named in the applicable Sales Proposal and/or Order Form for the supply of Services from the Supplier.

“Customer Data” means the Customer’s data and/or all data supplied by or on behalf of the Customer to the Supplier (including that supplied through the Services).

“Document” means and includes, in addition to any document in writing, any drawing, map, plan, diagram, design, picture or other image, tape, disk or other device or record embodying information in any form.

“Hosted(ing) Services” means the combination of software and networking elements that comprise an information technology system provided by the Supplier that facilitates the Service(s) being provided as specified on the Sales Proposal and/or Order Form.

“Intellectual Property Rights” means patents, rights to inventions, copyright and related rights, trademarks, trade names, domain names, rights in get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in confidential information (including without limitation know-how and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered, and including without limitation all applications for, and renewals or extensions of, such rights, and all similar or equivalent rights or forms of protection in any part of the world.

“Initial Fee” means the amount set out in the Sales Proposal and/or Order Form.

“Know-How” means all or any information, data and methodology not at present freely available to the public and all financial, commercially sensitive, trade and business secrets of whatever nature in whatever format including such items and information as referred to in the Documents and necessary in order to provide the Services.

“Normal Business Hours” means 9.00am to 5.00pm local UK time, excluding Saturdays, Sundays and UK Public Holidays.

“Normal Business Day” means Monday to Friday in the UK excluding UK Public Holidays.

“Output File Format” means the file of data that has been created as an output from the Customer’s accounting, hr, payroll or other software package

“Party” or “Parties” means collectively the Supplier and the Customer.

“Sales Proposal and/or Order Form” means the Supplier generated sales proposal and/or order form agreed between the Supplier and the Customer.

“Services” means the services to be provided by the Supplier under the Contract as described in Schedules 2 and 3 which includes the Software and/or the professional consultancy services and/ or the Support Services and/or the set up Services and all Documents, Know-How and materials developed by the Supplier or its agents, subcontractors, consultants and employees in relation to the Services in any form, including (without limitation) computer programs, data, reports and specifications (including drafts) including all software developed in conjunction with the provision of the Services in order to provide pay analytics via the Software or otherwise and as provided via the website notified to the Customer by the Supplier from time to time, as more particularly described in the Contract.

“Software” means the software products (including any third-party software) made available by the Supplier to the Customer under this Contract and as part of the Services (whether Hosted or un-Hosted) as specified in Schedule 1.

“Supplier” means Gapsquare whose Registered office address is Engine shed, Approach Road, Temple Meads, Bristol, England, BS1 6QH.

“Submission” means any file or set of files uploaded to

“Support Service” means the support and maintenance service more particularly described in Clause 4 and Schedule 2 Part 3, which is to be provided by the Supplier to the Customer.

“Unavailable” means subject to Clause 4.7, the Customer has no connectivity to and is unable to access the Software.



2.1 These Terms shall:

  • (a)  apply to and be incorporated in the Contract; and
  • (b)  prevail over any inconsistent terms or conditions including the Customer’s terms and conditions, or implied by law, trade custom, practice or course of dealing.



3.1  The Sales Proposal and/or Order Form signed by the Customer constitutes an offer by the Customer to purchase the Services specified in it in accordance with these Terms. The Sales Proposal and/or Order Form shall only be deemed to be accepted when the Supplier either (i) executes and issues the order acknowledgement; or (ii) commences the provision of the Services; at which point and on which date the Contract shall come into existence (“Commencement Date”) subject to Clause3.2 below.

3.2  Where the Supplier issues a Sales Proposal and/or Order Form prior to contract formation which includes terms and conditions that conflict with these Terms (“Special Terms”), then the Special Terms specified in the Supplier’s Sales Proposal and/or Order Form shall prevail and override the conflicting terms and conditions specified in these Terms for the purpose of interpreting the relevant provision.



4.1  The Supplier shall provide the Services to the Customer, in accordance with this Contract.

4.2  The Supplier shall use reasonable endeavours to meet any performance dates specified in the Sales Proposal and/or Order Form but any such dates shall be estimates only and time for performance by the Supplier shall not be of the essence of this Contract. The Supplier shall appoint the Supplier’s Manager who shall have authority contractually to bind the Supplier on all matters relating to the Services. The Supplier shall use reasonable endeavours to ensure that the same person acts as the Supplier’s Manager in the delivery of the Services, but may replace him from time to time where reasonably necessary in the interests of the Supplier’s business.

4.3  The Supplier may at any time on prior notice change or alter the Software provided that the changed or altered Software provides an equivalent service to the then existing Software.

4.4  The Supplier shall be responsible for obtaining and maintaining all necessary licences and consents and comply with all relevant legislation to enable it to provide the Services to the Customer.

4.5  Where the Supplier uses a third-party database to supply the Customer with data, the Supplier reserves the right to substitute the third-party database it uses without the agreement of the Customer. The Supplier shall not be responsible for the accuracy or response times relating to any data sourced from third parties or the Customer. The Supplier warrants that the content of the information passed on to the Customer will reflect the information passed to the Supplier by the third party, but shall not be liable for any losses to the Customer caused by incomplete or inaccurate information.

4.6  The Customer may request additional configuration by the Supplier at any time. Such configuration will be charged at the prevailing Supplier professional services day rate to the nearest quarter of a day. Additional configuration may include, but is not limited to, the following:
(a) configuring the Services to recognise and adapt an Output File Format; and/or
(b) editing or amending Authorised Users, or the properties associated with them, including the set- up, amendment or deletion of new Authorised Users or Groups.


Uptime Availability (For Hosted Services only)

4.7  The Supplier shall provide at least a 99% uptime availability level in respect of the Software (“Uptime Service Level”) during each calendar month. This availability refers to an access point on the Supplier hosting provider’s backbone network. It does not apply to the portion of the circuit that does not transit the hosting provider’s backbone network, as the Customer is responsible for its own internet access. The total availability of the Software is calculated as one-hundred percent (100%) of the time, less the time that the Software is Unavailable. For the avoidance of doubt, the Software shall not be considered Unavailable during any outages, disruption or other availability issues caused by:

  • (a)  any maintenance events notified to the Customer in advance;
  • (b)  Customer-caused or third party-caused outages or disruptions;
  • (c)  Customer or third party software, including Customer’s own internet connectivity and available bandwidth;
  • (d)  Customer’s use of the Software after the Supplier advised Customer to modify its use of the Services, if Customer did not modify its use as advised; or
  • (e)  any breach by the Customer of its obligations under this Contract which directly affects the Supplier’s ability to provide the Services, or
  • (f)  in whole or in part to force majeure events within the meaning of Clause 16.

