Notwithstanding any other provision of these ASK4: Compliance Requirements, You shall comply with and abide by all applicable laws (including the Bribery Act 2010, Control of Asbestos Regulations 2012, The Health and Safety at Work etc. Act 1974, Housing Act 1988, Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017, Proceeds of Crime Act 2002 and the Immigration Act 2014).

1.             Definitions

“Anti-Bribery and Conduct Provisions” means the provisions contained in clause 2 of these requirements.

“Anti-Human trafficking and Forced Labour Provisions” means the provisions of clause 5 of these requirements.

“Economic Sanctions” means any trade, economic or financial sanctions or trade embargoes imposed from time to time by any Sanction Authority, including any sanction applied in respect of a particular type of economic activity, including sectoral sanctions.

“Governmental Authority” means any supranational, national, federal, state, municipal or local government (including any subdivision, court, administrative agency or commission or other authority of the same) or any quasi-governmental, industry or trade or private entity or person exercising any regulatory or quasi regulatory, taxing, importing or other governmental or quasi-governmental power or authority, including securities exchanges and competition authorities, as well as any entity that is majority controlled by any of the foregoing.

“Government Official” means any officer, employer, agent, or representative of any Governmental Authority, any candidate for public office and any official or representative of a political party.

“Representatives” means any officers, directors, agents, contractors (including sub-contractors) and employees of You or other persons acting for the benefit of or on behalf of You.

“Restricted Party” means any person or entity that at the time any relevant action was taken was:

(A)        listed on, or owned or controlled by a body or person listed on any of the lists of specifically designated nationals or designated persons or entities (or equivalent) maintained and published by a Sanction Authority, whether in relation to all economic or trade activities or only a particular type of economic activity, including a sector activity;

(B)        the government of a Sanctioned Country or a Governmental Authority of a Sanctioned Country; or

(C)        a national or resident of or legal entity formed or existing or operating under the laws of a Sanctioned Country.

“Sanction Authority” means any Governmental Authority in any jurisdiction in which You operates or provides services to ASK4, as well as (i) any Governmental Authority in the United States (including the US State Department, the US Department of Commerce and the US Department of the Treasury (and in particular, the Office of Foreign Assets Control), (ii) the United Nations Security Council, and (iii) the European Union.

“Sanction Provisions” means the provisions of clause 3 of these requirements.

“Sanctioned Country” means Cuba, Iran, Libya, North Korea, South Sudan, Sudan or Syria or any other country which has been identified as being subject to country-wide Economic Sanctions by a Sanction Authority.

“Supplier Personnel” means employees, consultants, agents, independent contractors and Subcontractors, and any employee or contractor supplied by You to provide services.

1.1.1        You shall at Your own cost register and maintain compliance with the ASK4 supplier requirements in respect of onboarding, including the following, as applicable:

(a)        completing the prequalification forms;

(b)        responding to audit questions;

(c)        providing health and safety program documentation;

(d)        providing a bank account verification letter;

(e)        providing evidence of company and tax registration;

(f)         providing modern slavery statements (or other evidence of compliance);

(g)        providing ESG statements; and

(h)         providing evidence of insurance at the levels and on the terms required by ASK4.

1.1.2        You shall use reasonable endeavours to be in full compliance with these requirements prior to entering into any agreement between ASK4 and You or shortly thereafter.

1.1.3        You shall maintain such compliance status throughout the Term and You acknowledge that renewal is a requirement in order to continue as an approved Supplier of ASK4.

1.1.4        If You are providing any type of goods and/or services which requires You to send a representative out to where any Services are to be performed, You must have a current certificate(s) of insurance on file and available to ASK4 upon request. The certificate(s) of insurance must remain current and any lapse in coverage will result in the termination of future purchases of goods and services.

2.             Anti-bribery and Conduct Provisions

2.1           You certify, represent and undertake that:

2.1.1        neither You, nor any of Your Representatives, has violated or will violate (i) the anti-bribery principles embodied in the United Nations Convention against Corruption, the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions and any applicable national anti-bribery laws, regulations, rules, executive orders or government guidance; or (ii) the Foreign Corrupt Practices Act 1977 and the UK Bribery Act 2010 (collectively, the “Anti-Bribery Laws”); and

2.1.2        You will operate your business and conduct its activities as if it were subject to the provisions of the Foreign Corrupt Practices Act 1977 and the UK Bribery Act 2010.

