You can read recent changes to our Terms of Service on the Terms of Service updates page.
We have updated Optimal Workshop’s Terms of Service. If You are a new Customer, these Terms of Service are effective from 26 June 2024. If You are an existing Customer, Optimal Workshop is providing You with prior notice of these changes which will be effective from 10 July 2024.
These Terms specify the agreement between You and Optimal regarding the Services. They set out our obligations as a service provider and Your obligations as a customer. Please read them carefully. These Terms apply from the time that You access the Services. By using the Services You acknowledge that You have read and understood and agree to be bound by these Terms. If You are using the Services on behalf of a business, You represent to Us that You have authority to bind that business or entity to these Terms and that business accepts these Terms, in which case the terms “Customer”, “You”, and “Your” when used in these Terms refers to that entity and its Affiliates. The Services are provided for the length of term chosen by You in the Online Registration Service or (if applicable) an Order Form, subject to Optimal’s right to suspend the Services or terminate these Terms in accordance with clause 20. These Terms incorporate each Order Form stated to be subject to these Terms and either signed or agreed in writing by the parties (including by way of email).
2.1. Optimal’s license to You. Provided You comply with these Terms, Optimal grants You the right to access and use the Services You have purchased via the Website and according to Your subscription type. This right is non-exclusive, non-transferable, and limited by and subject to these Terms.
3.1. Optimal may make changes to the Services. Provided that the Services continue to substantially comply with the description set out in the Service Description, Optimal may at any time modify the Services, the Optimal Materials and Technology and/or the manner in which the Services are delivered. We will notify You if We make a significant change to the Services. You acknowledge and agree that: (a) as a software as a service provider, Optimal needs flexibility to make changes to functionality and roll out improvements to the Services in order to scale the Services for all its customers; and (b) Optimal cannot agree to one customer imposing restrictions or requiring consent on changes to its Services, including changes that could hinder or prevent Optimal’s ability to roll out changes to functionality, improvements to its Services, or to generally operate its Services across its customer base.
4.1. Purpose limitation. You must only use the Services and Website for Your own lawful internal business purposes of designing, executing, and recruiting participants for user research studies, in accordance with these Terms and any notice sent by Optimal or condition posted on the Website. You must also comply with all applicable laws that apply to You under these Terms (including Applicable Data Protection Laws).
4.2. Compliance with Site Policies. You agree to abide by the requirements or restrictions specified in the Online Registration Service and any Order Form (including the limitations for number of seats), and Optimal’s Privacy Policy/Notice (available here: Privacy Notice) which explains how We process any personal information We collect. For additional details of our terms regarding privacy, data, and data processing please see clauses 16, 17 and 18, below.
4.3. Age requirements. You must not access or use the Services if You are under the age of 16.
4.4. Customer use restrictions. As a condition of access, when accessing and using the Services, You must not: (a) impersonate another person or misrepresent authorisation to act on behalf of others or Optimal; (b) resell or make available the Services to any third party, or otherwise commercially exploit the Services (unless otherwise agreed in writing by Optimal); (c) use or misuse the Services in any way which may impair the functionality of Optimal’s systems or impair the ability of any other user to use the Services; (d) attempt to undermine the security or integrity of or gain unauthorised access to any of Optimal's computing systems or networks or any third party’s computing systems or networks; (e) transmit, or input into the Services or the Website, any files that may damage any other person's computing devices or software (including by introducing any malicious software or code); (f) attempt to modify, copy, adapt, reproduce, disassemble, decompile, or reverse engineer any computer programs or systems used to deliver the Services or to operate the Website; (g) grant or assign rights in the Services or the Optimal Materials and Technology in any way (except that You may distribute the information created by You in Your use of the Services); (h) create any works based on, or copy, the Optimal Materials and Technology or the Services or access the Services in order to build or supply a similar or competitive product or service; (i) place any payment card information or any protected health information on the Services and You acknowledge that the Services are not compliant with the requirements of the Payment Card Industry Data Security Standard or the Health Insurance Portability and Accountability Act 1996; (j) use the Services in connection with any unlawful, illegal, fraudulent or harmful purpose or activity as reasonably determined by Optimal; or (k) use the Services in a manner, nor transmit, input or store any Customer Data, that breaches any third party right (including Intellectual Property Rights and privacy rights) or is incorrect or misleading.
4.5. Personnel. The following applies to Your personnel who access and use the Services: (a) You may authorise any member of Your personnel to be a User, in which case You will provide Optimal with the User’s name and other information that Optimal reasonably requires in relation to the User; (b) No individual other than a User may access or use the Service; (c) You must procure each User’s compliance with clauses 4.1 to 4.4, the requirements or restrictions specified in the Online Registration Service and any Order Form, and any other reasonable condition notified by Optimal to You; (d) Without limiting clause 4.5(c), You are responsible for ensuring that all Users comply with these Terms. Any breach of these Terms by Your personnel (including, to avoid doubt, a User) is deemed to be a breach of these Terms by You.
5.1. Fees. The applicable Service Fee for the Services is specified on the Site or an Order Form (as applicable). The Service Fees exclude Sales Tax which You must pay on taxable supplies under these Terms. You must pay the Service Fees in advance, electronically in cleared funds without any set off or deduction, and within 30 days of receipt of Optimal’s invoice or any date set out in the Order Form (as applicable).
5.2. Renewals and changes to Fees. If You have selected to receive the Services for a fixed term, that term will automatically renew for further terms of equal duration unless either party provides prior notice to the other that they do not intend to renew at the end of the then current term. Each renewal will incur a further Service Fee. We may change the Service Fees at any time. If You have selected to receive the Services for a term, any changes will commence at the beginning of any renewal term. No refund will be provided, including refunds for failure to terminate Your subscription prior to renewal, for selection of an incorrect product or for early termination by Optimal or You.
6.1. Accuracy of account details. You agree to provide Us with accurate and complete registration and account information and to maintain and promptly update that information in the event of any changes to ensure it is current at all times.
6.2. No account sharing and security of account details. Your account details are specific to You and may not be shared with any other person. You agree: (a) to keep Your login details confidential and secure and that you will not share them with others; (b) that you are solely responsible for all activity in connection with access to and use of the Services and/or Website through Your account or using Your login; (c) that if You know or suspect that Your login information has or is likely to become used in an unauthorised way, You must immediately change Your password. If You are unable to change Your password, You must immediately notify Optimal by email at support@optimalworkshop.com. We may request that You change Your password(s) in connection with the Services at any time, and You will promptly comply with any such request and all reasonable directions We issue in relation to the Services.
7.1. Support and Service Level Agreement (“SLA”). You may email any support queries to Optimal at support@optimalworkshop.com and Optimal will endeavour to respond in accordance with its current SLA made available on its Website. Optimal will not charge You additional fees for support provided in response to such queries. Except as set out in Our SLA, nothing in this clause commits Optimal to a course of action or priority or to a timeframe for any response it may make to support queries. Your sole remedy in the event We breach the SLA is to have the Services supplied again.
8.1. Participant credits. If You purchase pre-paid recruitment credits: (a) We will provide survey participants within 7 days of Your request; (b) where We have provided survey participants, if You are not satisfied with the survey participants You must advise Us within 5 days and We will provide alternative survey participants within 7 days; (c) no refunds are available for pre-paid recruitment credits; (d) You must not request uniquely identifying or personal information, for example, name and email address, from these survey participants; (e) where participants are provided by a third party participant panel provider, You must abide by any applicable third party terms and conditions communicated to You; and (f) all pre-paid recruitment credits expire 12 months after purchase, or immediately if You no longer maintain a current paid subscription to the Services.
9.1. Mutual warranties. Each party warrants: (a) it has full power, capacity, and authority to accept, deliver and perform its obligations under these Terms; and (b) once accepted, these Terms constitute legal, valid, and binding obligations and are enforceable in accordance with its terms.
9.2. Optimal warranties. Optimal warrants that the Service will perform substantially in accordance with the Service Description.
9.3. Your warranties. You warrant that You will not transmit, or input into the Services or the Website: (a) any protected health information as defined in the Health Insurance Portability and Accountability Act of 1996 (US); or (b) any cardholder data as defined in the Payment Card Industry Data Security Standard.
10.1. No other warranty. Other than the warranties in clause 9, Optimal makes no other warranty, representation, guarantee, express or implied, whether by statute, common law, customer, usage or otherwise in respect of the Services and as to any other matter, including that Optimal does not warrant that the Services or the Customer Data will be compatible with any application, program or software not specifically identified as compatible, free from defects, errors and bugs, or fit for any particular purpose.
10.2. Third party communication networks. Optimal is not responsible for any delays, delivery failures, or any other loss or damage resulting from the transfer of data over third party communication networks or facilities, including the internet, and You acknowledge that the Services may be subject to limitations, delays and other problems inherent in the use of such communication networks or facilities.