4.8  The provisions of Clause 4.7 state the Customer’s full and exclusive right and remedy, and the Supplier’s (including its licensors, agents and subcontractors, if any) only obligation and liability, in respect of any failure to achieve the Uptime Service Level.



4.9  The Support Service included in the Annual Fee applies only to that part of the Software (“Supported Software”) which is expressly included in and referred to as being supported in a Sales Proposal and/or Order Form.

4.10  The Support Service shall be as specified in Schedule 2, Part 3.

4.11  All requests for the Support Service by the Customer shall include sufficient documentation, data, details and assistance from the Customer with respect to the reported fault so as to enable the Supplier to reproduce and verify the fault.

4.12  The Customer acknowledges that the fix times specified in Schedule 2, Part 3 are estimates andare subject to the complexity of the reported fault and that in certain instances it may take longer that the projected timescales specified. Provision of the Support Services as described in this Clause 4 and Schedule 2, Part 3 is the Supplier’s sole obligation, and Customer’s sole remedy, with respect to the support of the Supported Software. The Supplier shall have no other liability or obligation to Customer with respect to any faults or other real or perceived problems with the Supported Software.

4.13  The Supplier shall have no obligation to provide Support Services in connection with any fault, questions or problems that arise from:

  • (a)  any modification, customisation, alteration or addition to the Supported Software, or attempt thereof, made by Customer or any third party not authorised to do so by the Supplier;
  • (b)  use of the Supported Software: (a) in a manner other than for which is was designed or (b) in any way not permitted under this Contract;
  • (c)  the negligence or intentional misconduct of any user of the Supported Software;
  • (d)  a fault in the Customer equipment or in any other Customer software operating in conjunction with the Supported Software; and
  • (e)  failure by Customer to implement reasonable recommendations in respect of or solutions to faults previously advised by the Supplier.


5.1 The Customer shall:

  • a) co-operate with the Supplier in all matters relating to the delivery of the Services and appoint a project manager “Customer’s Project Manager” to act as point of contact between the Supplier and the Customer, who shall have the authority to contractually bind the Customer on matters relating to the delivery of the Services;
  • b) provide in a timely manner such access to the Customer’s premises and data, and such office accommodation and other facilities, as is reasonably requested by the Supplier;
  • c) provide in a timely manner such information and decision making as the Supplier may reasonably request, and use reasonable endeavours to ensure that such information is accurate in all material respects;
  • d) be responsible (at its own cost) for preparing the relevant premises for the supply of the Services;
  • e) where reasonably necessary, obtain and maintain all necessary licences and consents and comply with all relevant legislation in relation to the use of the Services that would be reasonably necessary to enable the Customer to use the Services, in all cases before the date on which the Services are to start howsoever determined in accordance with Clause3 and provide, in a timely manner, all such Documents, information and materials including computer programs data reports and specifications and other information as the Supplier may reasonably require in order to provide the Services, and use reasonable endeavours to ensure that it is accurate in all material respects; and
  • f) be solely responsible for procuring and maintaining its network connections and telecommunications links from its systems to the Supplier’s data centres, and all problems, conditions, delays, delivery failures and all other loss or damage arising from or relating to the Customer’s network connections or telecommunications links or caused by the internet.

5.2  If the Supplier’s performance of its obligations under the Contract is prevented or delayed by any act or omission of the Customer or the Customer’s agents, sub-contractors or employees, the Customer shall in all circumstances pay to the Supplier on demand all reasonable costs, charges or losses directly sustained or incurred by it, subject to the Supplier confirming such costs, charges and losses to the Customer in writing.

5.3  The Customer agrees that the accuracy of the information (including any Customer Data) that they provide is its sole responsibility and that the Supplier is only acting on the Customer’s behalf in processing the data with the use of the Software.

5.4  The Customer acknowledges that it is solely responsible for ensuring that all Customer Data uploaded to and/or processed by any of the Services has been correctly uploaded and/or processed and sent to and received by the appropriate Channel. The Supplier shall not bear any responsibility or liability for checking (i) any Customer Data that the Customer uploads to and/or is processed by any of the Services or (ii) whether the Channel has received the correct Customer Data. Unless arising out of the Supplier’s breach of the Contract, the Supplier cannot be held liable for any losses or damages, claims, costs or expenses incurred by the Customer arising whether directly or indirectly from any failure to send the Customer Data to the relevant Channel or any failure of all or any other third party website or data processing system to upload the Customer Data within the timeframe required by the Customer.

5.5  Where applicable, and as defined on the Sales Proposal and/or Order Form, the Customer shall abide by and adhere to any fair use policy as specified.

5.6  The Customer agrees not to conduct any form of remote security testing or penetration testing without prior written authorisation from the Supplier.


6.1  Other than specified in Clause 6.12, all Intellectual Property Rights and all other rights in the Services (including the Software) shall be owned by the Supplier. The Supplier hereby licenses all such rights to the Customer on a non-exclusive, non-transferable, non sub-licensable for the Customer’s own internal business purposes only. On termination of this Contract, this licence will automatically terminate.

6.2  All customisations and enhancements to the Services created and/or delivered by the Supplier shall be deemed to be part of the Services licensed hereunder, and ownership thereof shall vest in the Supplier absolutely upon creation.

6.3  The Supplier shall provide the Customer with any relevant printed materials and online/electronic documentation in relation to the Software (“Documentation”).

6.4  The Supplier licences use of the Software and Documentation to the Customer on the basis of these Terms. The Supplier does not sell the Software or Documentation to the Customer. The Supplier remains the owner of the Software and Documentation at all times. This licence is personal to the Customer only and does not extend to any Affiliate of the Customer or other third party, except with the prior written approval of the Supplier.