2.2           You certify, represent and undertake that neither You nor any of Your Representatives, has or will, directly or indirectly, offer, receive, promise, authorize, solicit, pay, make a gift or give anything of value (including money) to:

2.2.1        influence any acts, decisions, or omissions made by any Government Official or any other person or entity to obtain or retain business or secure an improper business advantage;

2.2.2        induce any person or entity to act improperly in violation of such person’s or entity’s duty;

2.2.3        induce any Government Official or any other person or entity to use influence with a Government Authority or any other person or entity to commit an improper act or to obtain or retain business; or

2.2.4        have the purpose or effect of public or commercial bribery, acceptance or acquiescence in extortion, kickbacks or any other unlawful or improper means of obtaining or retaining business.

2.3           You certify and represent that:

2.3.1        no ownership interest, direct or indirect, in You is held or controlled by or for the benefit of any Government Authority, Government Official or any immediate relatives of a Government Official; and

2.3.2        none of its Representatives is a Government Authority or Government Official.

2.4           You will notify ASK4 promptly if this changes or is likely to change.

3.             Sanctions Provisions

3.1           You certify and represent that You have not:

3.1.1        sold products or provided services or technology or purchased products or received services or technology, including credit and financial services or products, to or from any Sanctioned Country or Restricted Party in contravention of an Economic Sanction;

3.1.2        imported, exported or facilitated the import or export of any product, service or technology, including credit and financial services and products, from or to any Sanctioned Country or Restricted Party in contravention of an Economic Sanction; or

3.1.3        otherwise engaged in any financial or other business transaction with any Sanctioned Country or Restricted Party in contravention of an Economic Sanction.

3.2           You undertake that You will not do or assist in the doing of any of the actions listed in this clause 3.

4.             Criminal Finances Act 2017

ASK4 does not tolerate tax evasion and is committed to ensuring that none of its employees, agents or third party suppliers engages in tax evasion. You understand and acknowledge ASK4 policy in this area and is similarly committed to preventing tax evasion by its employees, agents or other third party suppliers. You further acknowledge that You understand Your responsibilities under Part 3 of the Criminal Finances Act 2017 (“Part 3”) and that You have put in place reasonable prevention procedures (as referred to in Part 3) to ensure that neither Your employees, nor Your agents, nor Your relevant third party suppliers will commit the criminal offences referred to in Part 3. On reasonable notice given to You by ASK4, You will provide ASK4 such information and assistance as it may reasonably require enabling it to satisfy itself that You are complying with Part 3.

5.             Anti-Human Trafficking and Forced Labour Provisions

5.1           You certify, represent and undertake that:

5.1.1        neither You, nor any of Your Representatives, has violated or will violate domestic or international anti-human trafficking or forced labour laws including, but not limited to, the (i) UK Modern Slavery Act 2015; (ii) California Transparency in Supply Chains Act; (iii) U.S. Government’s Federal Acquisition Regulation on Ending Trafficking in Persons; (iv) the Forced Labour Convention, 1930 (No. 29); (v) Abolition of Forced Labour Convention, 1957 (No. 105); or (vi) any applicable anti-human trafficking or labour laws in which it conducts business ("Modern Slavery and ESG Laws").

5.1.2        in the event You violate domestic and/or international anti-human trafficking or forced labour laws in any jurisdiction, You shall provide notice to ASK4 of the occurrence of an investigation, formal complaint, or claim, as it pertains to the potential, direct, or indirect violation(s) of law.  You agree to provide notice to ASK4 within thirty (30) days of such investigation, formal complaint, or claim.

5.2           As part of our commitments under the Modern Slavery and ESG Laws, ASK4 may require You to:

5.2.1        sign up to SEDEX as a member, complete Your profile to provide a risk assessment score, maintain an active registration, and connect with ASK4 on the SEDEX platform;

5.2.2         ensure that any ethical or social audits undertaken by You, by third parties on Your behalf, or by third parties on Your operations are recorded on the SEDEX platform and made available to ASK4 (each an "Audit"); and

5.2.3         at Your own cost, perform appropriate remedial actions to address any issues or failures identified through an Audit.