10.3. Breach of warranty. To avoid doubt, all implied conditions or warranties are excluded in so far as is permitted by law, including warranties of merchantability, fitness for purpose, title, and non-infringement. Where legislation or rule of law implies into these Terms a condition or warranty that cannot be excluded or modified by contract, the condition or warranty is deemed to be included in these Terms. However, Optimal’s liability for any breach of that condition or warranty is limited, at Optimal’s option, to: (a) supplying the Services again; and/or (b) paying the costs of having the Services supplied again.
10.4. Consumer Guarantees Act 1993. You are acquiring the Services for the purposes of a business and the Consumer Guarantees Act 1993 does not apply to these Terms.
10.5. Exclusions. The warranty in clause 9.2 will not apply where the Service is provided at no charge or to the extent any non-conformance is caused by: (a) Your use of the Services contrary to Optimal’s instructions or in breach of these Terms; or (b) You, or by any product or service not provided by Optimal.
11.1. Warranty claims. To make a claim under the warranty in clause 9.2, You must send an email to support@optimalworkshop.com indicating clearly in what way the Service fails to perform in accordance with the warranty.
11.2. Your remedy. Your sole and exclusive remedy and Optimal’s entire liability for breach of the warranty in clause 9.2 will be as follows: (a) Optimal will, at its reasonable expense, use all reasonable commercial endeavours to correct any such non-conformance promptly, or provide You with an alternative means of accomplishing the desired performance; or (b) if Optimal fails to re-perform such non-conformance within 30 days, then You may terminate these Terms by written notice to Optimal, subject to termination occurring within three months of Optimal’s failure to re-perform.
12.1. Liability disclaimer. To the greatest extent possible in accordance with applicable laws, We specifically disclaim any liability (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental or consequential damages arising out of or in any way connected with Your access to or use of the Services or the Website.
12.2. Optimal’s liability is limited. In all cases where our liability is not excluded: (a) subject to clause 12.2(b), our maximum aggregate liability under or in connection with these Terms, for all events arising in any twelve month period whether in contract, equity, tort (including negligence), breach of statutory duty, indemnity, or otherwise, will not exceed the total annual Service Fees paid or payable in that twelve month period. Each “twelve month period” commences on the date You accept these Terms or any anniversary of that date; and (b) We will not be liable for any indirect or consequential loss or damage, loss of profits or savings, loss or corruption of data or information, or faults and/or errors in third party products incorporated into the Services.
12.3. Right of termination. Your only right with respect to dissatisfaction or problems with the Service, other than as provided for in clause 12, is to terminate these Terms.
12.4. No responsibility for third party websites or feeds. You acknowledge that the Services may link to third party websites or feeds that are connected or relevant to the Services. Any link from the Services does not imply any Optimal endorsement, approval, or recommendation of, or responsibility for, those websites or feeds or their content or operators. To the maximum extent permitted by law, Optimal excludes all responsibility or liability for those websites or feeds.
13.1. Your indemnity. You indemnify Optimal against all liability, claim, proceeding, cost, damages, expense (including Optimal’s legal fees on a solicitor and own client basis) and loss of any kind arising from (a) Your breach of any of these Terms or any obligation You may have to Optimal, including any third party claims and any costs relating to the recovery of any Service Fees that are due but have not been paid; and (b) any actual or alleged claim by a third party that any Customer Data infringes the rights of that third party (including Intellectual Property rights and privacy rights) or that the Customer Data is incorrect or misleading.
13.2. IP Claims brought against Customer. Optimal indemnifies You against any claim or proceeding brought against You by any third party alleging that Your use of the Services in accordance with this Agreement constitutes an infringement of a third party’s Intellectual Property Rights (IP Claim). This indemnity is subject to You: (a) promptly notifying Optimal in writing of the IP Claim; (b) making no admission of liability and not otherwise prejudicing or settling the IP Claim, without Optimal’s prior written consent; and (c) giving Optimal complete authority and information required for Optimal to conduct and/or settle the negotiations and litigation relating to the IP Claim. The costs incurred or recovered are for Optimal’s account.
13.3. Defence and settlement of IP Claim. In the event an IP Claim is made or likely to be made, then in defence or settlement of the IP Claim, Optimal may (at Optimal’s option): (a) procure for You the right to continue using the Services which is subject to the IP Claim under these Terms; or (b) re-perform, replace or modify the Services to be non-infringing without a material decrease in functionality.
13.4. Exclusive remedy and limitations: The provisions of clause 13.3. and 13.4. state the sole, exclusive, and entire liability of Optimal (including Optimal’s related companies) to You, with respect to any IP Claim. The indemnity in clause 13.2. does not apply to the extent that an IP Claim arises from or in connection with: (a) Your breach of these Terms; (b) any third party data You input into the Services or the Customer Data; (c) a modification of the Services or Documentation by anyone other than Optimal; (d) Your use of the Services or Documentation in a manner or for a purpose not reasonably contemplated by this Agreement or otherwise not authorised in writing by Optimal; (e) use of any Services provided for no charge; or (f) Your use of the Services or Documentation after notice of the alleged or actual infringement from Optimal.
14.1. General confidentiality obligations. Each party must, unless it has the prior written consent of the other party: (a) keep confidential at all times the Confidential Information of the other party; (b) effect and maintain adequate security measures to safeguard the other party’s Confidential Information from unauthorised access or use; and (c) disclose the other party’s Confidential Information to its personnel or professional advisors on a need to know basis only and, in that case, ensure that any personnel or professional advisor to whom it discloses the other party’s Confidential Information is aware of, and complies with the provisions of this clause.
14.2. Permitted disclosures. Clause 14.1 will not apply to any disclosure or use of Confidential Information: (a) for the purpose of performing these Terms or exercising a party’s rights under these Terms; (b) if that information was known, or becomes known, to the public through no act or default of the recipient; (c) that the recipient is required by law to disclose so long as the recipient provides notice of the required disclosure promptly upon receipt of notice of the required disclosure (if it is permitted to do so by law); (d) which is rightfully received by a party to these Terms from a third party without restriction and without breach of any obligation of confidentiality; or (e) to the extent that such disclosure is authorised by these Terms or in writing by the party from whom the Confidential Information is first received.
15.1. Optimal Materials and Technology. You acknowledge and agree that Optimal or its licensor is and remains the sole owner of, and retains all Intellectual Property Rights in the Optimal Materials and Technology, the Services, the Website and any derivative works of them. Except for the right to access and use the Services and the Website provided for in these Terms, You do not obtain any rights in the Optimal Materials and Technology or the Services or any licence to any software.
15.2. Know-how and Feedback. To the extent not owned by Optimal, You grant Optimal a royalty-free, transferable, irrevocable, and perpetual licence to use for Optimal’s own business purposes any know-how, techniques, ideas, methodologies, and similar Intellectual Property used by Optimal in the provision of the Services. If You provide Optimal with Feedback then: (a) all Intellectual Property Rights in that Feedback, and anything created as a result of that Feedback (including new material, enhancements, modifications or derivative works), are owned solely by Optimal; and (b) Optimal may use or disclose the Feedback for any purpose, provided that Optimal does not publicly identify You as the source of such Feedback without Your consent.
15.3. Your brand. Optimal may identify You as a user of the Services on the Website and in its marketing and other promotional materials. You grant Optimal a non-exclusive, royalty-free license to use, publish and display Your name, trade marks, logos and designs (Brands) for these purposes. Optimal will use the Brands only in accordance with any usage and marketing guidelines provided by You in writing from time to time. You may (acting reasonably and after consultation with Optimal) withdraw Optimal’s rights under this clause at any time by written notice to Optimal.
16.1. Customer Data. You own the title to, and all Intellectual Property Rights in, the Customer Data. You grant Optimal a worldwide, non-exclusive, fully paid up, transferable, irrevocable licence to use, store, copy, make available, and communicate the Customer Data for the purpose of Optimal providing, offering promotions and marketing to You (including the option to participate in Optimal’s studies or product research), and developing, improving, supporting, and operating, the Services. Optimal may also use general platform usage data, and aggregated and anonymous information derived from the Customer Data, for its legitimate business purposes, including internal research, improving the Services, and carrying out artificial intelligence and machine learning (statistical data). This right to use statistical data survives termination or expiry of these Terms. Title to, and all Intellectual Property Rights in, this statistical data is and remains Optimal’s property. For clarity, nothing in this clause 16.1 gives Optimal the right to publicly identify You or any individual user as the source of such statistical data.
16.2. Responsibility for Customer Data. In relation to Customer Data, You acknowledge and agree that You are responsible for procuring, and must procure, all licences, authorisations and consents required for You, Your personnel and any survey participants to use the Services, including to use, store and input Customer Data through, the Services.
