IdAMS Terms and Conditions (20th June 2013)

Welcome to the Chief Executive of Skills Funding Agency Identity and Access Management Service ("IdAMS"). To access IdAMS you must agree to the terms and conditions detailed below (the "Terms") governing how you access and use the service. You are required to accept the following Terms and Conditions which explain your obligations as a user of IdAMS. Users who do not accept the following conditions of use will not be granted access to IdAMS.

1. Definitions

References to "we", "us", "our” and “Agency” in these Terms and Conditions are to the Chief Executive of Skills Funding.

References to "you", "your" or "user" in these Terms and Conditions are to you as a user of the IdAMS Website and Services and means the party agreeing to the terms and conditions set out in this agreement.

"Access" means accessing, using, adding, modifying and updating applicable information in IdAMS;

"Account" means your account enabling you to use IdAMS and Relying Party services;

"Agreement" means this agreement;

“Codes of Connection” means an agreement on a baseline set of security controls organisations wishing to access our services must implement.

"Data" means the information relating to you and your business roles stored within IdAMS;

"IdAMS" means the Identity and Access Management Service that we make available to you to facilitate access to other Relying Party services;

"Logon Information" means the username and password provided to you in order to access IdAMS and Relying Party services;

"Our Material" means content, data and materials delivered to you as part of IdAMS (whether on a computer screen, in email or paper format) or contained in the Website, including the website design, text and graphics, and their selection and arrangement, and all software compilations, underlying source code and software;

"Relying Party services" means those ICT services that make use of IdAMS capabilities;

"Service" means IdAMS;

"Super User" means the individual in an organisation responsible for creating additional user accounts;

"Terms and Conditions" means the terms and conditions set out here;

"Third Party Content" means content and material belonging to a third party provider of products and/or services;

"Website" means https://secure.imservices.org.uk and any replacement website(s) we may use from time to time;

"Your Data" means information and data you have provided to us on or in connection with the Website and/or Services, which may from time to time include Personal Data as defined by the Data Protection Act 1998 (as amended).

2. About us

2.1 We are a partner organisation of the Department for Business, Innovation & Skills (BIS).

2.2 Our job is to fund and regulate adult further education and skills training in England. We are part of a network of organisations in the country who commission, manage and market training for adults.

2.3 Our Head Office is at Cheylesmore House, 5 Quinton Road, Coventry, CV1 2WT.

3. Important information about these Terms and Conditions

3.1 We intend to rely on these Terms and Conditions and it is our intention that you will be legally bound by them when you use IdAMS (including when using IdAMS to access Relying Party services). For your own benefit and protection you should read these Terms and Conditions carefully before accepting them. If you do not understand any point please contact the Helpdesk via email at servicedesk@thedataservice.org.uk.

3.2 We advise you to print these Terms and Conditions and keep a copy for your future reference.

3.3 You agree to comply with any amendments or additions to these Terms and also with any guidelines or policies relating to the use of IdAMS, which we may from time to time publish.

3.4 The laws of England and Wales apply to these Terms.

3.5 You agree to indemnify us against any losses, expenses, damages and claims which it may incur as a result of any failure by you to comply with your obligations described in these Terms.

3.6 You will adhere to the procedures laid down by your organisation in order to meet your organisation's obligations within relevant Organisation Codes of Connection.

4. IdAMS

4.1 Our Service is as described on the Website. You will have been directed to our Website by a Relying Party service who requires you to verify your identity in order to use the Relying Party service.

4.2 We seek to maintain a continuous presence for IdAMS, but do not guarantee continuous service and accept no liability for any interruptions to service. IdAMS is not guaranteed as error-free and is provided 'As Is'. We reserve the right (but not the obligation) without liability, to prevent your access to IdAMS and Relying Party services, and to make any deletions, amendments or additions to the Data at any time.

4.3 We may remove, suspend or amend the User's rights to access and use IdAMS and Relying Party services in the event of a breach of these Terms. Our decision in the event of such breach shall be final.

5. Registration and log-in details

5.1 To use IdAMS you must create an IdAMS account via the Website by entering information about yourself and following the procedures on the Website.

5.2 Where relevant, you agree to promptly provide your organisation's user administration staff with information (including personal information) as requested for the purposes of creating and maintaining your User account and to ensure that such information is true and accurate and up to date in all respects at the time it is provided and for the duration of your User account.

5.3 To log-in to your Account once it is created you will need to use your unique log-in details. You are responsible for keeping your log-in details confidential and they must not be shared. You must not allow any other person to use your Account and must keep confidential all passwords and security devices relating to your Account. All system activity is logged against the user name used to initiate it. You are responsible for any action taken in your name.