6.             Equality Act 2010

6.1.1        You hereby acknowledge and accept ASK4 policy to treat all residents, prospective residents and their guests in a fair, professional manner without regard to age, disability, race, nationality, ethnic or national origin, religion, belief or lack of religion/belief, sex, sexual orientation, being pregnant or having a child, being or becoming a transsexual person, and in accordance with all jurisdictional guidelines, and furthermore, You accept the responsibility to train Your employees to comply with such.

6.1.2        If You fail to adhere to ASK4 Equality Policy and the Equality Act 2010, ASK4 may terminate any agreement with You with immediate effect.

7.             Screening of Workers

7.1.1        You agree to exercise due diligence in not placing any Supplier Personnel or other employees, labourers or subcontractors to carry out the Services at ASK4 client sites without a DBS certificate (or local equivalent) which:

(a)        is dated not more than 12 months prior to that individual(s) commencing the Services;

(b)        has been checked and signed off in accordance with Your internal polices; and

(c)        is renewed at least every 3 years from the date of issue of the previous DBS certificate, to the extent the individual(s) continues to work with You to provide the Services.

7.1.2        You understand that it is Your own duty to use responsible hiring practices and acknowledges ASK4 policy regarding the background screening of its labour force.

8.            Product Certification and Compliance

8.1        In the below “Products” means all goods and services supplied to ASK4 by You.

8.2        All Products shall:

8.2.1         be in full compliance with all applicable laws, regulations, and standards governing the sale and distribution of such products in all markets that ASK4 operates (being the United Kingdom, European Union, the United States of America and any country as is notified to You by ASK4).

8.2.1         without limiting the generality of the foregoing, You specifically warrant and represent that all Products shall be:

(a) duly marked with the CE and UKCA marks;

(b) marked with any marking required (directly or to enable ASK4’s compliance) under the Waste Electrical and Electronic Equipment Regulations 2013, the Waste Electrical and Electronic Equipment Directive (and local implementations thereof) and Regulation (EU) 2023/1542 of the European Parliament and of the Council of 12 July 2023 concerning batteries and waste batteries;

(c) meet all applicable safety, health, and environmental protection requirements;

8.2.2            be compliant with the regulations and standards set by the Federal Communications Commission (FCC) and the Consumer Product Safety Commission (CPSC);

8.2.3            be compliant with the Electromagnetic Compatibility Directive (and local implementations thereof), ensuring that such Products do not generate, or are not affected by, electromagnetic disturbance or cause interference with other products or devices.

 8.3            You shall ensure that all Products supplied hereunder are fit for purpose and may be legally sold, used, and placed on the market within the territories of the United Kingdom, European Union and the United States. You shall be solely responsible for obtaining any and all approvals, certifications, and authorizations necessary to effectuate this requirement.

 8.4            In the event that any Product is found not to comply with the provisions of this clause, You shall promptly take all necessary steps at your own expense to ensure such compliance, including but not limited to, the modification, replacement, or recall of any non-compliant Product.

9.             Information Security Provisions

9.1 Where You supply, provide or make available goods, services or facilities for use in connection with the provision of ASK4’s public electronic communications network or public electronic communications service you shall support ASK4’s compliance with The Electronic Communications (Security Measures) Regulations 2022 and 105A(1) of the Communications Act 2003 (and any similar requirements implemented in other countries where ASK4 operates under Directive (EU) 2018/1972 establishing the European Electronic Communications Code). In particular (but not limited to) You shall:

9.1.1 take appropriate measures to identify the risks of security compromises in relation to ASK4's network or service that could be caused due to Your goods, services, or facilities and shall disclose any such risks to ASK4 and cooperate with ASK4 to take steps to mitigate these risks at Your own cost.

9.1.2 where You are a network provider with access to ASK4’s network or service or sensitive data, You must take such measures as are appropriate and proportionate for the purposes: (a) identifying the risks of security compromises occurring; (b)reducing the risks of security compromises occurring; and (c) preparing for the occurrence of security compromises.

9.1.3 enable ASK4 to monitor all activities undertaken or arranged by You in relation to its network or service.