16.3. Processing of personal information. You acknowledge and agree that: (a) to the extent Customer Data contains personal information, in collecting, holding and processing that information through the Service, We are acting as Your agent for the purposes of the Privacy Act 2020 (New Zealand) and any other applicable privacy law, as the data processor for the purposes of the EU/UK Data Protection Laws and as the service provider for the purposes of California Data Protection Law (as applicable); (b) if EU/UK Data Protection Laws apply, the additional terms in the Data Processing Terms set out in Schedule 1 also form part of these Terms; (c) if California Data Protection Law applies, the additional terms in the CCPA/CPRA Service Provider Agreement as set out in Schedule 2 of the Data Processing Terms also form part of these Terms; (c) You are responsible for, and must obtain all necessary consents from the relevant individual to enable Optimal and its personnel (including any sub-processors) to access, collect, use, hold and process that personal information and to exercise any right and perform any obligation under these Terms; and (d) to avoid doubt: (i) when using the Services, You are responsible for determining the questions that are asked of survey participants (including assessing the spectrum of answers that may result, and including any personal information that may be inputted into the Services by survey participants in response to such questions); and (ii) Optimal has no responsibility or liability for such questions or any answers provided in response to such questions.
16.4. Right to export or delete Customer Data. Subject to clause 21.2, You may export or delete the Customer Data including Your surveys and related participant responses at any time. If You request Optimal to delete any Customer Data by written notice Optimal will process the deletion within 30 days, and the information will be retained for a further 30 days before being permanently destroyed.
16.5. Customer Data for team accounts. Where You have an account that allows team members to generate and access surveys in relation to that account, You are responsible for any action by such team members including all data that team members incorporate or enter into the Services.
17.1. Data Processing Agreement. The Data Processing Agreement set out in Schedule 1 of the Data Processing Terms applies to the extent that Optimal is processing personal information subject to EU/UK Data Protection Laws in the course of the performance of the Services.
17.2. CCPA/CPRA Agreement. The CCPA/CPRA Service Provider Agreement set out in Schedule 2 of the Data Processing Terms applies to the extent that Optimal is processing personal information subject to California Data Protection Law in the course of the performance of the Services.
18.1. Our environment. We will use reasonable efforts to provide a secure environment to protect the integrity and security of the Service and Your information and to prevent data loss. We provide no guarantee or warranty in relation to data loss or data breaches. You are responsible for backing up the Customer Data uploaded onto the Services.
18.2. Breach Incidents. If We become aware of any accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information that is part of the Customer Data (Breach Incident), We will: (a) make reasonable efforts to identify the cause of the Breach Incident; (b) comply with all Applicable Data Protection Laws requiring notification of the Breach Incident (including informing You without undue delay); (c) cooperate with You in good faith and provide any assistance reasonably necessary for You to comply with Your obligations under Applicable Data Protection Laws with respect to the Breach Incident, including any obligations You have under Applicable Data Protection Laws to report, notify or investigate the Breach Incident; (d) take the steps We consider necessary and reasonable to remediate and mitigate the cause of the Breach Incident and impact of its effects, to the extent remediation or mitigation is within our reasonable control; and (e) notify You of any subsequent changes to the Website or Services.
19.1. Your right to cancel. You can cancel Your account and/or terminate Your access to and use of the Services at any time by email sent to support@optimalworkshop.com.
19.2. No refund. If You selected to purchase the Services for a fixed term and You cancel Your account or terminate Your access to and use of the Services before the end of that fixed term, Optimal will not provide any refund for any remaining prepaid period for the fixed term.
19.3. Free trial accounts. Optimal may provide You with a free trial account on a discretionary basis. If You have had a free trial account for 7 days or more, and have not elected to upgrade to a paid account, Optimal may, at any time on notice to You, cancel Your access to and use of the Services with immediate effect.
20.1. Optimal’s termination rights. Optimal may immediately terminate these Terms and/or Your use of and access to the Services and the Website, or suspend for any definite or indefinite period of time, Your access to and use of the Services and the Website, if: (a) You breach any of these Terms and the breach is not capable of being remedied; (b) You breach any of these Terms where the breach is capable of being remedied but You do not remedy the breach within 10 days after receiving notice of the breach; (c) You or Your business become insolvent, go into liquidation, have a receiver or manager appointed, make any arrangement with Your creditors, or become subject to any similar insolvency event in any jurisdiction; (d) Your continued use of the Service may result in material harm to Optimal services or any of its users, (e) Your continued association with Optimal does or is likely to harm Optimal’s reputation.
20.2. Failure to pay the Fees. Optimal may immediately terminate these Terms, or suspend for any period of time, Your access to and use of the Services and the Website if you fail to pay the applicable Service Fees by the payment due date.
20.3. Order Form term. Unless terminated under clause 20.4, each Order Form begins on the start date set out in that Order Form, and will be in effect for the term set out in that Order Form.
20.4. Termination or expiry of Order Form. An Order Form will terminate on the earlier of: (a) expiry or termination of these Terms for any reason; (b) the date a party gives notice of termination; or (c) the end date (if any) specified in an Order Form.
20.5. Notification. Where We take any action under this clause 20, We will promptly notify You.
21.1. Service Fees and access to the Services. Termination of these Terms is without prejudice to any rights and obligations of the parties accrued up to and including the date of termination. On termination of these Terms: (a) any Service Fees paid in advance will not be refunded and You will pay any outstanding Service Fees up to the effective date of termination; and (b) You (including any user authorised by You) may no longer access or use the Services.
21.2. Your Customer Data. On termination of these Terms, Optimal will hold Customer Data for 30 days before permanently deleting the Customer Data, unless otherwise required by applicable law and such Customer Data will be subject to the confidentiality obligations in these Terms.
21.3. Survival. Clauses 12, 13.1, 14, 15, 16.4 and 23.8, survive the expiry or termination of these Terms.
22.1. Availability. Subject to clause 22.2 and Optimal’s current SLA, Optimal will use reasonable efforts to ensure the Services are available on a 24/7 basis. However, it is possible that on occasion the Services may be unavailable to permit maintenance or other development activity to take place, or during a Force Majeure Event. Optimal will use reasonable efforts to publish advance details of any unavailability on the Website.
22.2. Third party service features. Through the use of web services and APIs, the Services interoperate with a range of third party service features. Optimal does not make any warranty or representation on the availability of any such features. Without limiting the previous sentence, if a third party feature provider ceases to provide that feature or ceases to make that feature available on reasonable terms, Optimal may cease making that feature available to You. To avoid doubt, if Optimal exercises its right to cease the availability of a third party feature, You are not entitled to any refund, discount or other compensation.
23.1. Changes to the Terms. We may amend these Terms at any time. We will let You know about the changes either by posting the revised version of the Terms on the Website, by notifying You in accordance with clause 23.2, or by communicating it to You through the Services. Revised terms will be effective from the time they are posted, but will not apply retroactively. Your continued use of the Services after the posting of revised terms constitutes Your acceptance of such revised terms.
23.2. Notices. Optimal will deliver all notices under these Terms by email sent to the email address used by You to register for the Services. You will deliver any notice by email sent to support@optimalworkshop.com.
23.3. Entire Agreement. These Terms (including any Order Form) and the terms of any other notices or instructions We give to You under these Terms constitute the entire agreement between You and Optimal and govern Your use of the Services and Website, except for, and then only to the extent that You have entered into an Optimal Service Agreement. These Terms supersede any prior agreements or earlier versions of these Terms between You and Optimal for the use of the Services and Website as of the effective date indicated at the beginning of these Terms. The parties agree that the confidentiality obligations set out in clause 14 will override and supersede all previous confidentiality obligations agreed between the parties in any non-disclosure agreement or other confidentiality agreement executed between the parties prior to the date You accept these Terms.
23.4. Delays. Neither party will be liable for any delay or failure in performance of its obligations under these Terms to the extent caused by a Force Majeure Event. This clause does not apply to any obligation to pay money.
23.5. No Assignment. You may not assign or transfer any rights to any other person without Optimal's prior written consent.
23.6. Waiver. The failure by any party to enforce any provisions of these Terms at any time shall not operate as a waiver of that provision in respect of the particular act or omission or any other act or omission.
23.7. Severability. If any term or provision of these Terms is held to be illegal, invalid, or unenforceable it will be severed from these Terms without affecting the legality, validity, or enforceability of the remaining provisions.
23.8. Governing law. These Terms are governed by the laws of New Zealand, and each party irrevocably submits to the non-exclusive jurisdiction of the New Zealand courts.
23.9. Jurisdictional Matters. If You are residing in a jurisdiction which restricts the use of internet-based applications according to age, or which restricts the ability to enter into agreements such as these Terms according to age and You are under such a jurisdiction and under such age limit, You may not enter into these Terms and access or use the Service. If You are residing in a jurisdiction where it is forbidden by law to offer or use software for internet communication, You may not enter into these Terms and You may not access or use the Service. By entering into these Terms, You represent that You have verified in Your own jurisdiction that Your use of the Service is allowed.
