growyze T&C

These terms and conditions ("terms") set out the terms on which Growyze limited (“Growyze”, "growyze", "us", "we", "our") provide you ("you", "your", "customer") with access to our loss prevention platform ("service") and ("website"). Please read these terms carefully and ensure that you have understood them. By clicking on the button marked "sign up" you warrant that you understand and accept these terms. If you are accepting these terms on behalf of your employer or acting as an employee, you warrant that you are authorised to enter into legally binding contracts on behalf of your employer. The same rights, limitations and restrictions apply to your employer. You agree that these terms are enforceable as if they were written negotiated agreement signed by your employer. If You do not agree to these terms, please cease use of the service immediately.

You are advised to print and retain a copy of these terms for your future reference.



"Billing Period" shall have the meaning at clause 4.1;

"Contract" means the contract between us and you for provision of the Service and which incorporates these Terms, the Data Processing Schedule, and your online registration form;

"Content" means any and all data, files, documents, multimedia files, third party links, images, videos, and any other information or material whatsoever (in any format) submitted by you or the Users to the Service;

“Data Processing Schedule” means the Data Processing Schedule set out in Schedule 1 to these Terms.

"Fee" means the fee payable by you for use of the Service as specified on the Website or otherwise agreed between us and you in writing;

"Hardware" means your computer, laptop or other device used to Use the Service;

"Intellectual Property Rights" means all intellectual property rights including without limitation, performer's reproduction rights, performer's distribution rights, performer's rental rights and performer's lending rights (collectively referred to as "Performer's Property Rights"), patents, utility models, trade and service marks, trade names, domain names, right in designs, copyrights, moral rights, topography rights, rights in databases, trade secrets and know-how and in all cases whether or not registered or register able and including registrations and applications for registration of any of these and rights to apply for the same, and all rights and forms of protection of a similar nature or having equivalent or similar effect to any of these anywhere in the world;

"Login Details" means the unique email address and password required for all Users to access the Service;

"Minimum Requirements" means any minimum specifications required for your Hardware in order for you to use the features and functionality of the Service, as may be specified on the Website from time to time;

"Network" means the electronic communications network used by us to provide the Service;

"Purpose" means to use, copy, compress, modify and transmit in order to provide you with the Service and perform our obligations under these Terms;

"Service" means the software application provided by us, including all its features, functionalities, updates, and support, accessible to you via our designated platform or portal.

"Use" means having access to the Service for your organisation's own internal business purposes only; and

"User" means an individual employee of your organisation who you have permitted to use the Service and who has been given the Login Details.



2.1 Your contract is with Growyze Limited, also known as ‘growyze’, a company registered in England and Wales with the company registration number 12350892 and having its registered address at International House 36 - 38 Cornhill, London, England, EC3V 3NG.

2.2 The Service is intended to be used for commercial purposes. If you wish to use the Service for private, non-commercial purposes, please contact us using the email address at clause 16.


3.1 In order to use the Service, you are required to register directly through the online registration form provided on our platform, or if your subscription plan includes paid onboarding the registration will be conducted by the growyze onboarding team.

3.2 Upon your completion and submission of the online registration form on our platform, your registration will be immediately confirmed within the application, granting you access to use the Service in accordance with these Terms. Alternatively, following a product demonstration, we will provide you with access to the platform, allowing you to utilise the Service.

3.3 You hereby warrant that the information provided by you is true, accurate and correct. You further warrant that you shall promptly notify us in the event of any changes to such information provided.

3.4 You shall keep, and procure that all Users keep, any Login Details confidential and secure. Without prejudice to our other rights and remedies, we reserve the right to promptly disable your Login Details and suspend your access to the Service In the event we have any reason to believe that any User has breached any of the provisions set out herein.


4.1 Users will receive user IDs and passwords to access the Service from Customer (“Permitted Users”).

4.2 Customer will ensure that all Permitted Users keep these credentials strictly confidential.  

4.3 Customer is responsible for any and all actions taken by Permitted Users or by anyone using Customer’s accounts and passwords and shall ensure that Permitted Users are only Customer’s employees and contractors


5.1 Your contract with us begins when you create an account with our Service. Your access will be governed by the terms outlined in the accompanying documentation or on our website and will continue indefinitely under these terms unless terminated as specified in clause 8 below.

5.2 You may cancel your subscription by providing notice in writing by email submitted to in accordance with the notice period specified in the Order Form (if one is provided to you).  Termination will become effective at the end of the current Billing Period, and no refunds will be provided for any remaining time in the Billing Period after cancellation.

5.3 We may suspend or terminate your use of the Service immediately upon notice to you in the event that:

5.3.1 third-party services and network providers cease to make the third-party service or network available to us;

5.3.2 you fail to comply with one or more of these Terms;

5.3.3 we believe that there has been fraudulent use, misuse, or abuse of features and functionalities of the Service (in whole or in part); or

5.3.4 we believe that you have provided us with any false, inaccurate, or misleading information. For the Free Plan, as there are no Fees, no refunds shall be issued. For the Pro and Premium Plans, any potential refunds will be subject to the terms of the plan and any agreement in place.

5.4 Should your Contract with us conclude in accordance with clause 4, your and any User's active engagement with the Service will end. However, you will continue to have visibility of your data on the Service. We will securely retain necessary copies of your Content and other data as required for compliance and record-keeping purposes, always ensuring confidentiality.


