Supplier Terms and Conditions

1.     Applicability of these Terms

By providing goods or services to Basis Research Group Ltd (“Basis”) and any of its direct or indirect subsidiaries and affiliated companies (“we”, “our”), or by accepting or performing against any purchase order issued by us, you (“Supplier”) agree that these Supplier Terms and Conditions (“Terms”) shall apply to and govern our relationship. These Terms apply to all goods and services provided to us, unless a separate Supplier Services Agreement signed by both parties expressly overrides them.

If you are entering into these Terms on behalf of a company or other legalentity, you represent and warrant that you have authority to bind such entity, its affiliates and personnel to these Terms, in which case “Supplier”, “you” and “your” refer to that entity. If you do not have such authority, you mustnot accept any purchase order from us or provide goods or services to us.

We may update these Terms from time to time by posting an updated version on our website or notifying you in writing. The updated Terms will apply to all subsequent purchase orders and engagements unless otherwise agreed in writing.

2.     Definitions

“Applicable Data Protection and Privacy Laws”: all laws and regulations relating to the protection of personal data and privacy, including, without limitation, the General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA), the California Consumer Privacy Act (CCPA), and any similar laws in any jurisdiction, whether currently in force or enacted in the future.

“Contract”: these Terms, including the SOW and any other documents referenced therein.

“Data Controller”: The entity that determines the purposes and means of processing Personal Data (typically ).

“Data Processor”: The entity that processes Personal Data on behalf of the Data Controller (usually you, the Supplier).

“Personal Data” means any information relating to an identified or identifiable natural person, as interpreted in accordance with Applicable Data Protection and Privacy Laws.

“Services”: the services to be provided, as detailed in the Statement of Work (“SOW”), Purchase Order, or any other type of agreement.

3.     Change Control

Any changes to the scope or terms of the services, including cost adjustments, must be agreed upon in writing. If either party wishes to alter these Terms, a written order or amendment must be issued and agreed upon.

4.     Security and Access to Premises

  • You will have access to our premises only for the purpose of fulfilling your contractual obligations.
    • You must follow our security protocols and ensure that your staff have completed necessary security checks before entering our premises.
    • We retain the right to refuse access to anyone whodoes notmeet oursecurity standards.

5.     Intellectual Property Rights

  • All intellectual property created during the provision of services, including reports, data, designs, and analyses, will remain the property of Basis.
    • You shall not use our intellectual property for purposes other than performing your obligations under these Terms.

6.     Data Protection and Privacy

6.1. General Data Processing Obligations


  • You will process Personal Data only as necessary to perform the services outlined in these Terms and in accordance with a signed Data Processing Agreement, and not for any other purpose unless required by law.
    • You will assist us in enabling and respecting the rights of data subjects (or equivalent individuals) under all Applicable Data Protection and Privacy Laws, including rights to access, correct, delete, restrict, port, and object to processing.
    • You must implement appropriate technical and organisational measures to protect the Personal Data you handle, designed to ensure a level of security appropriate to the risk.
    • You may not engage any sub-processors to handle Personal Data without our prior written consent, and any sub-processor you engage must be bound by written obligations no less protective than those set out in these Terms and must comply with all Applicable Data Protection and Privacy Laws.

6.2. GDPR / UK GDPR: Processor Obligations

Where the GDPR and/or UK GDPR apply, the Supplier acknowledges and agrees that it will act as a “processor” on behalf of Basis and shall:

  • Process only on instructions: process Personal Data only on documented instructions from Basis, including with respect to international transfers, unless required by applicable law (in which case you must notify Basis before processing, unless legally prohibited).
    • Confidentiality: ensure all persons authorised to process Personal Data are subject to confidentiality obligations.
    • Security measures: implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
    • Sub-processor authorisation: not appoint another processor without prior written authorisation from Basis and ensure sub-processors are bound by obligations no less protective than those in these Terms.
    • Assistance with rights and compliance: assist Basis in responding to data subject requests and in meeting our obligations under Applicable Data Protection and Privacy

Laws relating to security, breach notification, data protection impact assessments, and prior consultation with supervisory authorities.

  • Breach notification: notify Basis without undue delay, and in any event within 24 hours, upon becoming aware of a Personal Data Breach.
    • Return or deletion of data: at the end of service provision, delete or return all Personal Data and copies, unless retention is required by law.
    • Demonstrating compliance: make available all information necessary to demonstrate compliance and allow for audits or inspections by Basis or its designated auditor.