23.10. Subcontracting. Optimal may hire or engage one or more sub-contractors to perform any or all of its obligations under this Agreement. Optimal will use the same degree of care in selecting any such sub-contractor as it would if such contractor was being retained to provide similar services to Optimal and Optimal shall in all cases remain responsible for all of its obligations under this Agreement. You acknowledge that the Data Processing Terms includes certain provisions concerning sub-contractors who are sub-processors.
24.1. Interpretation. In these Terms, unless the context otherwise requires: (a) the singular includes the plural and vice versa; (b) a reference to materials means a reference to materials of any kind whether in the form of documentation, software or otherwise; (c) a reference to Optimal includes reference to its successors and permitted assigns (and where the context so permits) its personnel, sub-contractors and representatives; (d) any agreement not to do a thing also constitutes an agreement not to suffer or permit or cause that thing to be done; (e) the words “includes” and “including” are to be read as being followed by the words “without limitation”; and (f) a reference to any documentation and the Website includes as varied or substituted.
24.2. Acts of personnel. An act or omission of any personnel of either party to these Terms is deemed to be the act, omission or misconduct of that party.
24.3. Precedence. If there is any conflict or inconsistency between the documents, the following order of precedence must apply, unless otherwise stated to the contrary in any Order Form or variation agreement by cross-referring to the relevant clause to be overridden: (a) any applicable Schedules; (b) these Terms; and (c) any applicable Order Form.
Applicable Data Protection Laws means where applicable, the EU/UK Data Protection Laws, California Data Protection Law, and the New Zealand Privacy Act 2020.
Business Day means any day of the year other than a Saturday, a Sunday, a New Zealand public holiday or Wellington anniversary day, and a reference to days, other than Business Days, is a reference to any calendar day of the year.
California Data Protection Law means the California Consumer Privacy Act of 2018 and the
California Privacy Rights Act of 2020 and their implementing regulations.
CCPA/CPRA Service Provider Agreement means the CCPA/CPRA service provider agreement set out in Schedule 2 of the Data Processing Terms.
Confidential Information means these Terms (including the Service Fees), any information that is not public knowledge and that is obtained from the other party in the course of, or in connection with, these Terms, the Optimal Materials and Technology and any other Optimal commercially sensitive materials and proprietary methodologies, the Customer Data, personal information as defined in the New Zealand Privacy Act 2020, any personal information and material marked “Confidential” or with a similar marking, or which, by its nature, is apparent as confidential.
Customer Data means all data, content, and information (including personal information, Your studies and study results) submitted by the You or on Your behalf to the Services or collected and processed by You or on Your behalf using the Services.
Data Processing Agreement means the data processing agreement set out in Schedule 1 of the Data Processing Terms.
Data Processing Terms means the Data Processing Terms published on the Website (as updated from time to time).
Documentation means all documentation relating to the provision of the Services provided by Optimal including the documentation published on the Website.
EU/UK Data Protection Laws means all laws and regulations of the European Union and its member states, and the United Kingdom, that apply to the processing of Customer Data under these Terms, including (where applicable) the GDPR and the UK Data Protection Laws.
Feedback means comments, ratings, sentiments, information, questions, data, ideas, descriptions of processes, or other information relating to the Services that is submitted to Optimal by You or by Your Permitted Users.
Force Majeure Event means an event beyond the reasonable control of either party which makes it impossible or illegal to perform, or prevents compliance with, or the performance of, that party’s obligations under these Terms, excluding any event: (a) that could have been avoided by a party taking reasonable steps or reasonable care; (b) for which the affected party is or was directly responsible; (c) constituted by the failure of a sub-contractor, except to the extent that the sub-contractor was subject to a Force Majeure Event; or (d) constituted by the insolvency of either party or lack of funds.
GDPR means the European Union General Data Protection Regulation 2016/679.
general platform usage data means (i) aggregated and anonymised data about interactions with the Services’ product features by the Customer, the Customer’s Permitted Users, or Participants; and (ii) de-identified records of any interaction with the Services, provided that no Customer Data is retained in such records.
Intellectual Property Right includes copyright and all worldwide rights conferred under statute, common law or equity in relation to inventions (including patents), registered and unregistered trade marks and designs, circuit layouts, data and databases, confidential information, know-how, and all other rights resulting from intellectual activity. Intellectual Property has a consistent meaning, and includes any enhancement, modification, or derivative work of the Intellectual Property.
Online Registration Service means the online registration service and sign-up workflow on the Website completed by You for Your purchase of the Services.
Optimal, We, Our and Us means Optimal Workshop Limited (New Zealand Registered Company number 1973791) and includes its successors and assigns.
Optimal Materials and Technology means the materials and technology used by Optimal and its sub-contractors in relation to the Services including software, equipment and technology, methodologies and business processes, and materials including technical information, templates, design documents and the Documentation, and includes any enhancement, modification, or derivative work of those materials and technology.
Optimal Service Agreement means a separate written agreement entered into between You and Optimal for the provision and use of the Services.
personal information means information about an identifiable, living person, and includes personal data, personally identifiable information and equivalent information under Applicable Data Protection Laws.
Sales Tax means any sales tax, goods and services tax, value added tax, or equivalent tax payable under any applicable law.
Service Description means the description of the Services set out in these Terms, any Order Form, and the Website.
Service Fees means the fees payable by You for the Services under these Terms, as may be set out in an applicable Order Form.
Service Level Agreement means the Service Level Agreement published on the Website (as updated from time to time).
Services means the provision of Optimal’s user research platform and tools which assists organisations to understand customer behaviours and improve products and customer experiences which is to be provided in the form of online services, in accordance with these Terms.
Order Form means any statement of work, order form, or agreed quote in relation to the Services that satisfies the requirements of clause 1.
statistical data has the meaning set out in clause 16.1.
Terms means these Terms of Service, the Service Level Agreement, and the Data Processing Terms (as applicable), as amended from time to time by Optimal, and any Order Form signed or agreed by the parties on or after the date of these Terms.
UK Data Protection Laws means all laws relating to data protection, the processing of personal data, privacy and/or electronic communications in force from time to time in the UK, including the UK GDPR and the UK Data Protection Act 2018.
UK GDPR has the meaning given in the UK Data Protection Act 2018.
User means any of Your personnel who are authorised to access and use the Services on Your behalf in accordance with clause 4.
Website means the Optimal Workshop website at optimalworkshop.com.
You means you as the customer of the Services and Your has a corresponding meaning.
This SLA sets out the terms on which Optimal will provide Support Services to the Customer and forms a part of Optimal’s Terms of Service (“Terms”).
Unless the context requires otherwise, capitalised terms used in this SLA have the meanings given to them in the Terms and in addition:
Actual Availability means Scheduled Availability minus Unavailability.
Available means that the Services are:
a. accessible; and
b. materially performing in conformity with the Documentation.
Documentation means the user and technical documentation designed to assist the Customer to properly access and use the Services (if any), and includes any update of the documentation.
Error means any bugs, defects, errors, or vulnerabilities affecting the Services that constitutes or results in any function, process or component of the Services not operating in accordance with the Documentation or, where there is no Documentation, not operating as reasonably contemplated by Optimal.
Excluded Event means Errors that are due to:
a. any breach of the Terms by the Customer;
b. defects, errors, failures or outages in the Customer’s or third party systems, except to the extent caused or contributed to by Optimal;
c. defects or errors arising from use of the Services by the Customer or its personnel in a manner contrary to the reasonable instructions or restrictions set out in the Documentation;
d. factors outside of Optimal’s reasonable control, including any Force Majeure Event or Internet access or related problems beyond the demarcation point of the Services (the demarcation point for the Services is Optimal’s hosting environment); or
e. Optimal’s suspension or termination of the Customer’s or its personnel’s right to use the Services in accordance with the Terms.
Scheduled Availability means 24 hours per day, 7 days per week, excluding System Maintenance.
Support Hours means the hours of 9 am to 5 pm AEST on Monday to Friday, other than any public holiday in New Zealand or Australia.
System Availability will be calculated on a calendar month basis using the following formula: (Actual Availability divided by Scheduled Availability) multiplied by 100%.
System Maintenance means time that the Services are not accessible to the Customer due to development or maintenance, including for maintenance and upgrading of the software and hardware used by Optimal to provide the Services. System Maintenance includes scheduled maintenance and unscheduled, emergency maintenance.
Unavailability means the time that the Services are not available, other than due to System Maintenance or an Excluded Event.
For so long as the Customer pays all Service Fees, and subject to the conditions in paragraphs 3 and 4 of this SLA, Optimal will perform the Support Services in accordance with this Schedule. Except as set out in any applicable Quote or Statement of Work, Optimal will provide the Support Services at no additional charge.