6.1 In consideration for payment of the applicable Fees, we hereby grant to you a non-exclusive, non-transferable (without a right to sub-licence) licence to Use, and permit Users to Use, the Service for the duration of your Contract. You acknowledge that you shall be responsible for all Use of the Service by Users and shall ensure that these Terms are brought to the attention of all Users. You shall be liable for breach of these Terms by a User as if it were a breach by you.

6.2 We shall use reasonable endeavours to make the Service available to you and the Users at all times, but we cannot guarantee uninterrupted or fault free service.

6.3 Our Ability to provide the Service may be impaired by conditions or circumstances that are beyond our control, including, without limitation third party service providers, geographic or atmospheric conditions, local physical obstructions, software and hardware features or functionality of your personal computer, operating system and the number of other users logging onto the Service, server and/or Network at the same time. We shall take reasonable action to minimise the disruption caused by such circumstances, but you acknowledge, agree and accept that some such interruptions may not be avoidable.

6.4 The network is not controlled by us and may from time to time be upgraded, modified, subject to maintenance work or otherwise amended by the owner of the Network. Such circumstances may result in the Service being temporarily unavailable.

6.5 We use industry standard security measures to protect against the loss, misuse and alteration of the information, data, and/or content handled by our Service. However, you acknowledge and agree that we cannot guarantee complete security of such information, data, and/or content or that our security measures will prevent hacks, worms, bugs, trojans or such other similar devices that may allow access to or unauthorised viewing of such information, data, and/or content. However, we use reasonable endeavours in order to prevent such actions and unauthorised access from happening.

6.6 We reserve the right to make changes to the Service or part thereof, from time to time at our sole discretion, and we may from time to time update, add, remove, modify and/or vary any features or functionalities of the Service. If changes with significant impact on the Service are made that you are unhappy with, you have the right to terminate the Contract.

6.7 We offer support services 12 hours a day, Monday to Friday (excluding public holidays) for the duration of your Contract in respect of your Use of the Service, which comprises of:  

6.7.1 advice on Use of the Service; and  

6.7.2 diagnosis of interruptions to the Service ("Fault"), in each case by emailing us at  

6.8 Fault diagnosis is subject to you or any User providing a clear and accurate description of any Fault requiring support, including the circumstances in which it arose, the area of the Service to which the Fault relates and any other information reasonably required by us to remedy the Fault.  

6.9 Subject to receiving a description in accordance with clause 6.8 above, we shall use our reasonable efforts to resolve the Faults within a reasonable time following receipt of your or a User's request pursuant to clause 6.6.  

6.10 The support detailed in this clause 6 shall not include the diagnosis and rectification of any Fault resulting from:  

6.10.1 use of the Service other than in accordance with these Terms or the use of the Service for a purpose for which it was not designed;  

6.10.2 a fault in your or a third party's software, hardware, network connections or application or any upgrade in respect thereof; or  

6.10.3 a fault in the equipment or in any other software operating in conjunction with or integrating with the Service


7.1 ‘Customer Data’ means electronic data and information submitted by or for Customer to the Service or collected and processed by or for Customer using the Service and any output from the foregoing.

7.2 You agree that you are solely responsible and liable for all your activities on the Website and Use of the Service, including that of your Users. You shall be liable for any breach of these Terms by a User as if you had breached the Terms.

7.3 You shall promptly notify us in the event of a breach of security or any unauthorised Use of Login Details.

7.4 You are responsible for ensuring that any Content is not deemed to be offensive, illegal, inappropriate or that in any way:

7.4.1 promotes racism, bigotry, hatred or physical harm of any kind against any group or individual;

7.4.2 harasses or advocates harassment of another person;

7.4.3 displays pornographic or sexually explicit material;

7.4.4 promotes any conduct that is abusive, threatening, obscene, defamatory or libellous;

7.4.5 promotes any illegal activities;

7.4.6 provides instructional information about illegal activities, including violating someone else's privacy or providing or creating computer viruses;

7.4.7 promotes or contain information that you know or believe to be inaccurate, false or misleading;

7.4.8 engages in the promotion of contests, sweepstakes and pyramid schemes, without our prior written consent;

7.4.9 contains any virus or other thing or device which may prevent, impair or otherwise adversely affect the operation of the Website and the Service; or

7.4.10 infringes any Intellectual Property Rights or any other proprietary rights of any third party.

7.5 For the duration of this Contract, you hereby grant, to us a non-exclusive, worldwide royalty free license to use the Content and all other materials submitted by you or any User solely for the Purpose.

7.6 You acknowledge that the Service does not verify the rights and restrictions applicable to any Content. Where you do not own the Content, you are solely responsible for checking the relevant licence rights and restrictions applicable to any Content. We shall not be liable to you for any losses, damages, costs or expenses incurred by you arising out of or in connection with your use of any Content through the Service.

7.7 You warrant and represent that you own, are licensed or otherwise have a right to use any and all the Intellectual Property Rights in any Content that you submit to the Service. You hereby indemnify and hold us harmless against all damages, losses, costs and expenses (including reasonable legal expenses)incurred or suffered by us arising out of or in connection with any claim made against us by a third party arising out of or in connection with our use or possession of any Content in accordance with these Terms.