6.5  The Customer shall comply with any system requirements for operation of the Software notified by the Supplier from time to time.

6.6  Restrictions

Except as expressly set out in this Contract, the Customer undertakes:

  • (a)  not to copy the Software or Documentation;
  • (b)  not to rent, lease, sub-license, loan, translate, merge, adapt, vary or modify the Software or Documentation;
  • (c)  not to make alterations to, or modifications of, the whole or any part of the Software or permit the Software or any part of it to be combined with, or become incorporated in, any other programs;
  • (d)  not to disassemble, de-compile, reverse engineer or create derivative works based on the whole or any part of the Software nor attempt to do any such things except to the extent that (by virtue of section 296A of the Copyright, Designs and Patents Act 1988) such actions cannot be prohibited because they are essential for the purpose of achieving inter- operability of the Software with another software program, and provided that the information obtained by the Customer during such activities:
    • (i)  is used only for the purpose of achieving inter-operability of the Software with another software program;
    • (ii)  is not disclosed or communicated without the Supplier’s prior written consent to any third party to whom it is not necessary to disclose or communicate it; and
    • (iii)  is not used to create any software which is substantially similar to the Software;
  • (e)  to supervise and control use of the Software and ensure that the Software is used by the Customer’s employees and representatives in accordance with the terms of this Licence; and
  • (f)  not to provide, or otherwise make available, the Software in any form, in whole or in part (including, but not limited to, program listings, object and source program listings, object code and source code) to any person other than the Customer’s employees without prior written consent from the Supplier.

6.7  The Customer acknowledge that all Intellectual Property Rights in the Software and the Documentation throughout the world belong to the Supplier (or its 3 rd party licensor’s), that rights in the Software are licensed (not sold) to the Customer, and that the Customer has no rights in, or to, the Software or the Documentation other than the right to use them in accordance with the terms of this Contract.

6.8  The Customer acknowledges that it has no right to have access to the Software in source code form or in unlocked coding or with comments.

6.9  The integrity of this Software is protected by technical protection measures (TPM) so that the Intellectual Property Rights, including copyright, in the Software are not misappropriated. The Customer must not attempt in any way to remove or circumvent any such TPM, nor to apply, manufacture for sale, hire, import, distribute, sell, nor let, offer, advertise or expose for sale or hire, nor have in its possession for private or commercial purposes, any means whose sole intended purpose is to facilitate the unauthorised removal or circumvention of such TPM.

6.10  The Supplier shall indemnify the Customer against all damages, costs and losses incurred by the Customer arising from or incurred by reason of any third-party claim alleging that the use or possession of the Software infringes any Intellectual Property Rights belonging to a third party provided that the Customer promptly notifies the Supplier of any such claim, makes no admission or settlement without the Supplier’s prior consent and allows the Supplier to have control over any litigation relating to such claim. Notwithstanding the foregoing, should any Software become, or in the Supplier’s opinion be likely to become, the subject of any such claim the Supplier may, at its option: (1) procure for the Customer the right to continue using such Software, (2) replace or modify such Software so that it becomes non-infringing, which shall extinguish the Supplier’s obligations hereunder, or (3) if in the Supplier’s judgment neither of such alternatives is commercially reasonable, then terminate this Agreement with respect to, and refund any sums paid hereunder (amortized on a straight-line basis) for, the allegedly infringing Software. Subject to Clause 13, the foregoing states the entire liability and obligation (express, statutory, implied or otherwise) of the Supplier, and the Customer’s sole and exclusive remedy, with respect to claims of infringement of intellectual property rights of any kind.

6.11  Notwithstanding clause 6.12, Supplier shall have no liability for any third-party claims arising out of or in connection with:

  • (a)  any materials or instructions provided to the Supplier by or on behalf of the Customer.
  • (b)  Customer combination of the Software with software not supplied or approved by Supplier.
  • (c)  Customer using the Software in breach of the terms of clause 6 of this agreement



7.1  The Supplier warrants that for Hosted Services, the Services will, when properly used and on an operating system for which it was designed, perform substantially in accordance with the functions described in the Sales Order.

7.2  The Supplier warrants that for non-Hosted Services, the Services will, when properly used and on an operating system for which it was designed, perform substantially in accordance with the functions described in the Sales Order for a period of ninety [90] days from Commencement Date.

7.3  In the limitation of the Supplier’s liability, Customer acknowledges that the Services have not been developed to meet its individual requirements and if the Customer is a business customer, the Services are only supplied for internal use by its business and it agrees not to use the Services for any re-sale purposes.

7.4  This sets out the full extent of the Supplier’s obligations and liabilities in respect of the supply of the Services. Except as expressly stated in this Contract, there are no conditions, warranties, representations or other terms, express or implied, that are binding on the Supplier. The Supplier excludes to the full extent permitted under law any condition, warranty, representation or other term concerning the supply of the Services which might otherwise be implied into, or incorporated in, this Contract whether by statute, common law or otherwise.




8.1  Where Services involve the collection, exchange and processing of Personal Data (as defined under the Data Protection Laws, meaning (a) any law, statute, declaration, decree, directive, legislative enactment, order, ordinance, regulation, rule or other binding restriction (as amended, consolidated or re-enacted from time to time) which relates to the protection of individuals with regards to the Processing of Personal Data to which a Party is subject, including the Data Protection Act 1998 (“DPA”) and EC Directive 95/46/EC (the “DP Directive”) (up to and including 24 May 2018) and the General Data Protection Regulation (GDPR) (EU) 2016/679 GDPR (on and from 25 May 2018) or, in the event that the UK leaves the European Union, all legislation enacted in the UK in respect of the protection of personal data; as well as the Privacy and Electronic Communications (EC Directive) Regulations 2003; and; and (b) any code of practice or guidance published by the ICO (or equivalent regulatory body) from time to time; ) the Customer shall be deemed to be the Data Controller and the Supplier the Data Processor (both as defined under the Act) and the parties shall comply with the provisions of the Act and all other regulations in relation to the collection, exchange and processing of Personal Data (as defined under the Act)  and in particular:


(a) carefully protecting the information by using physical and technical safeguards, including technical safeguards designed to stop unauthorised people getting hold of the information; 

(b) only using the information as necessary to provide or receive the Services; 

(c) not pass the information to any person or organisation located outside those countries that make up the European Union or the European Economic Area (“EEA”); and the Supplier shall not transfer Customer Personal Data (as defined hereunder) to a third party operating in a country located outside of the EEA, 

(d) unless agreed otherwise, return or destroy the personal information at the end of the Agreement or earlier if it is no longer required. 

