ORPHEX TECH LIMITED User Agreement

1. General
1. This Agreement is intended for users who require access to and use of Orphex Services.
2. In consideration of Your compliance with the obligations outlined in this User Agreement for utilizing the applications provided by Orphex, we grant You a limited, non-exclusive, non-transferable, and revocable license to access the Orphex Services. By accessing the Orphex Services, You agree to abide by the terms of this User Agreement. If You do not agree to these terms, You are not authorized to access the Orphex Services and should refrain from attempting to do so.
2. Definition
The following definitions shall have the following meanings

“Access”	means accessing app.orphex.co to use the Orphex Services;
“Account”	means Your account enabling You to use the Orphex Services;
“Agreement”	means this agreement between Orphex and You which includes the numbered Clauses together with the Appendices and any other documents, including the Terms of Service, which may be agreed in writing by the Parties and incorporated by reference into the Agreement;
“Authorised Users”	means personnel authorised by Your Organization to Access the Orphex Services and who have been issued with a valid username and password;
“Data”	means the data in the Orphex Services as accessed by You;
“DPA”	means the Data Protection Act 2018 (as amended from time to time);
“Data Protection Legislation”	means (i) the UK GDPR, the Law Enforcement Directive and any applicable national implementing Laws as amended from time to time (ii) the DPA 2018 to the extent that it relates to processing of personal data and privacy; (iii) all applicable Law relating to the processing of personal data and privacy;
“Default”	means any breach of the obligations of the relevant Party (including but not limited to fundamental breach or breach of a fundamental term) or any other default, act, omission, negligence or statement of the relevant Party in connection with or in relation to the subject-matter of this Agreement and in respect of which such Party is liable to the other;
“Login Information”	means the username and password allocated to Authorised Users;
“Orphex”	Orphex Tech Limited;
“Orphex Services”	Orphex.co and all services provided by Orphex through the orphex.co domain and its platforms, including but not limited to app.orphex.co;
“Organisation”	The company or organization that entered into the Terms of Service agreement with Orphex;
“Terms of Services”	The agreement that your Organization has agreed to in order to use Orphex Services, which is also an integral part of this User Agreement;
“User”	means the individual from Your Organisation who will be accessing the Orphex Services;
“UK GDPR”	means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018;
“You” “Your”	means the individual agreeing to the terms and conditions set out in this agreement;
“Website”	means orphex.co