7.8 You further agree that at all times, you shall, and procure that any User shall:

7.8.1 not use Login Details with the intent of impersonating another individual;

7.8.2 not allow any other person other than a User to use your Login Details;

7.8.3 not do anything likely to impair, interfere with or damage or cause harm or distress to any persons using the Service and the Website or in respect of the Network;

7.8.4 not use the Website and/or the Service, the content therein and/or do anything that will infringe any intellectual property right or other rights of any third parties;

7.8.5 not use any information obtained using the Service and/or the Website otherwise than in accordance with these Terms;

7.8.6 comply with our instructions and policies from time to time in respect of the Website and your Use of the Service;

7.8.7 co-operate with any reasonable security or mandatory legal checks or requests for information made by us from time to time; and

7.8.9 use the information made available to you using the Service and on the Website at your own risk.

7.9 In the event that You or any User breach any of the terms in this clause 7, or at our sole and absolute discretion, reasonably suspect that you or any User have breached any of the terms set out in this clause 7, we reserve the right to terminate your Contract forthwith upon written notice.

7.10 Aggregated and Anonymized Data - notwithstanding anything to the contrary contained herein, growyze may process aggregated and anonymous general platform usage data and Customer Data on an anonymized basis for growyze's legitimate business purposes, including for machine learning and testing, product development and enhancement, controls, and operation of the Service, and may retain and share such data at growyze's discretion (“Aggregated and Anonymized Data”). For clarity, nothing in this Section 7.10 gives growyze the right to publicly identify Customer or any individual user as the source of Aggregated and Anonymized Data.


8.1 This is a subscription agreement for use of Service and not an agreement for sale. Customer acknowledges that it is obtaining only a limited right to use the Service on a hosted basis. Customer agrees that growyze or its suppliers retain all right, title and interest (including all patent, copyright, trade secret and other intellectual property rights) in and to the Service, including and any and all related and underlying software (including but not limited to mobile applications, extensions and interfaces), databases, technology, and all copies, modifications and derivative works thereof, the Documentation, and all system performance data and machine learning, including machine learning algorithms, data used for optimization and services improvement, and the results and output of such machine learning (collectively, “growyze Technology”). growyze reserves all rights to the Service not expressly granted in this Agreement. 

8.2 Customer, from time to time, may submit comments, information, questions, data, ideas, descriptions of processes, or other information relating to the Service to growyze (“Feedback”). growyze may use, copy, disclose, license, distribute and exploit any Feedback in any manner without any obligation, royalty or restriction based on intellectual property rights or otherwise, provided Customer shall not be identified in connection with any such Feedback without Customer’s consent in its sole discretion.


9.1 All Fees are set forth on the Order Form provided and/or based on the subscription plan you have chosen at the start of the then-current Billing Period.  All fees are invoiced and payable in advance.

9.2 If you wish to upgrade part way through a Billing Period, additional Fees will not be payable in respect of such upgrade during the current Billing Period, for the period remaining in such Billing Period.

9.3 No reduction in, or refund of, Fees will be made if you downgrade your subscription plan during your Billing Period.

9.4 All Fees are non-refundable, unless otherwise agreed by us in writing.

9.5 Any invoices are payable within thirty (30) days of the invoice date. If we do not receive your payment by the applicable due date, we reserve the right to withhold access and/or terminate your Contract. If you wish to terminate your Contract, you shall be required to comply with clause 4.

9.6 We reserve the right to increase the Fees at any time upon written notice to you, which shall take effect from the start of the next Billing Period following the Billing Period in which we gave notice to you. You may, of course, choose to terminate the Contract in advance of the next Billing Period, should you not wish to accept the future Fee increase.

9.7 All Fees payable hereunder are exclusive of VAT or other sales tax, which will be added at the applicable rate.


10.1 You hereby warrant that (a) all Users are at least 18 years old; (b) you have the right and capacity to enter into and be bound by these Terms; and (c) you shall comply with all applicable laws regarding the Use of the Service.

10.2 The Service is provided to assist with viewing and analysis of Content and Data and should not be used as a back-up facility. You should ensure that you and the Users have adequate back-up facilities for any Content and we shall not be liable for any losses or damages incurred by you or any Users arising out of or in connection with your failure to implement adequate back-up facilities in respect of any Content and Data.

10.3 You acknowledge that we use advanced technology in order to extract and analyse Content and Data, which may, on occasions, result in errors. We cannot guarantee that any attempt to extract and analyse Content And Data will be successful and may be subject to your selected device/hardware meeting certain specifications specified by us from time to time.

10.4 Links to third party websites may appear on the Website from time to time. Such third-party websites are not our responsibility and we accept no liability for the availability, suitability, reliability or content of such third-party websites and third party software.

10.5 We shall not be liable for any delay or failure to provide the Service and/or make the Website available for reasons that is due to third parties including without limitation internet service providers, data centres, server hosting companies and telecommunication providers.

10.6 All warranties, representations, guarantees, conditions and terms other than those expressly set out herein whether express or implied by statute, common law, trade usage or otherwise, and whether written or oral are hereby expressly excluded to the fullest extent permissible by law. All information, advice, suggestions and recommendations made available to you are provided to you on an "as is" basis.