5.4 Passwords must be generated by you in a manner that makes them difficult for an unauthorised person to guess.

5.5 Passwords must be changed frequently to ensure that the confidentiality of the password continues to be maintained.

5.6 You must never divulge your password to any other person. Do not write it down in any form or in any location that might identify its purpose or significance.

5.7 Passwords (or PIN Numbers) must not be stored in a function key, in logon screens or a telephone memory. Passwords shall not be stored in a mobile device unless in an encrypted form.

5.8 You are fully responsible for all activities associated with your username and password. You must access IdAMS only with a valid and authorised user name and password, and only for a valid business reason.

5.9 Any other attempt to access IdAMS may be considered a security incident, and may lead to action being taken against you under the Computer Misuse Act 1990.

5.10 Never leave your workstation unlocked and unattended. When leaving it for a short period of time, lock it using [Ctrl-Alt-Delete] followed by [Lock Computer]. If your workstation will be unused for any length of time, log out of the system.

5.11 You must sign out from your Account at the end of each session.

5.12 You must change your password immediately if you suspect it has been compromised.

5.13 You must contact us as soon as possible if you believe that anyone has obtained your log-in details without your permission or if you become aware of any other breach of security on the Website.

5.14 We will not be responsible to you if there is unauthorised access to your log-in details or unauthorised activity on the Website, unless this is due to our negligence.

6. Use of the Websites and Our Material

6.1 All copyright, trade marks, database rights and other intellectual property rights that may exist in IdAMS, the Data and its content shall remain at all times our property or our third party licensors. The trade marks, service marks and logos used and displayed on IdAMS ("Trade Marks") are registered or unregistered trade marks of us or our third party licensors. Nothing in these Terms should be construed as granting, by implication or otherwise, any licence or right to use any Trade Mark without written permission from us or our third party licensors. Our name may not be used in any way, including in advertising or publicity pertaining to distribution of Data without our prior written permission.

6.2 You are prohibited to access and use, or allow others to access and use IdAMS to:

  • Conduct a personal business enterprise
  • Share operational details, such as commercial intelligence.
  • Conduct political activity and/or fund-raising
  • Distribute or receive unauthorised copyright materials
  • Make harassing or offensive statements, (including any debasement of race, sex, national origin, sexuality, age, disability, religious or political beliefs)
  • Make libellous or derogatory comments
  • Take any action which is unlawful
  • Take any action which would expose IdAMS or Relying Party services to viruses
  • Upload any files that contain any viruses, worms, Trojan Horses and other such destruction features; or
  • In any way damage, disable or impair the operation of IdAMS, or attempt to gain unauthorised access to IdAMS or to networks connected to it or applications relying upon it, by hacking, spoofing or other such similar means.

6.3 You are prohibited from violating or attempting to violate the security of IdAMS, including accessing data not intended for such User or logging into an account which such User is not authorised to access, attempting to probe, scan or test the vulnerability of a system or network or to breach security or authentication.

6.4 You must abide by the terms of the Data Protection Act 1998, The UK Computer Misuse Act 1990 and all appropriate copyright legislation.

6.5 We reserve the right to restrict access to any Data to certain groups of users.

6.6 You are not permitted (except where we have given you express permission to do so or you are otherwise permitted to do so by law) to use, copy, disseminate or transmit in any other way any of the Data on IdAMS.

6.7 You will endeavour to ensure that all information provided to IdAMS is accurate.

6.8 You will inform your organisation's IdAMS user administration staff immediately of any breaches of security.

6.9 You have read the guidelines for using IdAMS and have received adequate training in the use of IdAMS.

7. Privacy of Your Data

7.1 We take your privacy very seriously and we comply with the relevant provisions of UK data protection legislation. We will use any information given to us by you or collected by us during your use of the Website and Services only for the purposes specified.

7.2 If you have been directed to IdAMS by a Relying Party service who requires you to verify your identity in order to take a product or service that you have expressed an interest in taking, you acknowledge that at your request we will pass information on the results of your identity verification back to that Relying Party service. If, in the future you use your account to verify your identity to a different Relying Party service, you acknowledge that at your request we will pass information on the results of your identity verification back to that party too.

7.3 From time to time we may need to verify your identity again for security purposes. This may be due to the time which has passed since your identity was verified, because you have not accessed your account recently or if you have changed your name or employment (for example).

8. Additional Conditions for Organisation Super Users

8.1 Immediately withdraw access rights from staff who leave or no longer need access to services protected by IdAMS, and do not transfer them to another individual.

8.2 Ensure you have authorisation in writing for new user requests and that the required role is identified and that there is no conflict between roles.

8.3 Remind individuals of their security responsibilities periodically and monitor adherence to the procedures given in this document by carrying out spot checks periodically.