Nothing in the Terms requires Optimal to provide Support Services where the support is required as a result of or in connection with a breach of the Terms by the Customer, including use of the Services by the Customer or its personnel in a manner or for a purpose not reasonably contemplated by the Terms or not authorised in writing by Optimal.
The provision of support by Optimal under paragraph 2 of this Schedule is conditional on the Customer:
a. first using reasonable efforts to resolve the issue by referring to the Documentation; and
b. contacting Optimal by email during Support Hours at support@optimalworkshop.com, and stating 'technical support' in the subject line of the email. Optimal will have no liability for a failure or delay in providing the Support Services if the Customer fails to comply with this clause 4b.
a. Optimal will make technical support available to the Customer during the Support Hours. For priority 1 support instances, Optimal will make technical support available 24 hours a day, 7 days a week.
b. Optimal’s support personnel will provide the Customer with remote assistance for help in using and operating the Services and to accept reports of Errors or suspected Errors in the Services. Optimal will ensure that each of its personnel performing Support Services is experienced, knowledgeable and qualified in the use, maintenance and support of the Services.
c. Contact information for technical support is as follows: support@optimalworkshop.com.
Optimal will use reasonable efforts to meet the service levels set out in Table 1, based on the priority level Optimal assigns to each support incident as set out in Table 2, and subject to the terms set out in paragraph 7 of this Schedule:
The following terms apply to response, workaround and resolution service levels:
a. Response, workaround and resolution times are targets only. Optimal will use reasonable efforts to meet these targets but will have no liability to the Customer if the targets are not met.
b. For priority 2, 3, 4 or 5 support incidents, only hours and days within the Support Hours count towards response times.
a. Optimal will update the Services and make available to the Customer any and all patches, enhancements and new versions of the Services that Optimal makes generally commercially available (Updates) and any such Updates will be deemed part of the Services.
b. Except in the case of fixing an Error, Optimal is under no obligation to update or upgrade the Services or provide any such updates or upgrades unless set out in a Quote or Statement of Work and agreement is reached on pricing.
a. Optimal’s goal is to ensure that the Services are Available 24 hours a day, 7 days a week, except for System Maintenance (24x7 Availability). However, the parties recognize that 24x7 Availability is only a goal, and Optimal cannot guarantee such goal.
b. Optimal will use reasonable efforts to achieve System Availability of 99.9% or more each calendar month. The Customer recognizes that the Internet is comprised of numerous systems that are beyond any supplier’s control. Routing anomalies, asymmetries, inconsistencies and failures of the Internet outside of the control of Optimal can and will occur, and such instances will not be considered Unavailability.
Where maintenance activities are service affecting, Optimal will endeavour to schedule System Maintenance during the times specified in this paragraph 10. However, the parties agree that it may be necessary for Optimal to perform System Maintenance during other times, and Optimal reserves the right to do so. System Maintenance times are Mondays 8am – noon (NZST).
For the purpose of ensuring it meets the service levels set out in this SLA, Optimal monitors service health 24 hours a day, 7 days a week and maintains an internal escalation process.
Optimal will use reasonable efforts to backup all Customer Data entered into the Services since the last backup daily to Optimal’s backup location and maintain all backup files for at least 30 days. Upon the Customer’s request, Optimal will use reasonable efforts to restore data from backup files. Optimal will use reasonable efforts to ensure that backups do not cause system downtime. Optimal will use reasonable efforts to ensure that daily incremental backups in combination with weekly full backups are complete so that no more than 24 hours’ worth of data will be lost in the event of a disaster. Optimal will use reasonable efforts to restore Customer Data as requested by the Customer within 24 hours of the Customer’s written request.
We have updated Optimal Workshop’s Privacy Notice. If You are a new Customer, this Privacy Notice is effective from 15 February 2024. If You are an existing Customer, Optimal Workshop is providing You with prior notice of these changes which will be effective from 1 March 2024.
Optimal Workshop Limited (1973791) (we, us, our, Optimal Workshop) complies with the New Zealand Privacy Act 2020, the General Data Protection Regulation of the European Union (GDPR) and the equivalent laws of the United Kingdom (UK GDPR), the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act of 2020 (CPRA) (if applicable).
Personal information is information about an identifiable individual (a natural person), and includes personal data, personally identifiable information and equivalent information under applicable privacy and data protection laws.
This Privacy Notice does not limit or exclude any of your rights under the New Zealand Privacy Act 2020 or the GDPR, UK GDPR or CCPA/CPRA.
Optimal Workshop is a company headquartered in Wellington, New Zealand, and has a USA subsidiary. For more information about who we are, read our About Us page.
NZ Company Number: 1973791
Email: info@optimalworkshop.com
The name and contact details of our Data Protection Officer (DPO) for the purposes of the GDPR, UK GDPR and CCPA/CPRA are:
Name: Alex Burke
Email: privacy@optimalworkshop.com
This Privacy Notice applies to personal information we collect from visitors to our website, our customers and other persons with whom we deal directly.
Directly from you
We collect the following information directly from you.
When you register for, or login to, an account on our website or related services, or purchase services from us, we collect your name, email address, business address, location and any other information we require or ask for to set you up with an account.
We may collect some of this information using third-party authentication services (as described further in the “From Third-Party sources” section below).
When you request and attend a live demonstration of our services, we collect your name and email address and any other information you choose to provide to us.
When you fill in a contact or enquiry form on our website, use our live chat function, call us, meet us in person or otherwise contact us, we collect your name, email address, phone number and any other information and details you choose to provide to us.
When you sign up to our newsletter and other electronic alerts, we collect your name, email address, notification preferences and any other information you provide to us when you ask to receive our newsletter or other alerts.
When you respond to our feedback surveys, participate in our tool design studies or share a story through a case study submission, we collect your name, email address/location any other information and details you choose to include in your response or consent to us collecting during the session (including written notes, and audio and video recordings of the session).
Some of the personal information that we collect directly from you may be mandatory and some may be optional. We will let you know which of these applies at the time we collect the relevant personal information. While you do not have to provide us with some of the information that we may request, this might mean that our services may not perform as well as they should, or that we may not be able to provide some parts of the website or all of the services to you. If you require further information about the consequences of not providing us with any information, please contact us at privacy@optimalworkshop.com.
We use the third-party service provider Windcave to process credit card transactions. We do not have access to your credit card information. The name of this third party provider will generally be displayed when you are requested to enter your credit card information. Where requested in relation to the processing of credit card transactions, we will share your personal information with Windcave. You can see further information about how Windcave processes your credit card information in its privacy policy.
Automatically when you use our website
When you access and use our website or related services, or use a QR code to access our website, we may automatically collect information about your device and usage of our website, products and services, including your IP address, operating system, browser type, time spent on certain pages of the website, pages visited and links clicked.
Some of this data is collected through third-party tools and/or the use of cookies, web beacons and similar storage technologies. Please refer to our cookie policy below for further information, including information on how you can disable these technologies.
From third party sources
Where possible, we collect personal information from you directly. However, sometimes we may collect:
We may combine the personal information about you that we receive from third parties with the personal information we collect from you directly or with device and usage data we collect automatically when you visit our website.
If you click on one of our adverts, such as those in Google, Facebook, LinkedIn or Microsoft, then these parties may collect details about you or use information collected for cross-device tracking and to provide targeted adverts as detailed in their privacy policy.
A cookie is a piece of code that creates a file on your computer to track the pages that you view on our website.
We use cookies for a variety of purposes. Cookies allow browsing and other services offered through our website, and need to be enabled.
Read our Cookie Policy to learn more about the cookies we use and what we used them for.
We collect personal information for some or all of the following reasons to:
Optimal Workshop does not collect personal information for use by others.
We may transfer your information in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition.
You can stop receiving our marketing emails by following the unsubscribe instructions included in those emails.
We may disclose your personal information to:
Also, we may share information about your use of our website with our trusted advertising and analytics partners through the use of cookies, web beacons, and similar storage technologies.
Please refer to our Cookie Policy for further information.
Our lawful basis for processing (as that term is defined in the GDPR, UK GDPR and CCPA/CPRA) personal information that we collect, use and disclose depends on the personal information collected and the context in which we collect it.
Generally, we collect personal information from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms).
Where we process personal information based on your consent, you may withdraw your consent at any time. Despite the above, we may process your personal information where such processing is necessary for compliance with applicable laws.
If you have any question about the legal basis on which we process personal information or need further information, please contact us at privacy@optimalworkshop.com.
We utilize a number of sub-processors to enable the provision of services to you. Personal information may be provided to these sub-processors as part of the delivery of the services. A list of list of sub processors is available here.
Team owners may request further information regarding the team members’ and guest note-takers' activities as part of the team. Team owners can’t request a copy of a team member’s or guest note-taker's activities completed outside of the shared team’s activities.
