GDPR Portal Terms and Conditions


This Agreement is between GMA Consulting Services Ltd trading as GDPR Portal (GDPR Portal), a company registered in England and Wales with company registration number is 04238417 and registered office at 1 Vincent Square, London SW1P 2PN; and you the subscriber, to provide an electronic cloud-based web interface and data storage service for addressing the requirements of the General Data Protection Regulations (EU2016/679) as enacted, amended, extended or re-enacted from time to time (“the Services”). By checking the box “I AGREE”, you are indicating your acceptance of these terms and conditions and your agreement to be bound by this document and future revisions thereof.

This Agreement will commence on receipt of payment from our payment service and shall (unless terminated earlier in agreement with these terms and conditions) continue on a month by month basis.

We cannot and do not guarantee uninterrupted service. We reserve the right to enhance or modify features of our Services but will not materially reduce the core functionality or discontinue any Services unless we provide you with prior written notice. In any event GDPR Portal will not be liable for any monetary damages beyond what the user paid to GDPR Portal.

Fees and Payment
You agree that we may take steps to verify whether your payment method is valid, charge your payment card for all amounts due for your use of GDPR Portal, and automatically update your payment card information using software designed to do so in the event your payment card on file is no longer valid. You agree that your credit card information and related personal data may be provided to third parties for payment processing and fraud prevention purposes. We may suspend or terminate your use of GDPR Portal if at any time we determine that your payment information is inaccurate or not current, and you are responsible for fees and overdraft charges that we may incur when we charge your card for payment. We will not agree to submit invoices via any customer procure-to-pay online portal or Electronic Data Interchange (EDI) portals. We reserve the right to update the price for Services at any time after your subscription has commenced, and price changes will be effective as of your next billing cycle. We will notify you of any price changes by publishing on our website, emailing, quoting or invoicing you. Our prices are subject to VAT at the applicable rate.

Sales, Promotional Offers, Coupons and Pricing
Sales, promotions and other special discounted pricing offers are temporary and, upon the renewal of your subscription, any such discounted pricing offers may expire. We reserve the right to discontinue or modify any credits, sales and special promotional offers in our sole discretion.

Free Services and Trials
Your right to access and use any free Services is not guaranteed for any period of time and we reserve the right, in our sole discretion, to limit or terminate your use of any free or basic versions of any Services by any individual or entity. If you are using the Services on a trial or promotional basis (“Trial Period”), your Trial Period and access to the Services will terminate (i) at the end of the Trial Period, or (ii) if no date is specified, 14 days after your initial access to the Services, (iii) or upon your conversion to a subscription. Following expiration of the Trial Period, the Services may automatically continue unless you provide notice of cancellation to us, and you are responsible for payment of the applicable Fees. During the Trial Period, to the extent permitted by law, we provide the Services “AS IS” and without warranty or indemnity, and all other terms otherwise apply. We may modify or discontinue any trials or promotions at any time without notice.

Your Content
You retain all rights to your Content and we do not own or license your Content. We will not view, access or process any of your Content, except as directed or instructed by you or your users, or as required to comply with our policies, applicable law, or governmental request. You agree to comply with all legal duties applicable to you as a data controller by virtue of the submission of your Content within the Services. If your Content is subject to EU data protection laws (“Personal Data”) and is processed by us as a data processor acting on your behalf (in your capacity as data controller), we will use and process your Content in order to provide the Services and fulfil our obligations under the Agreement, and in accordance with your instructions as represented in this Agreement. Notwithstanding anything to the contrary, this section of the Agreement expresses the entirety of our obligations with respect to your Content. “Content” means any of your, or your users’ data, files, documents, and other information that is uploaded to your Service account for storage, or used, presented or shared with third parties in connection with the Service.

Any Personal Data that we collect from you will be stored at a secure cloud datacentre hosted by Microsoft and located within the European Economic Area. By submitting the Personal Data, you agree to this storing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with these Terms.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

The transmission of information via the internet is not completely secure. Although we will do our best to protect the Personal Data, we cannot guarantee the security of the Personal Data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your Account
You are solely responsible for (i) all use of the Services by you and your users, (ii) obtaining consent from your users to the collection, use, processing and transfer of Content, and (iii) providing notices or obtaining consent as legally required in connection with our Services. We do not send emails asking for your usernames or passwords, and to keep your accounts secure, you should keep all usernames and passwords confidential. We are not liable for any loss that you may incur if a third party uses your password or account. We may suspend service or terminate this Agreement if you, your users, or attendees are using our services in a manner that is likely to cause harm to us. You agree to notify us immediately and terminate any unauthorized access to GDPR Portal or other security breach.

Your account will remain in service for the period that has been paid for in advance. Should you wish to terminate our account, you must do so by contacting our help desk – . In the event that your payment is not received, access to our GDPR Portal service will be suspended until such payment is received. If we decide that we are going to stop providing the Services, we will let you know at least 30 days in advance of our stopping the supply of the Services and will refund any sums you have paid in advance for Services which will not be provided.

Effect of Termination
We have no obligation to maintain your Content after that period paid for in advance. Neither party will be liable for any damages resulting from termination of this agreement, and termination will not affect any claim arising prior to the effective termination date.

Security Emergencies
If we reasonably determine that the security of our Services may be compromised due to hacking attempts, denial of service attacks, or other malicious activities, we may temporarily suspend the Services and we will take action to promptly resolve any security issues. We will notify you of any suspension or other action taken for security reasons.

Refund Policy
If you are dissatisfied with or unable to access the Services we will provide a refund of any payments up to 30 days after the date of the payment, refunds requested after 30 days will be made at our discretion. To request a refund, please contact our help desk – .