3. Changes to the Agreement
Orphex reserves the right to amend this Agreement periodically and will notify You via email. Any modifications to this Agreement will also be published online at the following website address: [https://orphex.co/en].
4. Your General Responsibilities
1. It is imperative that You thoroughly review the Agreement for utilizing the Orphex Services and possess adequate training in their usage, as well as in web service operations and the handling of personal data, to ensure compliance with the Terms of Service.
2. While accessing the Orphex Services, it is essential that You do not leave Your workstation unlocked and unattended. If You need to step away briefly, ensure to lock it.
3. You must take measures to ensure that Your display screen is not visible to unauthorized individuals when accessing personal data on the Orphex Services.
4. Under no circumstances should You attempt to modify the functionality of Orphex Services. Any such attempt will be considered a breach of security and may result in the revocation of access permissions.
5. Account and Password Maintenance
1. You are strictly prohibited from sharing Your login details with anyone else to access the Orphex Services. Each username is assigned individually, and all system activity is logged against the initiating username. You are accountable for all actions taken under Your username.
2. Passwords must be changed regularly to maintain their confidentiality.
3. Under no circumstances should You disclose Your password to any individual or organization. Avoid writing it down in any form or location that could reveal its purpose or significance.
4. Passwords should not be stored in function keys, login screens, or telephone memories.
5. Generate passwords in a manner that makes them difficult for unauthorized individuals to guess.
6. If You suspect that Your password has been compromised, You must change it immediately.
7. You bear full responsibility for all activities associated with Your username and password. Access the Orphex Services only with valid and authorized login information and solely for valid business reasons. Unauthorized attempts to access the Orphex Services may constitute a security breach and may result in legal action under the Computer Misuse Act 1990.
8. Ensure to sign out of Your account at the conclusion of each session. Use Your account exclusively for the purposes intended by Your Organization. You agree to furnish Your Organization's user administration staff promptly with requested information (including personal data) to create, facilitate, and maintain Your account. Ensure that all provided information is accurate and up-to-date throughout the duration of Your account.
9. It is strictly prohibited to violate the security of the Orphex Services, including unauthorized access to accounts, probing, scanning, or testing system vulnerabilities. Failure to comply with these requirements may result in prosecution under the Computer Misuse Act 1990.
10. Adhere to the procedures outlined by Your organization to fulfil its obligations within the Terms of Service.
6. Duty of care for the protection of information
1. The Orphex Services does not process personal data, but in extreme cases the database may contain personal data. Therefore, You must:
• Handle, use, and transmit personal data with care.
• Take reasonable and appropriate precautions against accidental compromise, opportunistic, or deliberate attacks on the data You have access to.
• Dispose of personal data extracted from the Orphex Services, and no longer required, in compliance with Data Protection Legislation.
2. The outputs of Orphex Services may include Information about Your Organization and its customers. You are authorized to download, print, temporarily store, retrieve, and display this Information for internal use within Your organization. However, You are not permitted to use, copy, disseminate, or transmit any of the Data unless expressly permitted by Orphex in writing or as permitted by law.
3. You must not use the Orphex Services for any immoral or illegal purpose. Specifically, You must not:
• Upload files containing viruses, worms, Trojan Horses, or other destructive features.
• Damage, disable, or impair the operation of the Orphex Services or attempt unauthorized access to the Orphex Services or any connected network through hacking, spoofing, or similar means.
4. Distribution of documentation should be limited to authorized parties via circulation lists.
5. Zip files must be encrypted when sent via email to us, and passwords should be communicated separately, for example, via telephone.
6. Personal data should not be disclosed when using mobile phones in public places or on any phone where unauthorized individuals could overhear.
7. You must ensure all Data provided to the Orphex Services is accurate.
8. Inform Orphex promptly of any suspected or actual security breaches and take immediate action to address the issue.
9. By accessing the Orphex Services, You acknowledge that the Organization You work for is an independent Data Controller responsible for ensuring Your use of personal data complies with Data Protection Legislation. You are personally responsible for complying with Data Protection Legislation principles, including processing data fairly and lawfully, for limited purposes, accurately, securely, and in line with individual rights.
10. Data must not be transferred outside Your country without adequate protection and explicit written consent from Orphex.
11. Data must not be shared with third parties without explicit written consent from Orphex.
12. Securely store any printed or downloaded Data from the Orphex Services in a locked cabinet or password-protected user account when not in use.
7. Responsibilities of organisation administrators
1. Immediately revoke access rights for staff who depart or no longer require access to the Orphex Services. User accounts should never be transferred between individuals; instead, a new account must be created for each new user.
2. Obtain written authorization for new user requests, ensuring that the required role is clearly identified and that there are no conflicts between roles.
3. Regularly remind individuals of their security responsibilities and monitor compliance with the procedures outlined in this document through periodic spot checks.
4. Pay close attention to any security advice provided by Orphex.
5. When authorizing remote work, ensure that individuals receive guidance on safeguarding data at home. This includes securely transferring and storing equipment and ensuring that data is not accessible to household members or visitors.
6. Ensure that any laptops used to access the Orphex Services are BIOS password-enabled and equipped with access control software, particularly if they contain personal data, and implement suitable storage measures such as data encryption.
8. Orphex Responsibilities and Liabilities
1. THE ORPHEX SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS ONLY. ORPHEX DOES NOT GUARANTEE THE ACCURACY, TIMELINESS, COMPLETENESS, PERFORMANCE, OR FITNESS FOR A PARTICULAR PURPOSE OF THE ORPHEX SERVICES OR ANY DATA HELD WITHIN. FURTHERMORE, ORPHEX DOES NOT WARRANT THAT THE ORPHEX SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE.
2. ORPHEX HAS TAKEN REASONABLE CARE TO ENSURE THE ACCURACY AND CURRENCY OF INFORMATION AVAILABLE THROUGH ORPHEX.CO. HOWEVER, ORPHEX ASSUMES NO LIABILITY FOR THE CONSEQUENCES OF ANY ACTION TAKEN BASED ON THIS INFORMATION. ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, COMPATIBILITY, SECURITY, AND ACCURACY, ARE EXCLUDED FROM THIS USER AGREEMENT TO THE EXTENT PERMITTED BY LAW.
3. WHILE ORPHEX ENDEAVOURS TO PROTECT THE ORPHEX SERVICES FROM DESTRUCTIVE FEATURES, WE DO NOT GUARANTEE THAT THE ORPHEX SERVICES ARE FREE FROM SUCH FEATURES AND ACCEPT NO LIABILITY FOR ANY DAMAGE RESULTING FROM THEIR TRANSMISSION. YOU ARE RESPONSIBLE FOR IMPLEMENTING ADEQUATE PROCEDURES AND VIRUS CHECKS TO ENSURE DATA ACCURACY.
4. ORPHEX IS NOT LIABLE FOR ANY LOSSES YOU MAY INCUR, INCLUDING INDIRECT, SPECIAL, OR CONSEQUENTIAL LOSSES, ARISING FROM THE USE OF THE ORPHEX SERVICES.
5. You are responsible for ensuring that Your computer system meets the necessary technical specifications to use the Orphex Services and is compatible with them.
6. Unless otherwise indicated, Orphex and/or its licensors own the copyright and all related intellectual property rights to the Orphex Services. Nothing on the Orphex Services grants any license or right under any patent, trademark, or other intellectual property owned by Orphex or its licensors.
7. Orphex reserves the right to suspend, restrict, impose conditions on, or cancel Your User account without notice, including for breaches of these Conditions of Use or attempts to access unauthorized services.
8. Orphex may monitor Your activities and edit or remove any content added under Your username on the Orphex Services.
9. Orphex reserves the right to report Your activities to Your organization's user administration staff and, if necessary, to relevant authorities for any infringements of current legislation.
9. Permitted Purposes
You are authorized to access the Orphex Services solely for the Permitted Purposes outlined in the Terms of Service.
10. Miscellaneous
1. You acknowledge that Your Organization reserves the right to take disciplinary action against You, including suspending Your user account, in the event of any breach of this User Agreement.
2. These Conditions of Use are individual to You and are entered into for Your own benefit, not for the benefit of any third party.
3. If Orphex makes changes to this User Agreement, Orphex will make reasonable efforts to notify You of such changes, such as prominently displaying the amended version on the Orphex Services. If You do not agree to the amended User Agreement, You should refrain from using the Orphex Services.
4. This Agreement is an integral part of the Terms of Service. Any provision not included in this Agreement shall be subject to the Terms of Service. In the event of any contradiction between the User Agreement and the Terms of Service, the User Agreement shall take precedence.