9.1.4 cooperate with ASK4 in resolving incidents that cause or contribute to a security compromise in relation to ASK4’s network or service or that increase the risk of such a compromise;

9.1.5 ensure that all network connections and data sharing with ASK4, or arranged by the third party supplier, are managed securely; and

9.1.6 have appropriate written plans to manage the termination of, and transition from, contracts with Ask4 while maintaining the security of the network or service.

9.2 In all case of where you handle ASK4 confidentiality information or personal data (“ASK4 Data”) you shall, ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of ASK4 Data and against accidental loss or destruction of, or damage to data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting ASK4 Data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to ASK4 Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it).

9.3 Where You handle personal data in connection with the provision of a public electronic communications service, you shall notify ASK4 of any breach within 24 hours, in respect of all other breaches of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data related to Your goods, services or facilities you shall notify ASK4 within 72 hours.

9.4 Where You are developing products, software or services for ASK4 or providing IT support services to ASK4, You shall use reasonable skill and care to ensure that the services are provided and/or developed in a secure manner, this includes, but is not limited to:

9.4.1 implementing secure coding practices to prevent common vulnerabilities such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF);

9.4.2 conducting regular security assessments, including code reviews and vulnerability scans;

9.4.3 ensuring, where appropriate,  data encryption both in transit and at rest;

9.4.4 applying necessary patches and updates to address known vulnerabilities promptly; 

9.4.5 ensuring that third-party libraries and components used in the software are regularly updated and free from known vulnerabilities;

9.4.6 conducting rigorous security testing and rectifying any identified security issues promptly;

9.4.7 implementing appropriate access controls to ensure that only authorised personnel have access to the software and related data; and

9.4.8 not incorporating any open-source software that is licensed under terms that require any distributed software or any derivative work thereof, to be distributed under the same open-source license (including not limited to, software licensed under the GNU General Public License (GPL), Affero General Public License (AGPL)) (“Copyleft Open-Source Software”) into the developed software without the prior written consent of ASK4. You may use open-source software that is not Copyleft Open-Source Software.

10.             Processing of Personal Data

Unless otherwise agreed, where You handle ASK4 personal data as a data processor You shall do so subject to the ASK4 Data Processing (ASK4 Controller) Agreement (https://www.ask4.com/data-processing-agreement-ask4-controller).

11.             Additional Provisions

11.1           You certify and represent that at all relevant times, there is no allegation, charge, proceeding investigation of or request for information from You or any of Your Representatives by any Governmental Authority regarding any actual or potential violation of these requirements.  You will immediately inform ASK4 if this changes or is likely to change.

11.2           You certify, represent and undertake that all payments made in connection with the performance of any agreement between ASK4 and You will be:

11.2.1        properly and accurately recorded in its books and records, including amount, purpose and recipient;

11.2.2        maintained in accordance with its internal procedures along with supporting documentation; and

11.2.3        maintained in accordance with all other applicable laws relating to the preparation and maintenance of books, records or accounts,

in each case in a manner that provides sufficient assurance that all transactions of You are recorded in such form and manner as will permit compliance with these requirements.

11.3           You certify and represent that neither You, nor any of Your Representatives, has:

11.3.1        circumvented any internal accounting controls;

11.3.2        falsified any books, records or accounts;

11.3.3        established or maintained any fund or asset that has not been recorded in the books and records of any such entity; or

11.3.4        attempted to coerce or fraudulently influence, an accountant in connection with any audit, review or examination of the financial statements of You.

You undertake that You will not engage in any of the above activities during the term of any agreement between ASK4 and You.

11.4           ASK4 and its authorized representatives may audit, examine and make copies of Your books, records, accounts and any other documents that relate to any agreement between ASK4 and You in whatever form they may be kept to verify compliance with these requirements.  You will keep and preserve all such records and accounts throughout the term of any agreement between ASK4 and You and for (i) three years after the expiration or termination of any agreement between ASK4 and You or (ii) the length of time dictated by Your data retention policies (whichever is the greater). You agree to cooperate fully with such investigations, the scope, method, nature and duration of which shall be at the sole discretion of ASK4. The rights contained in this clause must be explicitly included in any subsequent subcontracts or agreements formed between You and any Representatives in connection with the performance of any agreement between ASK4 and You.