Disclaimers and Warranties
The services are provided on an “as is” and “as available” basis. GDPR Portal does not warrant that the services will be timely, uninterrupted, error-free or free of viruses, or other harmful components. GDPR Portal does not warrant that our services will meet your requirements, or that all errors or defects will be corrected. Use of GDPR Portal’s services is at your sole risk. GDPR Portal makes no express warranties and waives all implied warranties including, but not limited to, warranties of title, non-infringement, and fitness for a particular purpose regarding any information or service provided through GDPR Portal or the internet generally. No advice or information given by GDPR Portal or its representatives shall create a warranty. GDPR Portal and its employees are not liable for any costs, losses or damages arising directly or indirectly from your use of the services or the internet including any indirect, incidental, exemplary, multiple, special, punitive, or consequential damages. In any event, GDPR Portal’s cumulative liability to you for all claims relating to the use of the services shall not exceed the total amount of service fees paid during the month immediately preceding a claim.

You shall indemnify and hold GDPR Portal harmless against all 3rd party claims, demands, suits, actions, judgments, losses, costs, damages (direct, indirect and consequential), legal fees and expenses that GDPR Portal may sustain or incur by reason of any breach or alleged breach of any term or condition of this agreement, or of GDPR Portal’s other agreements and policies and for any act or omission of you or your clients which are in any way related to GDPR Portal’s service.

Privacy Policy
Your right to privacy is an important concern to us and we wish to protect the privacy of the personally identifiable information you share with us. We also believe it is important to inform you about how we will use your personal data, and to give you choices about how your data will be used. Therefore, we encourage you to read this Privacy Policy carefully.

We only use the information which is provided through our site to help us improve our services to you, to provide you with the products you have requested, to inform you about additional products or services that may be of interest to you, for marketing purposes and for other operational and internal purposes. Other than as described, GDPR Portal will not sell, trade or rent your personal information.

GDPR Portal will only collect your personal information (such as your name and contact details, including a valid email address) if you provide it voluntarily. If you do not want this information to be collected by us, please do not submit it. We will never pass any of these details on to any other party unless legally compelled to do so, and we will not retain your personal information longer than is necessary for the purpose for which it is collected.

In addition, while using our site we automatically track certain information about you using our own systems and that of trusted third party analytics providers. This information includes the URL that you just came from (whether this URL is on our site or not), which URL you go to next (whether this URL is on our site or not), details of the device and browser you are using, your IP address and how you interact with our site. Many sites automatically collect this information and use this data to improve their functionality and services.

We also employ the use of cookies to assist us in this process. A cookie is a small piece of computer code that enables web servers to identify users. Cookies do not store any information that you have provided to our site. They are simply identifiers. You can delete cookie files from your hard drive at any time or avoid cookies by configuring your browser to reject them or to notify you when a cookie is being placed on your hard drive.

All our payments are processed via 3rd party payment gateways, such as Worldpay. We do not hold any credit card details ourselves.

In the event that GDPR Portal is merged with or acquired by another organisation, or if we go out of business, enter into administration or go through some other change of control, your Content or Personal Data may be one of the assets transferred to or acquired by a third party.

We will, from time to time, send all registered users a newsletter, but you may opt out of this at any point. We will not send more than one newsletter a month and our newsletters will not contain any 3rd party advertisements.

Once registered on our website, you may automatically receive from GDPR Portal a number of different emails which may contain further information, reading materials, and links that will help you get started. Here is a summary of what you can expect:

A. Trial Emails
     1.Welcome on creation of site
     2.Trial expiry notification after 14 days – convert to full subscription, or leave

B. Payment Card Notifications
     1. Payment card expiry notifications, on the 1st, 7th, 14th and 21st days of the final month
     2. Payment failure notification, leading to a contact from GDPR Portal’s support desk

C. Operational Notifications
     1. Addition of new user – joiner invited
     2. Reviews – timing options, either now or for a date scheduled in the future

This agreement, and GDPR Portal’s other agreements and policies posted on GDPR Portal’s web site, constitute the entire agreement between you and GDPR Portal with respect to your use of the service. GDPR Portal may revise, amend, or modify the agreements at any time and in any manner. Notice of any revision, amendment, or modification will be posted on GDPR Portal’s web site: , and/or on your start pages and/or by email and/or in our various publications and mailings to you. This agreement may not be amended or modified by you except by means of a written document signed by both you and an authorized representative of GDPR Portal.

No person or entity not a party to the Agreement will be a 3rd party beneficiary. Our authorized distributors do not have the right to modify the Agreement or to make commitments binding on us. Failure to enforce any right under the Agreement will not waive that right. Unless otherwise specified, remedies are cumulative. The Agreement may be agreed to online. No party will be responsible for any delay or failure to perform under the Agreement due to force majeure events (e.g. natural disasters; terrorist activities, activities of third party service providers, labour disputes; and acts of government) and acts beyond a party’s reasonable control, but only for so long as those conditions persist.

You may not assign your rights or delegate any of your duties under this agreement without the prior written consent of GDPR Portal, and any attempted assignment or delegation without such consent shall be void. If one or more provisions of this agreement shall be held to be invalid, illegal, or unenforceable, the validity, legality and enforceability of the remaining provisions shall not be affected or impaired thereby. GDPR Portal will amend or replace such provision with one that is valid and enforceable and which achieves, to the extent possible, the original objectives and intent of GDPR Portal as reflected in the original provision. Nothing in this agreement or in the understanding of the parties construes upon the parties the status of agency, partnership, or other form of joint enterprise between the parties. GDPR Portal may subcontract any work, obligations or other performance required of GDPR Portal under this agreement without your consent.