(e ) maintain an accurate description of the Data Processing Particulars, as set out in clause 8.8 below, including requirements regarding the security of Personal Data, as set out in the Data Protection Laws (including, in particular, the seventh data protection principle of the DPA and/ or the measures set out in Article 32(1) of the GDPR (taking due account of the matters described in Article 32(2) of the GDPR)) as applicable; 


8.2  The Customer warrants and represents that:

(a)  all relevant data subjects whose personal data it has supplied to the Supplier in connection with this Contract (Customer Personal Data) have given their informed consent for the Supplier to:

  • (i)  process the Customer Personal Data for the supply of the Services;
  • (ii)  disclose any Customer Personal Data in response to any subject access request relating to this Contract; and
  • (iii)  retain the Customer Personal Data for as long as is necessary for the provision of the Services; and

(b)  it is registered with all relevant data protection authorities to Process all Customer Personal Data for the supply of Services.

8.3  The Customer shall indemnify and keep indemnified the Supplier for any losses, costs, claims or expenses incurred or suffered by the Supplier arising as a result of:

  1. (a)  the Customer breaching any of the Privacy and Data Protection Requirements as defined under the Act; or
  2. (b)  the Customer causing the Supplier to be in breach of any of the Privacy and Data Protection Requirements as defined under the Act.

8.4  The Supplier’s Obligations

The Supplier undertakes to Customer that it will take all necessary steps to ensure that it operates at all times in accordance with the requirements of the Data Protection Laws and Supplier will, at its own expense, assist Customer in discharging its obligations under the Data Protection Laws as more particularly detailed in this Clause 8. Supplier shall not, whether by act or omission, cause Customer to breach any of its obligations under the Data Protection Laws. 


The Supplier shall:

(a) only Process the Personal Data for and on behalf of Customer for the purposes of performing its obligations under this Agreement, and only in accordance with the terms of this Agreement and any documented instructions from Customer; 

(b) only make copies of the Customer Personal Data to the extent reasonably necessary for the supply of the Services (this includes back-up, mirroring (and similar availability enhancement techniques), security, disaster recovery and testing of the Customer Personal Data);

(c)  keep a record of any Processing of the Personal Data it carries out on behalf of the Customer

(d) unless prohibited by law, notify Customer immediately (and in any event within twenty-four (24) hours of becoming aware of the same) if it considers, in its opinion (acting reasonably) that it is required by Applicable EU Law to act other than in accordance with the instructions of the Customer including where it believes that any of Customer ‘s instructions infringe any of the Data Protection Laws; 


(e) not extract, re-utilise, use, exploit, redistribute, re-disseminate, copy or store the Customer Personal Data other than for the supply of the Services;


(f) not do anything that may materially damage the reputation of the Customer; 


(g) take, implement and maintain appropriate technical and organisational security measures which are sufficient to comply with the requirements regarding the security of Personal Data, as set out in the Data Protection Laws (including, in particular, the seventh data protection principle of the DPA and/ or the measures set out in Article 32(1) of the GDPR (taking due account of the matters described in Article 32(2) of the GDPR)) as applicable;

(h) notify Customer promptly (and in any event within forty-eight (48) hours) following 

its receipt of any Data Subject Request or ICO correspondence and shall: not disclose any Personal Data in response to any Data Subject Request or ICO correspondence without first consulting with and obtaining Customer’s prior written consent; and shall provide Customer with all reasonable co-operation and assistance required by Customer in relation to any such Data Subject Request or ICO correspondence; 


(i) promptly comply with any request from Customer to amend, transfer or delete any 

Personal Data;


8.5  In the event that the Customer requires a copy of the Customer Personal Data being held by the Supplier, they shall make such a request of the Supplier which must be in writing and which must give at least thirty [30] days’ notice to the Supplier. Upon receipt of the request and subject to Customer’s payment of any applicable Fees, the Supplier will as soon as is reasonably practicable, provide a copy of the Customer Personal Data. Upon termination or expiration of this Contract for whatever reason, the Supplier shall only retain copies of Customer Personal Data for a total of three [3] months from the date of termination or expiration of this Contract. After the expiration of such three [3] month period, the Supplier shall not provide any copies of Customer Personal Data.

8.6 The Supplier shall indemnify and keep the Customer indemnified for any losses, costs, claims or expenses incurred or suffered by the Customer arising as a result of the Supplier breaching any of its obligations under clause 8.


8.6 Data Protection Particulars



The subject matter and duration of the Processing Subject matter is processing of pay and salary across the Customer which will include reporting on all pay across all levels, reflecting gender, disability, race, ethnicity, across all levels of staff, all pay grades, all ages.

The duration of the Processing is the duration of the Contract

The nature and purpose of the ProcessingPurpose is to undertake pay equity analytics, looking at pay gaps across an organisation.

Insights include:

  • Numerical and % Differences in pay and salary details of staff between employee characteristics by a variety of statistical methods
  • Contributional and diametrical analysis of different HR and employee characteristics
  • Regressional and distributional analysis of pay and salary details
The type of Personal Data being ProcessedPay details of all employees, reflecting employee characteristics including, gender, disability, ethnicity, pay grades, ages.

Personal Data:

Unique Personal Identifier

Salary and Allowance Reports

Employee Characteristics – gender, ethnicity, disability

Grade / Level

Age Range

Business Hierarchy 


Method of data transfer to supplierCustomer provides the raw data.