10.7 Nothing in these Terms shall be deemed to exclude, restrict or limit liability for the following categories:

10.7.1 death or personal injury resulting from negligence;

10.7.2 any liability for fraud or fraudulent misrepresentation;

10.7.3 any act of liability caused through wilful default;

10.7.4 any indemnity provided hereunder; or

10.7.5 any other liability which cannot be limited or excluded under applicable law.

10.8 Subject to clause 10.7, neither you nor us shall be responsible for any:

10.8.1 loss of profits, sales, business, or revenue;

10.8.2 loss or corruption of data, information or software;

10.8.3 loss of business opportunity;

10.8.4 loss of anticipated savings;

10.8.5 loss of goodwill; or

10.8.6 special, indirect or consequential loss, whether such losses, damages, costs and expenses resulted from your or our negligence, failure to comply with these Terms or otherwise.

10.8.7 subject to clause 10.7, both parties’ maximum aggregate liability towards one another, arising from or in connection with this Contract, whether arising in contract, tort (including negligence) or otherwise, shall not exceed the Fees paid by you to us under the Contract in the twelve (12) months prior to the month in which the event or series of events arose(and in the event less than 12 months have elapsed, the aggregate liability shall be limited to the Fees payable by you in the first12 months of your Contract, to be calculated by averaging the Fees paid (or payable in the case of Fees invoiced but not yet paid) by you during the preceding months).


11.1 We and/or our licensors own all rights in the Intellectual Property Rights relating to the Service and the Website. Subject to the limited licence granted under clause 5.1, all right, title and interest in and to the Service and the Website will remain exclusively with us and/or our licensors and we reserve all rights therein.

11.2 You are expressly prohibited from:

11.2.1 reproducing, copying, editing, transmitting, uploading or incorporating into any other materials, any of the Service or the Website; and

11.2.2 removing, modifying, altering or using any registered or unregistered marks/logos/design owned by us and/or its licensors, and doing anything which may be seen to take unfair advantage of our reputation and good will or could be considered an infringement of any of the rights in the Intellectual Property Rights owned by and/or licensed to us.


12.1 We and you agree to comply with our respective obligations as set out in the Data Processing Schedule 1.



13.1 You will not and procure that the User will not misuse the Website and/or the Service by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to the Website and/or the Service, the server on which the Website and the Service are stored or any server, computer or database connected to our Website and Service. You must not attack the Website and/or the Service via a denial-of-service attack or a distributed denial-of service attack.

13.2 By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and will cooperate with those authorities by disclosing your identity to them. In the event of such a breach, your right, together with any User's right, to use the Website and the Service will cease immediately.

13.3 We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your, or any User's use of the Website and/or the Service or to your, or any User downloading of any material posted on it, or on any website linked to it.


14.1 By agreeing to these Terms and Conditions, you grant us a non-exclusive, worldwide, royalty-free license to use your trade names, trademarks, service marks, logos, domain names, and other distinctive brand features ("Customer Branding"), as well as any photographs, images, or likenesses taken during on-site visits or otherwise provided by you ("Customer Images"), for our marketing and promotional activities.

14.2 This may include the publication of case studies, inclusion in marketing materials, and sharing across our social media platforms, provided such usage is in line with portraying your business in a positive light and in accordance with any branding guidelines you may provide.

14.3 You confirm that you have all the necessary rights to grant us this license for the Customer Branding and Customer Images, and may revoke this license at any time by providing written notice.


15.1 Unless otherwise set out to the contrary in these Terms, each party (the "Receiving Party") shall keep confidential all information and documentation disclosed by the other party (the "Disclosing Party") to the Receiving Party or of which the Receiving Party becomes aware which in each case relates to any operations, products, processes, dealings, trade secrets or the business of the Disclosing Party or which is identified by the Disclosing Party as confidential ("Confidential Information") and will not use any Confidential Information for any purpose other than the performance of its obligations under these Terms and/or, in so far as growyze is the Receiving Party, improving performance of the Service. Other than to its employees, affiliates and sub-contractors to the extent that it is reasonably necessary for the purpose of performing its obligations under these Terms, the Receiving Party shall not disclose Confidential Information to any third party without the prior written consent of the Disclosing Party.

15.2 The obligations contained in Clauses 15.1 shall not apply to any Confidential Information which is:

15.2.1 on the date your Contract comes into effect, or at any time after that date, in the public domain other than through breach of these Terms by the Receiving Party;

15.2.2 furnished to the Receiving Party without restriction by a third party having a bona fide right to do so;

15.2.3 required to be disclosed by the Receiving Party by law or regulatory requirements of any marketplace/stock exchange, provided that the Receiving Party shall give the Disclosing Party as much notice as reasonably practicable of the requirement for such disclosure.


growyze makes the following additional commitments, representations, and warranties to the Customer:

16.1 Will only process Customer Data and Personal Information on behalf of, and as Service Provider of, the Customer, and not collect, retain, use, or disclose that data for any purpose other than to perform the obligations under this Agreement, as permitted under CCPA and other applicable privacy and data protection laws (collectively, “Privacy Laws”). In no event will growyze “sell” (as defined by Privacy Laws) any such personal information.  

16.2 Will not collect, use, retain, disclose, sell, or otherwise make Customer Data or Personal Information available for growyze’s own commercial purposes or in a way that does not comply with the CCPA or other Privacy Laws.  

16.3 Will limit personal information collection, use, retention, and disclosure to activities reasonably necessary and proportionate to provide the Services set forth in the Contract or another compatible operational purpose.