Team members are able to see the activities of any guest note-taker completed as part of their study.
Anonymized and/or aggregated feedback received as part of a study into Optimal’s tool design may be included in marketing material, blog articles and/or conference presentations.
We do not directly share anonymized information relating to your website usage with any other party. However as detailed within Google’s privacy policy, Google may share this information publicly and with their partners.
We do not disclose your personal information to any third party other than those described previously or when legally mandated.
Your personal information is held in a controlled and secure environment. We use appropriate technical, organisational and administrative security measures to protect any information we hold from loss, misuse, and unauthorised access, disclosure, alteration and destruction. Among other practices, your account is protected by a password for your privacy and security.
You must prevent unauthorised access to your account by selecting and protecting your password appropriately and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We do not use automated decision making or profiling.
We only keep your personal information for as long as it is required.
We will keep your personal information:
We may keep just enough of your personal information to ensure that we comply with your requests. We will not use your personal information for any purpose other than those described in this notice and will comply with your right to deletion.
A business that supports our website, products and services may be located outside of New Zealand (the country where we are incorporated) and also outside of the country where you are located. This means that the personal information we collect may be transferred to, and stored in, a country outside of New Zealand and the country where you are located.
If you are located in the European Union (EU), your personal information may be transferred outside of the European Economic Area (EEA). Under the GDPR, the transfer of personal information to a country outside the EEA may take place where the European Commission has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal information if other appropriate safeguards are in place.
If you are located in the United Kingdom (UK) your personal information may be transferred outside of the UK. Under the UK GDPR, the transfer of Personal Information to a country outside the UK may take place where the European Commission (as at 31 December 2020) or the UK government has decided that the country ensures an adequate level of protection. In the absence of an adequacy decision, we may transfer personal information if other appropriate safeguards are in place.
We hold your personal information in the following locations:
For more information about our sub-processors and where your information is processed, please see our sub-processor list.
Wherever your information is held we ensure your rights are protected. We do this by ensuring that if we transfer personal information outside the EEA or UK, it will only be transferred to countries that have been identified as providing adequate protection for EEA/UK data, or to a third party where approved transfer mechanisms are in place to protect your personal information (e.g. by entering into the European Commission’s Standard Contractual Clauses). For further information, please contact at privacy@optimalworkshop.com.
If you are located in the European Union or the United Kingdom, your rights in relation to your personal information include:
Where personal information is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at privacy@optimalworkshop.com. If you are not satisfied with the way we deal with your query, you may refer your query to your local data protection authority.
If you are located in California, your rights in relation to your personal information include:
To exercise the rights described above, please submit a request to us by emailing us at privacy@optimalworkshop.com. Requests for access to or deletion of personal information are subject to our ability to reasonably verify your identity in light of the information requested and relevant CCPA/CPRA requirements, limitations, and regulations.
There are a few ways to lodge a complaint:
We may change this notice from time to time in the future. Any such changes will be posted here and, where appropriate, notified to you in writing. We advise you to check back frequently to see any updates or changes.
Schedule 1: Data Processing Agreement
1.1. Application: This Data Processing Agreement applies to the extent that Personal Data which is subject to EU/UK Data Protection Laws is processed in the course of the performance of the Services. The parties acknowledge and agree that with regard to such processing of Personal Data, You are the Data Controller and Optimal is the Data Processor.
1.2. Effective date: This Data Processing Agreement is effective from the date You accept these Terms.
1.3. Authority: If You are using the Services on behalf of a business, You represent to Optimal that You have authority to bind that business or entity to this Data Processing Agreement and that the business accepts this Data Processing Agreement.
1.4. EU Standard Contractual Clauses and UK IDTA: To provide You with additional assurance as to Optimal’s data protection commitments, this Data Processing Agreement also includes EU Standard Contractual Clauses set out in Exhibit A which are pre-signed by Optimal. If You would like to opt in to the EU Standard Contractual Clauses, please follow the steps set out in Exhibit A.
1.5. Personal Data: As required by Article 28(3) of the GDPR, Article 28(3) of the UK GDPR, and any equivalent requirement of other Applicable Data Protection Laws, the nature and purpose of the processing, the types of Personal Data and categories of Data Subjects processed under this Data Processing Agreement are set out in Annex I. Optimal may amend Annex I from time to time on written notice to You as Optimal reasonably considers necessary to meet the requirements of Applicable Data Protection Laws.
2.1. Data Controller’s authority: The Data Controller will, in determining the Services purchased and the Personal Data used in relation to those Services, determine the scope, purposes, and manner by which the Personal Data may be accessed or processed by the Data Processor.
2.2. Restrictions on processing: The Data Processor will only process the Personal Data:
2.3. Terms and discretion:
2.4. Data Controller warranty: The Data Controller warrants that it has all necessary rights to provide the Personal Data to the Data Processor to carry out the processing to be performed in relation to the Services, and to exercise its rights and perform its obligations under these Terms. To the extent required by the Applicable Data Protection Laws, the Data Controller is responsible for, and must obtain all necessary consents from the relevant Data Subjects to enable Optimal and its personnel (including any Sub-processors) to carry out the processing of the Personal Data and to exercise its rights and perform its obligations under these Terms, and the Data Controller must ensure that a record of such consents is maintained. If such consent is revoked by the Data Subject, the Data Controller is responsible for removing the relevant Personal Data from the Services.
3.1 Personal Data confidential:
The Data Processor shall:
4.1. Technical and organisational measures: The Data Processor shall implement and maintain the Technical and Organisational Measures. The Data Controller agrees that it has reviewed the Technical and Organisational Measures. Each party acknowledges that it considers the Technical and Organisational Measures to be appropriate, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, taking into account all the risks that are presented by processing, in particular from a Personal Data Breach.
4.2. Types of Personal Data: The Data Controller acknowledges that the Data Processor does not review the types of Personal Data collected in relation to the Services. If the Data Controller submits Personal Data to the Services that is not specified in Annex I, the Data Controller agrees that it is responsible if the Technical and Organisational Measures do not meet the GDPR or UK GDPR standard of appropriateness. The Data Controller will not submit any payment card information or any protected health information to the Services.
4.3. Changes to measures: The Data Processor may change the Technical and Organisational Measures at any time without notice so long as it maintains a comparable or better level of security. The parties will negotiate in good faith the cost, if any, to implement changes required by specific updated security requirements in Applicable Data Protection Laws or by data protection authorities of competent jurisdiction. Where the parties are unable to agree on the cost to implement changes required, either party may, by notice to the other party, immediately terminate this Data Processing Agreement and these Terms.
4.4. Login details: The Data Controller shall keep its login details confidential and secure and will not share them with others. If the Data Controller knows or suspects that its login information has or is likely to become used in an unauthorised way, it shall immediately change its password or notify the Data Processor if it cannot change its password.
4.5. Directions: The Data Controller shall promptly comply with all reasonable directions issued by the Data Processor in relation to security or the Services.
5.1. Demonstration: At the request of the Data Controller, the Data Processor shall make available to the controller all information necessary to demonstrate compliance with the obligations laid down in Article 28 of the GDPR, Article 28 of the UK GDPR, and any equivalent requirement of other Applicable Data Protection Laws.
5.2. Audit:
6. Personal Data Breach
6.1. Notifications: The Data Processor shall notify the Data Controller without undue delay upon becoming aware of a Personal Data Breach affecting Personal Data, providing the Data Controller with sufficient information to allow the Data Controller to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Applicable Data Protection Laws. Such notification shall contain (to the extent that it exists or is known at that time):
6.2. Co-operation: The Data Processor shall co-operate with the Data Controller and take such reasonable commercial steps as are directed by the Data Controller to assist in the investigation, mitigation, and remediation of each such Personal Data Breach.
7. Contracting with Sub-processors
7.1. Authorisation: The Data Processor lists its Sub-processors on its Website, including the name, address and role of each Sub-processor, as set out in Annex III. The Data Controller authorises the engagement of such Sub-processors listed on the Data Processor’s Website as at the date of these Terms.
7.2. Changes: The Data Processor will, no more than thirty (30) days before making any change to its Sub-processors, provide written notice to the Data Controller (via email to the email address notified by the Data Controller under these Terms) to advise of any change to its Sub-processors (“Change Notice”). The Data Controller may object to any change to the Data Processor’s Sub-processors on reasonable grounds by notifying the Data Processor within 10 days of receipt of a Change Notice. The parties must discuss the Data Controller’s concerns in good faith with a view to resolving the objection to the applicable changes to the Data Processor’s Sub-processors in a commercially reasonable manner. If it is not possible to resolve the objection, the Data Controller may, despite anything to the contrary in these Terms, terminate the Services under these Terms that cannot be provided to the Data Controller without that relevant change to the Data Processor’s Sub-processors. If the Data Controller does not notify the Data Processor of any objection or terminate the relevant Services under these Terms in accordance with this clause, the Data Controller is deemed to have agreed to, and approved the applicable changes to the Data Processor’s Sub-processors.