ISO Certified tool with data encryption used to upload using csv or excel format.

The categories of Data SubjectsCustomer’s employees
Retention, deletion and return of dataData above will be processed by Supplier during the provision of the Contract.

Prior to termination or expiry of Contract, the parties will consider and agree on the following:

  1. Period for which identifiable data will be retained
  2. The purpose for which data will be retained
  3. Whether the data will need to be returned to the Customer or deleted by the Customer and/or Supplier.
Permitted recipients (sub processors) of Personal DataGoogle Inc., – cloud infrastructure to the Hosted Services



9.1  Each Party may be given access to Confidential Information from the other Party in order to perform its obligations under this agreement. A Party’s Confidential Information shall not include information that:

  • (a)  is or becomes publicly known other than through any act or omission of the receiving Party;
  • (b)  was in the other Party’s lawful possession before the disclosure;
  • (c)  is lawfully disclosed to the receiving Party by a third Party without restriction on disclosure;
  • (d)  is independently developed by the receiving Party, which independent development can be shown by written evidence; or
  • (e)  is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body

9.2  Each Party shall hold the other’s Confidential Information in confidence and, unless required by law, not make the other’s Confidential Information available to any third party, or use the other’s Confidential Information for any purpose other than the implementation of this agreement.

9.3  Each Party shall take all reasonable steps to ensure that the other’s Confidential Information to which it has access is not disclosed or distributed by its employees or agents in violation of the terms of this agreement.

9.4  The Customer acknowledges that the Software, the results of any performance tests of the Software and the Services constitute the Supplier’s Confidential Information.

9.5  The Supplier acknowledges that the Customer’s Personal Data and the results of the Services are the Confidential Information of the Customer.

9.6  No Party shall make, or permit any person to make, any public announcement concerning this agreement without the prior written consent of the other parties (such consent not to be unreasonably withheld or delayed), except as required by law, any governmental or regulatory authority (including any relevant securities exchange), any court or other authority of competent jurisdiction.

9.7  This Clause 9 shall survive termination of this agreement, however arising for a period of five [5] years from date of termination.



10.1 The price for the Services and/or Software is set out in the Order Form and applies to the Customer’s use of the Services and/or Software within the parameters set out in the Order Form. The parameters may include (but not limited to):

  • (a) a maximum number of Authorised Users;
  • (b) a maximum number of items per File or Submission;


11.1 In consideration of the provision of the Services, the Customer shall pay the Fees to the Supplier in accordance with these Terms.

11.2  The Initial Fee shall be payable within thirty [30] days of the date of invoice.

11.3  The Annual Fee shall be paid in advance in accordance with clause 12.1. The Annual Fee for subsequent periods beyond that specified in the Order Form or Initial Period (as defined in Clause 12.1 hereunder) shall be subject to increase at the discretion of the Supplier.

11.4  Payments shall be made within thirty [30] days of the invoice date

11.5  Should the Customer fail to make payment in accordance with clause 11.4 above, The Supplier shall have the right at the Supplier’s sole option and without prejudice to any other remedy available to the Supplier in law or equity, to:

  • (i) Charge and to receive from the Customer interest on the overdue amount at the rate per annum of three [3] percent over the Supplier’s Banker’s declared base rate commencing thirty [30] days after invoice date.
  • (ii) Suspend Services until payment is made.



12.1  The Contract shall commence on the Commencement Date and shall continue for a period either:(i) as set out in the Customer’s signed Sales Proposal and/or Order Form; or (ii) if not set out in the Sales Proposal and/or Order Form then for one [1] calendar year (the “Initial Period”) and thereafter shall continue on an annual rolling basis unless and until terminated by either Party giving at least sixty [60] days prior written notice of termination to expire at the end of the Initial Period or on sixty [60] days’ notice anytime thereafter. For the avoidance of doubt, the Customer shall not be entitled to any repayment of the Initial Fees paid to the Supplier in advance following termination in accordance with this clause 12.1., but will receive a refund of the portion unused Annual Fee from the point of termination.

12.2  Without prejudice to any other rights or remedies to which the parties may be entitled, either Party may terminate the Contract without liability to the other if:

  • (a) the other Party fails to pay any Fees within thirty [30] days of the relevant due date;
  • (b) the other Party commits a material breach, or a series of minor breaches by either Party (of which that Party has been notified by the other Party) could constitute a material breach of the Contract and (if such a breach is remediable) fails to remedy that breach within thirty [30] days of that Party being notified in writing of the breach; or
  • (c) an order is made or a resolution is passed for the winding up of the other Party, or circumstances arise which entitle a court of competent jurisdiction to make awinding-up order of the other Party; or
  • (d) an order is made for the appointment of an administrator to manage the affairs, business and property of the other Party, or documents are filed with a court of competent jurisdiction for the appointment of an administrator of the other Party, or notice of intention to appoint an administrator is given by the other Party or its directors or by a qualifying floating charge holder (as defined in paragraph 14 of Schedule B1 to the Insolvency Act 1986); or
  • (e) a receiver is appointed of any of the other Party’s assets or undertaking, or if circumstances arise which entitle a court of competent jurisdiction or a creditor to appoint a receiver or manager of the other Party, or if any other person takes possession of or sells the other Party’s assets; or
  • (f) the other Party makes any arrangement or composition with its creditors, or makes an application to a court of competent jurisdiction for the protection of its creditors in any way, or becomes bankrupt; or
  • (g)  the other Party ceases, or threatens to cease, to trade; or
  • (h)  there is a change of control (as defined in section 1124 of the Corporation Tax Act 2010) of the other Party; or
  • (i)  the other Party takes or suffers any similar or analogous action to any of the foregoing in any jurisdiction in consequence of debt.

12.3  Termination of the Contract, however arising, shall not affect or prejudice the accrued rights of the parties as at termination or the continuation of any provision expressly stated to survive, or implicitly surviving, termination.