17.1 If we fail at any time to insist upon strict performance of our obligations under these Terms, or if we fail to exercise any of the rights or remedies to which we are entitled to under these Terms, this will not constitute a waiver of any such rights or remedies and shall not relieve you from compliance with such obligations.

17.2 You shall comply with all foreign and local laws and regulations which apply to your Use of the Website and/or the Service in whatever country you are physically located, including without limitation, export control laws and regulations.

17.3 Neither Party will be responsible for delays resulting from circumstances beyond the reasonable control of such party, provided that the non-performing party uses reasonable efforts to avoid or remove such causes of non-performance and continues performance hereunder with reasonable dispatch whenever such causes are removed.

17.4 A waiver by us of any default shall not constitute a waiver of any subsequent default.

17.5 No waiver by us of any of the Terms shall be effective unless it is expressly stated to be a waiver and is communicated to you in writing.

17.6 All notification and communication should be sent to the contact details set out in clause 16 below (in the case of growyze) or the contact details given by you in the online registration form on the Website. A notice or communication is deemed given:(i) if delivered personally, when left at the relevant party's address; (ii) if sent by post, two working days after posting it; (iii) if sent by email on completion of its transmission.

17.7 If Any of these Terms are determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term, condition or provision will to that extent, be severed from the remaining terms, conditions and provisions which shall continue to be valid to the fullest extent permitted by law.

17.8  Your Contract represents the entire agreement between you and us in respect of your use of the Website and or the Service and shall supersede any prior agreement, understanding or arrangement between us, whether oral or in writing.

17.9 You acknowledge that in entering into these Terms, you have not relied on any representations, undertaking or promise given by or implied from anything said or written whether on the Website, the Internet or in negotiation between us (whether made innocently or negligently) except as expressly set out in these Terms.

17.10 These Terms are governed by and construed in accordance with English law. The Courts of England shall have exclusive jurisdiction over any disputes arising out of these Terms.

17.11 We may make small amendments to these Terms by giving reasonable notice on our Website. By continuing (or Users continuing) to Use the Service after expiry of the notice period, you will be deemed to have accepted any amendment to these Terms. For more significant changes, we will notify existing customers by email.

17.12 Unless it expressly stated otherwise, this Contract does not give rise to any rights under the Contracts (Rights of Third Parties)Act 1999 to enforce any term of this Contract. The rights of the parties to rescind or vary this Contract are not subject to the consent of any other person.



18.1 Please direct any queries about these terms to:




1.1 In this Data Processing Schedule the following terms shall have the meanings set out in this Paragraph 1.1, unless expressly stated otherwise:

(a) “Adequate Country” means a country or territory outside the European Economic Area that the European Commission has deemed to provide an adequate level of protection for Personal Data pursuant to a decision made in accordance with Article 45(1) of the GDPR.

(b) “Anonymised Data” means any Personal Data (including Customer Personal Data), which has been anonymised such that the Data Subject to whom it relates cannot be identified, directly or indirectly, by growyze or any other party reasonably likely to receive or access that anonymised Personal Data.

(c) “Business Day” means any day which is not a Saturday, Sunday or public holiday, and on which the banks are open for business, in London.

(d) “Cessation Date” has the meaning given in Paragraph 9.1.

(e) “Controller Data” means any Personal Data pertaining to Users or other Customer Personnel which is Processed by growyze other than for the purpose of providing support services under the Contract, pursuant to the growyze’s Privacy Policy.

(f) “Customer Personal Data” means any Personal Data contained in any Content and any other Personal Data pertaining to Users that is Processed by or on behalf of growyze on behalf of Customer in the course of providing support services under the Contract (excluding any Controller Data).

(g) “Data Protection Laws” means the EU General Data Protection Regulation 2016/679 (the “GDPR”) and any implementing legislation or legislation having equivalent effect in the United Kingdom (references to “Articles” or “Chapters” of the GDPR, and any definitions therein, shall be construed accordingly).

(h) “Data Subject Request” means the exercise by Data Subjects of their rights under, and in accordance with Chapter III of the GDPR.

(i) “Data Subject” means the identified or identifiable natural person located in the European Economic Area to whom Customer Personal Data relates.

(j) “Delete” means to remove or obliterate Personal Data such that it cannot be recovered or reconstructed, and “Deletion” shall be construed accordingly.

(k) “Post-cessation Storage Period” has the meaning given in Paragraph 9.2.

(l)  “Restricted Country '' means a country or territory outside the European Economic Area that is not an Adequate Country.

(m) “Restricted Transfer” means: (i) a transfer of Customer Personal Data from Customer to growyze in a Restricted Country; or (ii) an onward transfer of Customer Personal Data from growyze to a Subprocessor in a Restricted Country, (in each case) where such transfer would be prohibited by Data Protection Laws without a legal basis there for under Chapter V of the GDPR.

(n) “Services” means those services and activities to be supplied to or carried out by or on behalf of growyze for Customer pursuant to the Contract.

(o) “Standard Contractual Clauses” means the standard contractual clauses issued by the European Commission (from time-to-time)for the transfer of Personal Data from Data Controllers established inside the European Economic Area to Data Processors established in Restricted Countries.

(p) “Sub processor” means any third party appointed by or on behalf of growyze to Process Customer Personal Data.