7.3. Emergency Replacement: The Data Processor may engage Sub-processors as needed to serve as an Emergency Replacement to maintain and support the Service. Emergency Replacement means a sudden replacement of a Sub-processor where a change is outside the Data Processor’s reasonable control. In this case, the Data Processor will inform the Data Controller of the replacement Sub-processor as soon as reasonably practicable.
7.4. Liability: Notwithstanding authorisation by the Data Controller in accordance with this clause 7, the Data Processor shall remain fully liable for the performance of any such Sub-processor that fails to fulfil its data protection obligations.
7.5. Sub-processor obligations: The Data Processor shall ensure that where it engages a Sub-processor for carrying out specific processing activities on behalf of the Data Controller, it will impose the data protection obligations as set out in this Data Processing Agreement as referred to in Article 28(3) of the GDPR, Article 28(3) of the UK GDPR, and any equivalent requirements of other Applicable Data Protection Laws, on that Sub-processor, in particular providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that the processing will meet the requirements of the GDPR and the UK GDPR.
7.6. Requests from Data Subjects: The Data Processor shall promptly notify the Data Controller if any Sub-processor receives a request from a Data Subject under any Applicable Data Protection Laws in respect of Personal Data and ensure that the Sub-processor does not respond to that request except on the documented instructions of the Data Controller or as required by Applicable Data Protection Laws to which the Sub-processor is subject, in which case the Data Processor shall to the extent permitted by Applicable Data Protection Laws inform the Data Controller of that legal requirement before the Sub-processor responds to the request.
8.1. Transfers: The Data Processor shall be entitled to process Personal Data, including by using Sub-processors, outside the country in which the Data Controller is located as permitted under Applicable Data Protection Laws. Where the Data Processor transfers Personal Data to a country outside of the United Kingdom or European Economic Area without an adequate level of protection, the Standard Contractual Clauses will apply and form part of this Data Processing Agreement. The Data Controller authorises such transfers. If the Data Controller objects to such transfers, its sole remedy is to cancel or terminate its account or the Services.
8.2. Statutory mechanism: To the extent that the Data Controller or the Data Processor are relying on a specific statutory mechanism to normalise international data transfers (including the EU Standard Contractual Clauses or the UK IDTA) that are subsequently modified, revoked, or held in a court of competent jurisdiction to be invalid, the Data Controller and the Data Processor agree to cooperate in good faith to promptly terminate the transfer or to pursue a suitable alternate mechanism that can lawfully support the transfer.
9.1. Deletion: The Data Controller agrees that the Data Processor will delete all the Personal Data after the end of the provision of the Services in accordance with these Terms, and delete existing copies subject to clause 9.3.
9.2. Return: The Data Controller agrees that return of Personal Data shall be undertaken by the Data Controller exporting the applicable Personal Data from the Services prior to any termination of the Services.
9.3. Retained data: The Data Processor may retain Personal Data to the extent and for such period as set out in these Terms or as otherwise required by applicable Laws (for example, applicable New Zealand tax laws). The Data Processor shall ensure the confidentiality of all such retained Personal Data.
9.4. Notification of third parties: The Data Processor shall notify all third parties (e.g. Sub-processors) supporting its own processing of the Personal Data of the termination of this Data Processing Agreement and shall ensure that all such third parties delete the Personal Data.
10.1. Technical and organisational measures: The Data Processor shall assist the Data Controller by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Data Controller’s obligation to respond to requests for exercising the Data Subject’s rights under EU/UK Data Protection Laws.
10.2. Assistance: The Data Processor shall assist the Data Controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR, Articles 32 to 36 of the UK GDPR, and any equivalent requirement of other Applicable Data Protection Laws, taking into account the nature of processing and the information available to the Data Processor.
10.3. Impact assessments: The Data Processor shall provide reasonable assistance to the Data Controller for any data protection impact assessments, and prior consultations with supervising authorities or other competent data privacy authorities, which the Data Controller reasonably considers to be required by Article 35 or 36 of the GDPR, Article 35 or 36 of the UK GDPR, and any equivalent requirement of other Applicable Data Protection Laws, in each case solely in relation to the processing of Personal Data by the Data Processor, and taking into account the nature of the processing and information available to the Data Processor. The Data Processor may charge for such assistance at its standard rates.
Each party is responsible for its compliance with its documentation requirements in particular maintaining records of processing where required under Applicable Data Protection Laws. Each party shall reasonably assist the other party in its documentation requirements, including providing the information that the other party reasonably requests (such as through use of the Services), in order to enable the other party to comply with any obligations relating to maintaining records of processing.
Data Subjects: The parties agree that any Data Subject who has suffered damage as a result of any breach of this Data Processing Agreement may be entitled to seek compensation either from the Data Controller or the Data Processor. If the one party has paid damages that are partly or fully attributable to the other party, the former is entitled to claim back the relevant part of the damages from the latter.
13.1. Confidentiality: Termination or expiration of this Data Processing Agreement shall not discharge the Data Processor from its confidentiality obligations pursuant to clause 3.
13.2. Effective date: The Data Processor shall process Personal Data until the earlier of:
14.1. Changes due to Applicable Data Protection Laws: Either party may propose variations to this Data Processing Agreement (including to the EU Standard Contractual Clauses or the UK IDTA) if it reasonably considers it to be necessary to address the requirements of any Applicable Data Protection Laws. If either party gives such notice, the parties shall promptly discuss the proposed variations and negotiate in good faith with a view to agreeing and implementing those or alternative variations designed to address the identified requirements as soon as is reasonably practicable.
14.2. Changes due to Controller instruction: Where an amendment to these Terms or this Data Processing Agreement is necessary in order to execute the Data Controller’s instruction to the Data Processor, including to improve security measures:
15.1 Contact details: Each party will deliver all notices under this Data Processing Agreement to addresses specified in Annex I.
16.1. Conflict in terms: In the event of any conflict between any of the following, they will have precedence in the descending order of priority set out below:
16.2. Governing law: This Data Processing Agreement is governed by the laws of New Zealand, and each party irrevocably submits to the non-exclusive jurisdiction of the New Zealand courts.
17.1. Interpretation: In this Data Processing Agreement, unless the context otherwise requires:
17.2. *Defined terms:*
Details of processing of Personal Data
Data Exporter(s): Identity and contact details of the data exporter(s) and, where applicable, of its/their data protection officer and/or representative in the European Union
Name: The party purchasing access to and use of the Services under these Terms.
Address: As notified by You in accordance with these Terms.
Contact person’s name, position, and contact details: As notified by You in accordance with these Terms.
Activities relevant to the data transferred under these Clauses: The provision of the Services, and the exercise of any right or performance of any obligation, under these Terms.
Role (controller/processor): Controller.
Data Importer(s): Identity and contact details of the data importer(s), including any contact person with responsibility for data protection
Name: Optimal Workshop Limited
Address: Suite 2, 25 Courtenay Place, Te Aro, Wellington, 6011, New Zealand
Contact person’s name, position, and contact details: Privacy Officer, privacy@optimalworkshop.com
Activities relevant to the data transferred under these Clauses: The provision of the Services, and exercise of any right or performance of any obligation, under these Terms.
Role (controller/processor): Processor.
Categories of Data Subject to whom the Personal Data relates:
Data Controller may submit Personal Data to the Optimal Workshop tools, the extent of which is determined and controlled by the Data Controller in its sole discretion, and which may include, but is not limited to Personal Data relating to the following categories of Data Subjects:
Categories of data:
Data Controller may submit Personal Data to the Optimal Workshop tools, the extent of which is determined and controlled by the Data Controller in its sole discretion, and which may include, but is not limited to the following categories of Personal Data:
Name, email address, geolocation information (through IP addresses and cookies).
Special categories of data/data regarding minors or criminal history (if appropriate):
Not applicable.
Frequency of the transfer:
Continuous basis based on the surveys conducted.
Nature of the processing:
Continuous basis based on the surveys conducted.
Purpose of the data transfer and further processing:
To process Personal Data as necessary to perform the Services, and to exercise any right or perform any obligation, under these Terms.
The period for which the personal data will be retained, or, if that is not possible, the criteria used to determine that period:
The Data Importer will retain Personal Data for as long as necessary to carry out the purposes of the Services as set out in this Data Processing Agreement, these Terms, and in compliance with Applicable Data Protection Laws.
For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing:
The Data Importer will transfer Personal Data to sub-processors authorised by You under clause 7 of this Data Processing Agreement and for as long as necessary to carry out the purposes set out in this Annex I.