12.4  On termination of this Contract for any reason:

  • (a)  The Customer shall immediately pay to the Supplier all of the Supplier’s outstanding unpaid invoices and interest and, in respect of Services supplied but for which no invoice has been submitted, including those for the Initial Period and any further extension thereafter howsoever agreed, the Supplier may submit an invoice, which shall be payable immediately on receipt together with any other costs incurred by the Supplier in the provision of the Services as evidenced by the Supplier in writing, other than where termination is a direct result of the Supplier’s default in which case the Supplier shall reimburse on a pro-rata basis the Customer any prepaid amounts from the actual date of termination for Services not received; and
  • (b)  the accrued rights and liabilities of the parties as at termination and the continuation of any provision expressly stated to survive or implicitly surviving termination, shall not be affected.



13.1  Without prejudice to clauses 13.2, 13.3 and 13.4, the Supplier’s total liability in contract, tort (including but not limited to negligence or breach of statutory duty), misrepresentation, restitution or otherwise arising in connection with the performance, or contemplated performance, of this Contract shall be limited to one- hundred percent (100%) of the Initial Fee or Annual Fee (as applicable) in the year in which the liability arose

13.2  Notwithstanding clause 13.1, the Supplier does not exclude its liability (if any) to the Customer for:

  • (a)  fraud or fraudulent misrepresentation;
  • (b)  personal injury or death resulting from the Supplier negligence; or
  • (c)  any liability which it would be unlawful for the Supplier to exclude or attempt to exclude.

13.3  Notwithstanding clause 13.1, and without prejudice to clauses 13.2 and 13.4 the Supplier’s total liability in contract, tort (including but not limited to negligence or breach of statutory duty) in relation to the indemnity at clause 8.6 shall be limited to One Million Pounds Sterling (£1,000,000).

13.4  The Supplier shall not have any liability:

  • (a) to the Customer (whether for breach of contract, tort (including but not limited to negligence or breach of statutory duty), misrepresentation, restitution or otherwise) for any loss of profits, bargain, contract opportunity or expectation, loss of use, loss of revenue, loss of anticipated savings, loss of tender and/or bid costs, loss of re-tender and/or re-bid costs, loss of data, loss of sales, loss resulting from third party claims, loss of reputation or pure economic loss (in each case whether direct or indirect) or for any indirect or consequential loss; and
  • (b)  (including breach of warranty) which arises as a result of the misuse of the Services or Software supplied hereunder, or use thereof in combination with any equipment and/or software not approved by the Supplier or as a result of any defect or error in any equipment and/or software not supplied by the Supplier; and
  • (c)  for any illegal or unauthorised access to or release of any Customer data from any device whatsoever connecting to the Services or Software, including, but not limited to, any access or release of such data arising from the accessing of any Customer login credentials and/or login to Customer account(s) by malware, viruses, or worms, for malicious or criminal activities including, but not limited to, fraudulent payments or fraudulent funds transfer; and
  • (d)  unless the Customer shall have served notice in writing of any facts which may give rise to a claim against the Supplier hereunder within six [6] years of the date it either became aware of the circumstances giving rise to a claim or the date when it ought reasonably to have become so aware.

13.5  Any conditions, warranties, representations or other terms (whether written or oral, or express or implied by statute, common law or otherwise) relating to the supply of products and/or services by the Supplier under this Contract other than those expressly set out in this Contract are excluded to the fullest extent permitted by law.

13.6  The Parties acknowledge that the allocation of risk liability contained in this Contract are reasonable and reflect the relative bargaining position of the Parties.

13.7 The Supplier has made every attempt to ensure the accuracy and reliability of the data used for the analysis. However, the information is provided “as is” without warranty of any kind. The Supplier does not accept any responsibility or liability for the accuracy, content, completeness, legality or reliability of the information provided to them.


14.1 The Supplier’s written and duly authorised offer including any formal amendment thereof together with these conditions as specifically incorporated by reference therein shall represent the entire agreement between the Supplier upon the Customer’s acceptance of the Supplier’s offer but excluding any qualifications or references to any other terms or conditions. In the event of any conflict between these conditions and any other conditions specified in the Supplier’s offer the latter will prevail.


15.1 If at any time any question, dispute or difference whatsoever shall arise between the Customer and the Supplier upon, in relation to or in connection with the contract, either of the Parties may give to the other notice in writing of the existence of such question, dispute or difference, and the same shall be referred to the arbitration of a person to be mutually agreed upon or failing agreement within thirty [30] days of receipt of such notice, of some person appointed by the President for the time being of the Institution of Electrical Engineers. The submission shall be deemed to be a submission to arbitration within the meaning of the Arbitration Act 1979, or any statutory modification or re-enactment thereof.


16.1 In the event of circumstances beyond the reasonable control of the Supplier including but not limited to, war or civil war (whether declared or not), hostile or warlike action in time of peace or war, armed conflict, revolution, rebellion, uprising; acts of terrorism (including cyber-attacks); chemical and/or biological contamination; industrial action, blockade and lockouts at a local or national level; fire; flood; governmental restrictions and embargos, delays by Government officials, delays in the delivery or provision of Governmental authorisations, of permit, licence, delays in customs, delays in import, delays in export, accreditation; insolvency; acts of God, including but not limited to lightning, fire, flood, tempest, earthquake, hurricane, typhoon, volcanic eruptions, tsunami, loss of service due to hacking or other such attacks; any default by the Customer, the Supplier shall, within a reasonable time of becoming aware that any such delay has occurred, give to the Customer written notice of the cause of the delay and its claim for an extension of time to the dates identified in this Contract and the Customer shall allow the Supplier such an extension of time in respect of any delay. If an event set out in this clause 16 has continued for a continuous period of six [6] months either Party may at its discretion elect to terminate the Contract without liability to the other Party save that the Customer shall pay the Supplier its costs incurred and fees earned up to the date of termination.


17.1 Neither Party shall, at any time from the date of the Contract to the expiry of twelve [12] months after the completion of the Services, solicit or entice away from the other Party or employ or attempt to employ any person who is, or has been, engaged as an employee or either Party.


18.1 No single or partial exercise, or failure or delay in exercising any right, power or remedy by any Party shall constitute a waiver by that Party of, or impair or preclude any further exercise of, that or any right, power or remedy arising under this Agreement or otherwise.