1.2 In this Data Processing Schedule:

(a) the terms, “Data Controller”, “Data Processor”, “Personal Data”, “Personal Data Breach”, “Process” (and its derivatives) and “Supervisory Authority” shall have the meaning ascribed to the corresponding terms in the Data Protection Laws;

(b) unless otherwise defined in this Data Processing Schedule, all capitalised terms shall have the meaning given to them in the Terms.

1.3 Customer warrants and represents that it is subject to the territorial scope of the Data Protection Laws as determined in accordance therewith (including pursuant to Article 3 of the GDPR). Customer further agrees that to the extent that it is not in fact subject to the territorial scope of the Data Protection Laws, this Data Processing Schedule shall be deemed automatically void and of no effect without requirement of notice.


2.1 In respect of Customer Personal Data, the Parties acknowledge that:

  1. growyze acts as a Data Processor; and
  1. customer acts as the Data Controller.

2.2 growyze shall:

(a) comply with all applicable Data Protection Laws in Processing Customer Personal Data; and

(b) not Process Customer Personal Data other than:

  (i)  on Customer’s instructions (subject always to Paragraph 2.9); and

  (ii) as required by applicable laws.

2.3 To the extent permitted by applicable laws, growyze shall inform Customer of:

(a) any Processing to be carried out under Paragraph 2.2 (b) (ii); and

(b) the relevant legal requirements that require it to carry out such Processing, before the relevant Processing of that Customer Personal Data.

2.4 Customer instructs growyze to Process Customer Personal Data as necessary:

  1. to provide the Services to Customer; and
  1. to perform growyze’s obligations and exercise growyze’s rights under the Contract.

2.5 Annex 1 (Data Processing Details) sets out certain information regarding growyze’s Processing of Customer Personal Data as required by Article 28(3) of the GDPR.

2.6 Customer may amend Annex1 (Data Processing Details) on written notice to growyze from time to time as Customer reasonably considers necessary to meet any applicable requirements of Data Protection Laws.

2.7 Nothing in Annex 1 (Data Processing Details) (including as amended pursuant to Paragraph 2.6) confers any right or imposes any obligation on any Party to this Data Processing Schedule.

2.8 Where growyze receives an instruction from Customer that, in its reasonable opinion, infringes the GDPR, growyze shall inform Customer.

2.9 Customer acknowledges and agrees that any instructions issued by Customer with regards to the Processing of Customer Personal Data by or on behalf of growyze pursuant to or in connection with the Contract:

(a) shall be strictly required for the sole purpose of ensuring compliance with Data Protection Laws; and

(b) shall not relate to the scope of, or otherwise materially change, the Services to be provided by growyze under the Contract.

2.10 Notwithstanding anything to the contrary herein, growyze may terminate the Contract in its entirety upon written notice to Customer with immediate effect if growyze considers (in its reasonable discretion) that:

(a) it is unable to adhere to, perform or implement any instructions issued by Customer due to the technical limitations of its systems, equipment and/or facilities; and/or

(b) to adhere to, perform or implement any such instructions would require disproportionate effort (whether in terms of time, cost, available technology, manpower or otherwise).

2.11 Customer represents and warrants on an ongoing basis that, for the purposes of Article 6of the GDPR, and (where applicable) Article 9 and/or Article 10 of the GDPR, there is, and will be throughout the term of the Contract, a valid legal basis for the Processing by growyze of Customer Personal Data in accordance with the Contract (including, any and all instructions issued by Customer from time to time in respect of such Processing).


Growyze shall take reasonable steps to ensure the reliability of any growyze Personnel who Process Customer Personal Data, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.


4.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk (which may be of varying likelihood and severity) for the rights and freedoms of natural persons, growyze shall in relation to Customer Personal Data implement appropriate technical and organisational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.

4.2. In assessing the appropriate level of security, growyze shall take account in particular of the risks presented by the Processing, in particular from a Personal Data Breach.

4.3 growyze shall also establish procedures for regular testing, assessment, and evaluation of the effectiveness of technical and organiszational measures for ensuring the security of the processing.

4.4 In the event of a Personal Data Breach, growyze shall, without undue delay, notify the Customer and provide timely cooperation to the Customer in the Customer's obligations to inform affected individuals and regulatory authorities, as required by Data Protection Laws.  


5.1 Customer authorises growyze to appoint Sub processors in accordance with this Paragraph 5.

5.2 growyze may continue to use those Sub processors already engaged by growyze as at the date of this Data Processing Schedule, subject to growyze meeting within a reasonable timeframe (or having already met) the obligations set out in Paragraph 5.3.

5.3 With respect to each Sub processor, growyze shall endeavour to ensure that the arrangement between growyze and the Sub processor is governed by a written contract including terms which offer at least an equivalent level of protection for Customer Personal Data as those set out in this Data Processing Schedule(including those set out in Paragraph 4).


6.1 Taking into account the nature of the Processing, growyze shall provide Customer with such assistance as may be reasonably necessary and technically possible in the circumstances, to assist Customer in fulfilling its obligation to respond to Data Subject Requests.

6.2 growyze shall:

(a) promptly notify Customer if growyze receives a Data Subject Request; and

(b) ensure that growyze does not respond to any Data Subject Request except on the written instructions of Customer (and in such circumstances, at Customer’s cost) or as required by applicable laws.