8.4 Comply with any security advice given by us.

8.5 You must ensure that any personal data obtained from IdAMS which you may wish to print or download is marked PROTECT and secured accordingly in a suitably locked cabinet when not in use.

8.6 You must encrypt zip files when sending these to us via e-mail or CD or other electronic media. Passwords must be communicated to us using a separate method of communication to the encrypted file, such as text, telephone or fax.

8.7 You must destroy personal data held on paper by shredding or placing it in an appropriate container for secure disposal.

8.8 You must not give out personal data when using mobile phones in public places or on any phone where there is a high chance that you will be overheard by unauthorised people.

8.9 You must treat all personal information within IdAMS as if it is marked as PROTECT and only show it to others that are authorised to see it.

9. Warranties and Disclaimers

9.1 Whilst we will endeavour to provide the Website and IdAMS with reasonable care and skill and to ensure that IdAMS is substantially as described on the Website and in these Terms and Conditions, we do not give any warranty to this effect.

9.2 While we try to ensure that the Website is functioning correctly, this may not always be achievable. We do not guarantee that the Website or IdAMS will be available all the time or at any specific time. They may be temporarily suspended if our computer systems used to provide the Website or IdAMS are under repair or maintenance or are otherwise unavailable.

9.3 We do not guarantee that the Website will be compatible with all or any hardware and software which you may use. For example, the Website may not display or operate correctly if you access it using a mobile phone or similar device.

9.4 We take steps to ensure that the Website and Our Material are free from computer viruses and other harmful computer programs. However, we cannot guarantee this due to the nature of the Internet. You are advised to use appropriate firewall and anti-virus software to protect your computer and data.

9.5 We use reasonable skill and care in the sourcing and supply of the information which is made available to you on or in connection with the Website or IdAMS. However we are not liable for any losses suffered by you as a result of any inaccurate or misleading information. In the case of information we obtain from third party sources (including the details supplied by you), we cannot guarantee that any of that information is correct, accurate, complete, error free or up-to-date.

9.6 Nothing provided by us on or in connection with the Website or IdAMS is, or shall be deemed to constitute financial, legal or other advice. The information we provide is not intended to be relied on by you in making (or refraining from making) any specific decision or to replace independent professional advice. Any and all information provided by us on or in connection the Website is for general information purposes only.

9.7 We will only use the information provided by you in line with these Terms and Conditions.

10. Our liability to you

10.1 Nothing in these Terms and Conditions excludes or limits our liability in respect of (a) death or personal injury, (b) our fraud, (c) any other matter which it would be illegal for us to exclude or limit or to attempt to exclude or limit our liability.

10.2 All warranties including those relating to accuracy, timeliness, completeness, performance or fitness for a particular purpose (either express or implied) are, to the full extent permitted by law, excluded. In addition, to the full extent permitted by law, in no event will we be liable for any loss suffered by you including, without limitation, any indirect or consequential loss, or any damages arising from loss of use, data or profits, whether in contract, tort or otherwise, arising out of or in connection with the use of IdAMS.

11. Ending the Services & Closing Your Account

11.1 You are free to stop using IdAMS at any time.

11.2 We may terminate or suspend your access to log-in areas of the Website and/or your use of IdAMS without notifying you if in our view there has been a serious failure by you to comply with your responsibilities in these Terms and Conditions (for example misuse of the Website or Our Materials or for fraud). If we do so, we may delete our records of your registration details and Your Data without liability to you.

12. Third Party Websites and Content

12.1 The Website may contain links to other websites and Relying Party services content in respect of products and services.

12.2 Relying Party services content and third party products and services available on the Website or linked to from the Website are subject to the separate terms and conditions and privacy policies of the relevant third party (in the case of privacy policies where the third party is collecting information from you, otherwise, where we collect information from you then our relevant privacy policies will apply).

13. Complaints and Assistance

13.1 In the unlikely event that you have cause to complain about IdAMS, our contact details can be found on the Website.

14. Changes to these Terms and Conditions

14.1 Sometimes, because of changes to the Website or IdAMS, changes in the law or our arrangements with third parties, we may have to make changes to these Terms and Conditions. You can tell when changes have been made by checking the version and date on which they were last modified indicated at the start of these Terms and Conditions. The latest version of these Terms and Conditions can be found at: https://secure.imservices.org.uk/terms

14.2 We will not notify you individually of any changes in these Terms and Conditions. It is therefore important that you check these Terms and Conditions regularly.

15. Other important information

15.1 We may in our discretion discontinue or modify the Website or IdAMS at any time. We will try to ensure that any modification does not materially adversely affect the nature of the IdAMS service provided to you.

15.2 Any notices we send to you will be sent to the most recent e-mail address or postal address provided to us by you.