19.1 Unless expressly provided in the Contract no term of the Contract is enforceable pursuant to the Contracts
(Rights of Third Parties) Act 1999 by any person who is not a Party to it.


20.1 Nothing in this agreement is intended to, or shall be deemed to, establish any partnership or joint venture between any of the parties, constitute any Party the agent of another Party, nor authorise any Party to make or enter into any commitments for or on behalf of any other Party.


21.1  If any provision of the Contract is found by any court or administrative body of competent jurisdiction to be invalid, unenforceable or illegal, the other provisions shall remain in force.

21.2  If any invalid, unenforceable or illegal provision would be valid, enforceable or legal if some part of it were deleted, the provision shall apply with whatever modification is necessary to give effect to the commercial intention of the parties.


22.1 No variation of this agreement shall be effective unless it is in writing and signed by each of the parties (or their authorised representatives).


23.1 Neither Party may assign or purport to assign any or all of its rights or obligations hereunder in respect of this Agreement without the prior written consent of the other Party.


24.1 In performing obligations under this Agreement, the Supplier shall:

(a)         comply with all applicable anti-bribery and corruption laws and regulations which apply, including but not limited to the Bribery Act 2010;

(b)         comply with the Customer’s Anti-Bribery and Corruption Policy (except where the Supplier has supplied its own anti-bribery policy and the Customer has confirmed its adequacy);

(c)          have adequate controls in place to prevent bribery, including controls around gifts and hospitality given or received in the course of your work for or on behalf of the Customer, and controls around the procurement of services from third parties; and

(d)         comply with any audits the Customer may perform from time to time for the purposes of ensuring anti-bribery compliance, and report any instance of bribery to the Customer without delay.

24.2     Any breach of the provisions set out above will constitute a material breach of the Agreement and may result in its termination.


25.1   In performing obligations under this Agreement, the Supplier shall:

(a)       comply with all anti-slavery and human trafficking laws and regulations from time to time in force, including but not limited to the Modern Slavery Act 2015;

(b)       not engage in any activity that would constitute an offence under sections 1, 2 or 4 of the Modern Slavery Act 2015; and

(c)       comply with the Customer’s Anti-Slavery and Human Trafficking Policy.

26 LAW

26.1 The construction validity and performance of the Contract shall be governed by the Laws of England and Wales subject to the exclusive jurisdiction of the English Courts. Unless the contrary intention is stated the headings in the contract are for the purpose of convenient reference only and do not form part of the contract; the singular includes the plural and vice versa; a word importing a gender includes every other gender; a reference to a person includes a corporation.


Schedule 1 Software


Gapsquare is a software product, deployed in a hosted environment, that provides detailed and visual data and insights into a companies’ remuneration and pay through different employee characteristics.


It is currently supporting the Equality Act 2010 (Gender Pay Gap Information) Regulations 2017. 



Gapsquare FairPay PRO SaaS
TypeProduct CodeDescription
FairPay PRO V2020PRO V 2020Gapsquare FairPay PRO is a pay equity software deployed in a hosted environment, that provides detailed and visual data and insights into a companies’ remuneration and pay through employee characteristics.


  • Online cloud based application – login to your personalized account to access your report
  • Instant breakdown and data visualisation of pay equity gaps across an organisation 
  • Recognize company context, your composition so that you can gain insight into workforce dynamics, trends and inclusive planning
  • Custom built narrative helping teams make sense of complex data analysis, embedded with equality and diversity expertise.
  • % Difference (Mean and Median), Workforce Composition, Pay Data Analytics, Contributional Analysis


System Requirements:

  • Web Browser Interface
  • Supported Browsers: IE10, IE11, Microsoft Edge, Fireforc, Chrome Safari 9+
  • CSV or XLSX files for data uploads


Schedule 2 Services


Part 1 Configuration of Gapsquare FairPay

Configuration of Services is completed following the submission of a completed Output File Format by the Customer and invoice is generated on receipt or order.

Training is agreed and scheduled accordingly. The Supplier shall provide training for up to three Authorised Users, and this can be delivered either remotely or at a Customer premise. Training covers the use of the service and checks the users configured for the Customer – including access rights, permissions and how the user can upload and use the product.

Upon completion of the training, the Customer will be requested to confirm the system is now accepted and it will be set to live.


Part 2 Security of Gapsquare FairPay

2.1 Communication and transport


When a user accesses our online software at, it automatically is redirected to a secure connection over HTTPS protocol.


The channel is secured with a strong SSL Certificate issued by authorized authority Let’s Encrypt.


The connection and all transferred data is encrypted and authenticated with TLS 1.2 (strong protocol), ECDHE_RSA with P-384 strong key exchange and AES128GCM cipher.


2.2 Passwords


The app requires a login and password to authenticate the user. The password strength requirements are:

  1. At least 8 characters
  2. At least one capital letter
  3. At least one lower case letter
  4. At least one symbol
  5. At least one number.


Passwords expire every 90 days and must be changed in order for users to continue to have access. Administrators can enforce a password change in the event of evidence of password leaks. If an individual has been invited to use the app, the system generates a temporary password which then has to be changed after first login.


All passwords are stored in a hashed format using SHA256 methods for checksum, 16384 iterations alg. and a 32 encryption key which correspond to AES256.


Authorization is done using OAuth protocol. This means that after a successful login, an authorized token is generated and stored in client cookies with Secure and HTTPOnly flags, meaning HTTPOnly cookie cannot be modified by the client and it is set only by server. Secure flag means that this cookie attribute is set only for a secure connection HTTPS.


Authorized token is also encrypted using HMAC-SHA256 and it is valid for only 5 minutes, this is to limit any potential leak of the auth_token. After 5 minutes, client is re-authenticated using a refresh token which is encrypted and stored securely on cookies. Using the refresh token server generates a new auth_token to allow a user to continue to have access. Refresh token validity expires after 8 hours of inactivity. After this period, the user is redirected to the login page.


2.3 Two Step Authentication

Users are able to use Two Factor Authentication using an authenticator app that produces a time based code e.g. Google Authenticator (Google Play Store, Apple App Store). This is the preferred method of Two Factor Authentication. In order to successfully login you must present your email address and password, followed by a 6 digit code generated by the authenticator app.