7.1 growyze shall notify Customer without undue delay upon growyze becoming aware of a Personal Data Breach affecting Customer Personal Data, providing Customer with sufficient information (insofar as such information is, at such time, within growyze’s possession) to allow Customer to meet any obligations under Data Protection Laws to report the Personal Data Breach to:

(a) affected Data Subjects; or

(b) the relevant Supervisory Authority(ies) (as may be determined in accordance with the Data Protection Laws).

7.2 growyze shall at Customer’s sole cost and expense co-operate with Customer and take such reasonable commercial steps as may be directed by Customer to assist in the investigation, mitigation and remediation of each such Personal Data Breach.


8.1 growyze shall provide reasonable assistance to Customer, at the Customer's cost, with any data protection impact assessments, and prior consultations with Supervisory Authorities, which Customer reasonably considers to be required of Customer by Article 35 or Article 36 of the GDPR, in each case solely in relation to the Processing of Customer Personal Data by, and taking into account the nature of the Processing by, and information available to, growyze.


9.1 Subject to Paragraphs 9.2 and 9.5, upon the date of cessation of any Services involving the Processing of Customer Personal Data (the “Cessation Date”), growyze shall immediately cease all Processing of the Customer Personal Data for any purpose other than for storage.

9.2 Subject to Paragraph 9.5, to the extent technically possible in the circumstances (as determined in growyze’s sole discretion), on written request to growyze (to be made no later than fifteen( 15) Business Days after the Cessation Date (the “Post-cessation Storage Period”), growyze shall:

  1. remove or return a complete copy (if applicable) of all Customer Personal Data within growyze s possession to Customer by secure file transfer, promptly following which growyze shall Delete all other copies of such Customer Personal Data; or
  1. delete all Customer Personal Data then within growyze’s possession.

9.3 growyze shall comply with any written request made pursuant to Paragraph 9.2 within fifteen

(15) Business Days of the Cessation Date.

9.4 In the event that during the Post-cessation Storage Period, Customer does not instruct growyze in writing to either Delete or return the Customer Personal Data pursuant to Paragraph 9.2, growyze shall promptly after the expiry of the Post-cessation Storage Period either (at its option):

  1. delete; or
  1. irreversibly render Anonymised Data,  

all Customer Personal Data then within growyze’s possession to the fullest extent technically possible in the circumstances.

9.5 growyze and any Sub processor may retain Customer Personal Data where required by applicable law, for such period as may be required by applicable law, provided that growyze and any such Sub processor shall ensure:

a) the confidentiality of all such Customer Personal Data; and

b) that such Customer Personal Data is Processed as necessary for the purpose(s) specified in the applicable law requiring its storage and for no other purpose.


10.1 growyze shall make available to Customer on request such information as growyze (acting reasonably) considers appropriate in the circumstances to demonstrate its compliance with this Data Processing Schedule.

10.2 Subject to Paragraphs 10.3 and 10.4,in the event that Customer(acting reasonably) is able to provide documentary evidence that the information made available by growyze pursuant to Paragraph 10.1 is not sufficient in the circumstances to demonstrate growyze’s compliance with this Data Processing Schedule, growyze shall allow for and contribute to audits, including on- premise inspections, by Customer or an auditor mandated by Customer in relation to the Processing of the Customer Personal Data by growyze.

10.3 Customer shall give growyze reasonable notice of any audit or inspection to be conducted under Paragraph 10.1 (which shall in no event be less than fifteen (15) business Days’ notice unless required by a Supervisory Authority pursuant to Paragraph 9.4(f) and shall use its best efforts (and ensure that each of its mandated auditors uses its best efforts) to avoid causing, and hereby indemnifies growyze in respect of, any damage, injury or disruption to growyze’s premises, equipment, personnel, data, and business (including any interference with the confidentiality or security of the data of growyze’s other customers or the availability of growyze’s services to such other customers) while its personnel and/or its auditor’s personnel (if applicable) are on those premises in the course of any on-premise inspection.

10.4 growyze need not give access to its premises for the purposes of such an audit or inspection:

  1. to any individual unless he or she produces reasonable evidence of their identity and authority;
  1. to any auditor whom growyze has not given its prior written approval (not to be unreasonably withheld);
  1. unless the auditor enters into a non-disclosure agreement with growyze on terms acceptable to growyze;
  1. where, and to the extent that, growyze considers, acting reasonably, that to do so would result in interference with the confidentiality or security of the data of growyze’s other customers or the availability of growyze’s services to such other customers;
  1. outside normal business hours at those premises; or
  1. on more than one occasion in any calendar year during the term of the Agreement, except for any additional audits or inspections which Customer is required to carry out by Data Protection Law or a Supervisory Authority, where the Customer has identified the relevant requirement in its notice to the Supplier of the audit or inspection.

10.5 Customer shall bear any third party costs in connection with such inspection or audit and reimburse growyze for all costs incurred by growyze and time spent by growyze (at growyze’s then- current professional services rates) in connection with any such inspection or audit.


11.1 Subject to Paragraph 11.3, to the extent that any Processing by either growyze or any Sub processor of Customer Personal Data involves a Restricted Transfer, the Parties agree that:

  1. Customer – as “data exporter”; and
  1. growyze or Sub processor (as applicable) – as “data importer”, shall enter into the Standard Contractual Clauses in respect of that Restricted Transfer and the associated Processing in accordance with Paragraph 11.3.