Technical and Organisational Measures
Optimal’s technical and organisational measures as they are updated from time to time by Optimal, which are available upon written request (all requests can be made to security@optimalworkshop.com).
Authorised Sub-processors
You (as controller) agree that Optimal’s list of Sub-processors in relation to the Services, including the name, location and role of each Sub-processor, is set out on the Website at Optimal Workshop Sub Processors (as updated from time to time in accordance with clause 7.2 of this Data Processing Agreement) and that these Sub-processors are approved for the purposes of this Data Processing Agreement and these Terms.
EU STANDARD CONTRACTUAL CLAUSES (CONTROLLER TO PROCESSOR)
If You would like to opt in to the EU Standard Contractual Clauses:
UK INTERNATIONAL DATA TRANSFER ADDENDUM TO THE EU COMMISSION STANDARD CONTRACTUAL CLAUSES
This UK International Data Transfer Addendum to the EU Commission Standard Contractual Clauses (“Addendum”) applies to this Data Processing Agreement where the Data Subject is subject to UK Data Protection Laws.
International Data Transfer Addendum to the EU Commission Standard Contractual Clauses
(Version B1.0, in force 21 March 2022)
This Addendum has been issued by the Information Commissioner for parties making Restricted Transfers. The Information Commissioner considers that it provides Appropriate Safeguards for Restricted Transfers when it is entered into as a legally binding contract.
Entering into this Addendum
Interpretation of this Addendum
If California Data Protection Law applies to the provision or use of the Services, the parties further agree to be bound by the terms of this CCPA/CPRA Service Provider Agreement.
Purpose
This Fair Use Policy is designed to ensure that our platform is used in a fair and equitable manner, while also meeting your organizational needs when your team experiences changes.
Seats and Fair Use
Our subscription model is based on a per-seat (user) basis, meaning that each seat is intended for a single, designated user. We understand that, from time to time, there may be a need to reassign a seat due to changes in staffing or user roles. However, frequent or systematic swapping of licenses between users (commonly known as "seat swapping") may disrupt the intended use and balance of our services.
1. Assignment of Seats: Seats should be assigned to a specific individual user. Each user should have their own seat and access should not be shared or transferred between users on a frequent basis.
2. Seat Swapping: While we allow for the reassignment of seats in cases of permanent staff changes, excessive or repetitive swapping of seats is discouraged. Seat swapping should only occur when absolutely necessary, such as when a user leaves the organization or changes roles permanently.
3. Monitoring and Enforcement: We reserve the right to monitor the usage of seats to ensure compliance with this Fair Use Policy. If we observe patterns that suggest misuse or systematic seat swapping, we may reach out to discuss potential adjustments to your licensing plan to better fit your usage needs.
4. Consequences of Misuse: In cases of non-compliance, we may take corrective actions, including but not limited to:
- Limiting the number of allowed seat reassignments.
- Requiring the purchase of additional seats to accommodate usage needs.
- Suspension of services if misuse continues after warnings.
We trust that our customers adhere to these guidelines and use our services in the spirit of fairness. If you have any questions about this policy or need to discuss your specific needs, please feel free to contact our support team. We are committed to working with you to ensure a fair and effective use of our platform.
By continuing to use our services, you agree to comply with this Fair Use Policy.
Last Update: 04.11.2024
A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first party cookies. We also use third party cookies for our advertising and marketing efforts, which are cookies from a domain different than the domain of the website you are visiting. Your continued use of our website and related services signifies your agreement and consent for us to use the cookies described in this policy below.
These cookies are used across the following Optimal Workshop domains:
Below is a detailed list of the cookies we use on our website. Our website is scanned with our cookie scanning tool regularly to ensure this list is as accurate as possible. We classify cookies in the following categories:
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but this may cause some of the website to not function.
These cookies allow us to understand how visitors interact with our website by collecting and reporting information anonymously.
These cookies allow the provision of enhanced functionality and personalisation, such as videos and live chats. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these functionalities may not work properly.
These cookies are sent through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.
Updated: Nov 4, 2024
We have introduced new site functionality in the form of a webpage banner and have updated our cookie policy to include the new cookie this feature requires.
Updated: Sep 26, 2024
We have updated our cookie policy to reflect the cookies and services our site uses. We've also implemented changes to our cookie banner, to give you more flexibility and control over your cookie experience.
Updated: Jun 25, 2024
We've clarified what we mean when we refer to Order Forms and Statements of Work. We've updated the terms applicable when you purchase participant recruitment credits. We've clarified the circumstances where your chosen services may auto-renew, and our rights in the event of any non-payment of Fees.
Updated: Jun 21, 2024
We have updated our cookie policy to include Userpilot, a new sub-processor that assists us with delivering the Services
Updated: 16 May 2024
On December 9 2021 a bug was identified in Log4j, a Java library for logging error messages in applications. Log4j is used by many servers and could allow a malicious person to take full control of the affected server or allow a denial of service attack that could take down the server.
Updated: Feb 15, 2024
We’ve restructured the Terms of Service to make them easier to navigate, which includes structure and clause referencing changes. We now host our Data Processing Terms on a separate page. We have introduced a standard Service Level Agreement which all of our customers can access. We have made changes to liability settings to reflect SaaS industry practice. We have clarified the limits associated with account types, including free accounts and that account sharing is not permitted.
Updated: Feb 15, 2024
Optimal Workshop has updated its Privacy Notice to clarify the circumstances in which we may disclose your information. We have clarified that we may disclose your information to your employer if they are already a customer and you register for an account with your work email address. We have also updated the locations where we hold your Data.
Updated: Dec 21, 2023
Change of Data Protection Officer
Updated: Nov 14, 2023
We have updated our policy to reflect the cookies and services our site uses. This update addresses changes to our security practices.
Updated: Jun 14, 2023
Californian Consumer Privacy Act/California Privacy Rights Act amendments:
Optimal Workshop has updated its Terms of Service to accommodate recent legislative changes primarily relating to the California Privacy Rights Act ("CPRA"). The CPRA is an addition to the existing data privacy law CCPA that applies to businesses that collect personal information fromCalifornia residents. We've also expanded and clarified our termination and data deletion processes.
Updated: Jun 14, 2023
Californian Consumer Privacy Act/California Privacy Rights Act amendments:
Optimal Workshop has updated its Privacy Notice to accommodate recent legislative changes primarily relating to the California Privacy Rights Act ("CPRA"). The CPRA is an addition to the existing data privacy law CCPA that applies to businesses that collect personal information from CaliforniaResidents.
Updated: Dec 20, 2022
Updates to our Terms of Service were made to clarify or update key rights and obligations that apply when you purchase and/or use our services. We have also incorporated the new EU standard contractual clauses and the UK international data transfer addendum. For more information, please visit the following link from our Help Center: Optimal Workshop Terms of Service
Updated: Dec 14, 2022
Updating the policy to reflect the cookies and services used.
Updated: Sep 15, 2021
Updates to our Terms of Service were made to clarify the definitions of “Customer Data” and “Optimal Data” and further clarified the scope of the permissions (or rights) that you grant Optimal Workshop to Customer Data when using our services. We also incorporated new requirements under the California Consumer Privacy Act (CCPA) and EU/UK Data Protection Laws, aligned our Terms of Service with our updated data retention policy and added further clarification around customer obligations and responsibilities when using Optimal Workshop services.
For more information, please visit the following link from our Help Center: Optimal Workshop Terms of Service and Privacy Notice
Updated: Sep 15, 2021
Adjustments were made to better describe the information we collect when you use our Services or interact with us, as well as disclosures around how we may use and share this information with third parties. Clarifications were also made around our terms regarding specific privacy rights available to you under the California Consumer Privacy Act (CCPA) and EU/UK Data Protection Laws.
Updated: Sep 14, 2020
We have updated our list of cookies
Updated: Dec 19, 2019
Californian Consumer Privacy Act amendments:
Pursuant to section 25, Optimal Workshop has updated its Terms of Service (which includes its Data Processing Agreement) to accommodate recent legislative changes primarily relating to the Californian Consumer Privacy Act ("CCPA"). The CCPA is a new data privacy law that applies to businesses that collect personal information from California residents.
Updated: Sep 16, 2019
Use of our Services (detailed under section 4.3.7):
When accessing and using the Services, you must not place any payment card information (PCI) or any protected health information on the Services. Our Services are not compliant with the requirements of the Payment Card Industry Data Security Standard or the Health Insurance Portability and Accountability Act 1996. This means you can’t (and we don’t) store credit cards or personal health information within any of our Services. If you currently store any of that type of information, you’ll need to remove it. For help with removing this information, or if you have questions about the impact this has on your usage, get in touch with us.
Removal of Government Terms of Service:
We’ve removed the specific government Terms of Service from our website and have replaced them with our standard Terms of Service. We’ve done this so that we only have one set of terms for all of our customers.