Alternatively we offer email based Two Factor Authentication. Email based Two Factor Authentication will send users a time limited 6 digit code that must be entered before being granted access to the platform. In order to successfully login you must present your email address and password, followed by a 6 digit code that is emailed to an address you specify when setting up Two Factor Authentication. The code is only valid for approximately two minutes once login has been attempted.


2.4 Data encryption


All customers’ data is stored in an encrypted form. We store the original file and your data into a MySQL database. The file and your data is encrypted prior to saving using self-synchronizing cipher CFB (Cipher Feedback block) and an AES256 key. The keys for all decrypting data are known only by specialized and vetted personnel who have also signed a non-disclosure agreement document.


Part 3 Infrastructure of Gapsquare FairPay


3.1 Google Cloud


Fairpay is deployed in a secure Google Cloud project with Google providing the security for the underlying physical environment, compute hardware and operating systems. For more information on the security accreditation of Google Cloud and how they manage Trust and security across the infrastructure used by Fairpay follow this link.


3.1.1 Data Storage


Gapsquare is using Google Cloud SQL (MySQL) database for storing customer data and metadata in the europe-west2 region (London). Database backups are performed each night and all backups are stored on separate servers to prevent data loss for 7 days.


3.1.2 Application Deployment 


Applications and services are deployed in Google Cloud Kubernetes Engine environment which facilitate the vertical and horizontal scalability. Fairpay services are deployed in the europe-west-2 region (London). Permissions and accessing the environment is strictly defined in our internal ISO 27001 procedure A.9 Access Control Procedure and each connection is monitored and logged according latest security requirements.


Part 4: Security Documentation


3.1 ISO 27001


Gapsquare has achieved ISO 27001 certification for information security management systems.


We have developed a framework of policies and procedures that includes all legal, physical and technical controls involved in our information risk management processes and have implemented these policies and procedures across our organisation.


Gapsquare completed the Stage 1 ISO 27001 audit in October 2019 and completed Stage 2 in Spring 2020. Our certification number is 18191-ISN-001 and is available to view here.



Part 5 Support and Maintenance


  1. MAINTENANCE EVENTS (For Hosted Services only)

1.1  Maintenance of the hosting equipment, facility, Software or other aspects of the Hosting Services that may require interruption of the Hosting Services (“Maintenance Events”) shall not be performed during Normal Business Hours. The Supplier may interrupt the Services to perform emergency maintenance outside of Normal Business Hours. In addition, the Supplier may interrupt the Hosting Services outside Normal Business Hours for unscheduled maintenance, provided that it has given the Customer at least three [3] days’ advance notice. Any Maintenance Events that occur during Normal Business Hours, and which were not requested or caused by the Customer, shall be considered downtime for the purpose of service availability measurement. The Supplier shall at all times use reasonable endeavours to keep any service interruptions to a minimum.

1.2  The Supplier may determine, at its sole discretion, that providing appropriate service levels requires additional equipment and/or bandwidth, and may install that equipment and/or bandwidth without approval from the Customer, provided that it does not diminish in any way the functionality, connectivity, security or compatibility of the Services.


2.1  Maintenance includes all regularly scheduled error corrections, as well as, at the Supplier’s discretion, any Software updates and upgrades that pertain to fixes and/or improvements to applicable Services as described in Schedule 1 and as specified in the Sales Proposal and/or Order Form.

2.2  For Hosted Services, Software version updates shall be communicated and deployed to all relevant Customers at the sole discretion of the Supplier.

2.3  For un-Hosted Services, available Software version updates shall be communicated to all relevant customers, and deployed at the agreement of the Customer. The Supplier may, at its discretion, levy a charge for such an upgrade. The Supplier shall maintain technical support on at least the two most current releases of the Software.

2.4  Support for additional Services developed by the Supplier, and/or upgrades to different Software, Services, products or deployment options, as requested by the Customer, may be purchased separately at the Supplier’s then

2.5  The Supplier shall maintain and update the Software. Should the Customer determine that the Software includes a defect, the Customer may at any time file error reports and the Supplier shall use reasonable endeavours to correct any errors. The Supplier may, at its discretion, upgrade versions, install error corrections and apply patches to the Services as specified in the Sales Proposal and/or Order Form. The Supplier shall use reasonable endeavours to avoid unscheduled downtime for Service(s) maintenance.


The Supplier shall provide the Customer with technical support services as follows.

3.1 The Supplier shall issue customer identification numbers (“CINs”) to the Customer Support Representatives (“CSR”) which will allow those CSRs to access Supplier technical support. Supplier technical support shall accept voicemail, email and web form-based incident submittal from CSRs with valid CINs twenty-four [24] hours a day, seven [7] days a week. The Supplier technical support centre shall accept calls for telephone support during Normal Business Hours (calls shall be conducted in English) other than where extended support hours apply (as specified on the Sales Proposal and/or Order Form). The Supplier shall use reasonable commercial endeavours to process support requests, issue trouble ticket tracking numbers if necessary, determine the source of the problem and respond to the Customer (resolution times as stated below may not apply to outages caused by third party events, and are subject to resolution within Normal Business Hours). The Supplier technical support call centre shall respond to all support requests from CSRs with valid CINs within the time periods specified below, according to priority.

3.2 The named CSRs and Supplier technical support shall jointly determine the priority of any defect, using one of following priorities:


PriorityDescriptionResponse TimeTarget Resolution Time
Priority 1The Customer cannot access their account, upload a file or visualise any dataWithin one [1] Normal Business Hour.Four [4] Normal Business Hours. Continuous effort after initial response and with Customer co- operation.
Priority 2Certain non- essential features of the Service are impaired while most major compliance components of the Service remain functional.Within twelve [12] Normal Business Hours.Within seven [7] Normal Business Days after initial response.
Priority 3Errors that are non- disabling or cosmetic and clearly have little or no impact on the normal operation of the Services.Within twenty-four [24] Normal Business Hours.Next release of Software.