11.5           You will provide, or at ASK4 request will allow ASK4 to provide, anti-bribery and anti-corruption training to the employees of Supplier and to the employees of any sub-contractors who provide services under any agreement between ASK4 and You

11.6           You certify, represent and undertake that You and Your Representatives have and will continue to have adequate policies, procedures and controls (including a whistle-blowing procedure) in place to ensure services under any agreement between ASK4 and You are in compliance with these requirements, including but not limited to, policies and procedures relating to (i) accounting or financial transactions, (ii) training of personnel and (iii) due diligence on third parties. All Representatives of You have been made aware of these policies, procedures and controls. You will promptly deliver to ASK4 a copy/details of these policies, procedures and controls upon written request.

11.7           If You learn of or have reason to suspect any violation of these requirements in connection with the performance of any agreement between ASK4 and You, You will immediately advise ASK4 by way of written notice of Your knowledge or suspicion. You undertake:

11.7.1        to commence an investigation and take immediate steps to suspend any illegal or unethical activity specified in such notice pending the results of the investigation;

11.7.2        to cooperate fully in any ASK4 investigation to determine if there has been a violation of these requirements in connection with the performance of any agreement between ASK4 and You and as soon as practicable thereafter, but in no event later than 90 days after delivery of such notice, You will report the method, scope and results of such investigation to ASK4 General Counsel report will include a proposed cure for any violation or possible violation specified in such report. You will also conduct any additional investigation and revise any such proposed cure as necessary to obtain the approval of ASK4 within a reasonable period of time after presenting such report to ASK4 and You will adopt and implement any proposed cure so approved by ASK4; and

11.7.3        that ASK4 may disclose information relating to probable violation of the Anti-Bribery Provisions, including the existence and terms of any agreement between ASK4 and You, to the relevant Government Authority and to any other person or entity that ASK4 or its legal counsel determines has a legitimate need to know.

11.8           In the event that ASK4 should believe, acting in good faith, that You or any of Your Representatives has violated any of these requirements in any way that may subject ASK4 to liability or to a material loss of reputation, ASK4 will have the unilateral right exercisable immediately upon written notice to You to:

11.8.1        end ASK4's obligation to pay the compensation set forth in any agreement between ASK4 and You and/or

11.8.2        terminate any agreement between ASK4 and You immediately.

11.9           You will hold ASK4 harmless and indemnify ASK4 and will keep ASK4 held harmless and indemnified for all losses and expenses arising out of or in connection with the breach of any of these requirements.  You will, in particular, hold ASK4 harmless and indemnify ASK4 and keep ASK4 held harmless and indemnified against any reasonable third-party costs (including reasonable legal fees and other professional fees and expenses), fines, damages and other out-of-pocket monetary liabilities (including the repayment of revenues or profits) suffered or incurred by, or imposed on, ASK4, arising out of or in connection with the existence, findings or outcome of any complaint, investigation or proceeding involving Your compliance with these requirements.  In the event that any provision of this indemnity is void or unenforceable by reason of any provision of applicable law, such provision will be deemed to be modified to the extent necessary to render it legal, valid and enforceable.  If no such modification is possible, it will be deleted and the remaining provisions of this indemnity will continue in full force and effect and if necessary, be so amended as is necessary to give effect to the spirit of this indemnity so far as possible.

11.10         ASK4 may conduct ongoing due diligence on You (the scope, method, nature and duration of which shall be at the sole reasonable discretion of ASK4). You agree to cooperate fully with any ongoing due diligence and agree to respond promptly and accurately to any due diligence request for information or documents.

11.11         You will provide ASK4 at least annually or upon ASK4's request with a certificate confirming compliance with these requirements.

Updates

On 16 February 2024, these compliance requirements were updated to include a new section 8 (subsequent sections being re-numbered). This new section applies to all supplies of Products (as defined in the update) made on or after that date.

On  20 June 2024, these compliance requirements were updated to include a new section 9 (subsequent sections being re-numbered). This new section applies to all supplies of Products made on or after that date.

On 8 July 2024, these compliance requirements were updated to include a new section 5.2 (subsequent sections being re-numbered). This new section applies to all suppliers.

On 11 November 2024, these compliance requirements were updated to include a new section 10 (data processing). This new section applies to all relevant suppliers.