11.2 In respect of any Standard Contractual Clauses entered into pursuant to Paragraph 11.1:

  1. Clause 9 of such Standard Contractual Clauses shall be populated as follows:

“The Clauses shall be governed by the law of the Member State in which the data exporter is established.”

  1. Clause 11(3) of such Standard Contractual Clauses shall be populated as follows:

“The provisions relating to data protection aspects for sub-processing of the contract referred to in paragraph 1 shall be governed by the law of the Member State in which the data exporter is established.”

(c) Appendix 1 to such Standard Contractual Clauses shall be populated with the corresponding information set out in Annex 1 (Data Processing Details); and

(d) Appendix 2 to such Standard Contractual Clauses shall be populated as follows:

“The technical and organisational security measures implemented by the data importer in accordance with Clauses 4(d) and 5(c) are those established and maintained under Paragraph 4 of the Data Processing Schedule.”

11.3 The Standard Contractual Clauses shall be deemed to come into effect under Paragraph 11.1 automatically upon the commencement of the relevant Restricted Transfer provided that Paragraph

11.1 Shall not apply to a Restricted Transfer unless its effect is to allow the relevant Restricted Transfer and the associated Processing to take place without breach of applicable Data Protection Laws.

11.4 Respect of any Standard Contractual Clauses entered into with a Sub processor in accordance with 10.1 Customer hereby appoints growyze as its agent for the limited purpose of enabling growyze to enter into such Standard Contractual Clauses in its name and on its behalf.


Customer acknowledges and agrees that growyze shall be freely able to use and disclose Anonymised Data for growyze’s own business purposes without restriction.


13.1. Customer warrants and represents on an ongoing basis, and further undertakes that it shall not (and shall ensure that its Personnel shall not) cause growyze or its Sub processors to Process any:

  1. Special Categories of Personal Data referred to in Article 9(1) of the GDPR; or
  1. any Personal Data relating to criminal convictions or offences.

13.2. Customer will indemnify and hold harmless growyze and its employees, officers, directors and agents from and against any and all liabilities, losses, damages, costs, fines and other expenses (including legal costs and fees) arising from or relating to any breach by Customer of this Paragraph 13.

13.3. Any and all limitations on liability set out in the Contract shall not apply to liability arising under or in connection with the indemnity set out in Paragraph 13.2.


14.1. In the event that there is a change in the Data Protection Laws that growyze considers (acting reasonably)would mean that growyze is no longer able to provide the Services (including any Processing and/or Restricted Transfer(s) of Customer Personal Data) in accordance with its obligations under Data Protection Laws, growyze reserves the right to make such changes to the Services and to amend any part of this Data Processing Schedule as it considers reasonably necessary to ensure that growyze is able to provide the Services in accordance with Data Protection Laws.

14.2. In the event that Customer considers (acting reasonably) that any required changes made either to the Services and/or this Data Processing Schedule pursuant to Paragraph 14.1 will cause material and irreparable harm to Customer may terminate the Contract in its entirety upon written notice to growyze with immediate effect.


15.1. Customer acknowledges and agrees that (as between the Parties) growyze shall be freely able to use and disclose (without restriction) the Controller Data for any such purposes as growyze may in its sole discretion determine.

15.2. To the extent that any Controller Data constitutes Personal Data for the purposes of the Data Protection Laws, growyze:

  1. shall be an independent Data Controller in respect of such Controller Data;
  1. may independently determine the purposes and means of its Processing of such Controller Data.


16.1. This Data Processing Schedule shall be incorporated into and form part of the Contract.

16.2. In the event of any conflict or inconsistency between:

  1. this Data Processing Schedule and the Terms or the Service Level Agreement, this Data Processing Schedule shall prevail; or
  1. Any Standard Contractual Clauses entered into pursuant to Paragraph 11 and this Data Processing Schedule, those Standard Contractual Clauses shall prevail.


Annex 1 Data Processing Details

This Annex 1 to the Data Processing Schedule Includes certain details of the Processing of Customer Personal Data: as required by Article 28(3) GDPR; and (where applicable in accordance with Paragraph 11) to populate Appendix 1 to the Standard Contractual Clauses.

Growyze’s activities

-  Billing, Marketing, User Registration, Authentication and Authorisation

Subject matter and duration of the Processing of Customer Personal Data

The subject matter and duration of the Processing of the Customer Personal Data are set out in the Terms and the Data Processing Schedule.

The nature and purpose of the Processing of Customer Personal Data

-  Billing, Marketing, User Registration, Authentication and Authorisation in the course of, and for the purpose of, providing the Services to Customer.

The types of Customer Personal Data to be Processed

-  Personal Data: any Personal Data contained in any Content and any other Personal Data pertaining to Users that is Processed by or on behalf of growyze on behalf of Customer in the course of providing support services under the Contract (excluding any Controller Data).

-  Special Categories of Personal Data (if any): None.

The categories of Data Subjects To whom the Customer Personal Data relates

-  Data Subjects Whose Personal Data is contained in any Content.

-  Users of the Service.

The obligations and rights of Customer

The obligations and rights of Customer are set out in the Terms and the Data Processing Schedule.

*Updated June 2024

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.