6.3. CCPA / CPRA: Service Provider Status

Where the CCPA/CPRA applies, the Supplier shall act as a “service provider” as defined under the CCPA and shall not:

  • sell or share Personal Information
    • retain, use, or disclose such Personal Information for any purpose other than performance of the services under these Terms
    • retain, use, or disclose such Personal Information outside the direct business relationship between the Supplier and Basis
    • combine such Personal Information with other Personal Information it receives from or on behalf of another person or collects from its own interactions with the consumer, except as expressly permitted by the CCPA.
    • The Supplier shall promptly notify Basis if it determines it can no longer meet its obligations under the CCPA.

6.4. California Delete Act (DROP) Obligations

Where applicable, including where the Supplier is a registered data broker under California law, the Supplier must comply with the California Delete Act (“DROP”) by:

  • Supplier’s obligation: connecting to DROP and processing deletion requests in accordance with the CCPA and DROP, ensuring personal data is deleted and remains deleted every 45 days from the date of the request.
  • Due diligence for subcontractors: ensuring subcontractors who are data brokers also comply with DROP requirements.
    • Notifications: immediately informing Basis if any conflict arises between a DROP deletion request and the services provided, and ensuring no personal data is supplied to Basis that should have been deleted under DROP.
    • Consequences of non-compliance: acknowledging that non-compliance could cause Basis to breach applicable laws, creating compliance and reputational risks.
    • Effective dates: DROP will be fully implemented and required by 1 January 2027. Data brokers must connect to DROP and process deletion requests from 1 August 2026.

7.     Use of Data

The Supplier acknowledges that any data provided by Basis (“Data”) is provided solely for the purpose of fulfilling the Supplier’s obligations under these Terms.

The Supplier agrees that, regardless of whether the Data is anonymised, aggregated, or de-identified, it will not use the Data for any purpose other than as expressly stated in these Terms. This includes, but is not limited to, using the Data for the Supplier’s own research, analysis, AI training, or any other commercial or non-commercial purposes.

The Supplier further agrees that it will not retain, reuse, or repurpose any Data, whether in its original, anonymised, aggregated, or de-identified form, for any other purpose outside the scope of these Terms or after the termination or expiration of these Terms, without explicit, prior written consent from Basis.

8.     Confidentiality

You agree to keep all information related to the services, including but not limited to data, research, and business strategies, confidential. Confidential information may only be disclosed with our permission or as required by law.

9.     Payment Terms

  • Invoices should be submitted monthly and will be paid within 60 days from the end of the month (EOM) in which avalidinvoice is received, subject to theservices being completed to our satisfaction.
    • VAT, if applicable, must be shown separately on all invoices.
    • Payments may be subject to deductions for any sums owed to us under these Terms.

10.    Audit and Record Keeping

The Supplier must maintain accurate and complete records relating to the goods and services provided under these Terms. Such records must be retained for a minimum of six (6) years after completion of the relevant services or delivery of goods. This obligation is to ensure compliance with applicable law, tax and audit requirements, and to enable either party to resolve any queries or disputes that may arise during that period. Records must be made available to us on reasonable request.

11.    Compliance and Ethical Standards

11.1. Anti-Bribery and Corruption

The Supplier must, and must ensure that its directors, employees, agents, subcontractors and other representatives:

  1. Prohibit bribery: not engage in, authorise, offer, promise, give or receive any bribe, facilitationpayment,kickback or otherimproperadvantage in relation to any business with us.
    1. Comply with laws: comply with all applicable anti-bribery and anti-corruption laws and regulations, including (where relevant) the UK Bribery Act 2010 and the U.S. Foreign Corrupt Practices Act.
    1. Maintain controls: have adequatepolicies, procedures and training to prevent bribery and corruption in their business and supply chains.
    1. Notify us: promptly inform us if they become aware of any actual or suspectedbreach of this clause.
  1. Support cooperation: provide us with reasonable information to demonstrate compliance if requested.
    1. Any breach of this clause will be considered a material breach of these Terms and may result in immediate termination of our relationship.

11.2. Anti-Slavery and Human Trafficking

The Supplier must, and must ensure that its own suppliers, contractors and agents:

  1. Prohibit forced labour: not use or permit any form of slavery, servitude, forced or compulsory labour, or human trafficking.
    1. Provide fair working conditions: ensure that all work is voluntary, workers are free to leave theiremployment,and allapplicable wage, hourandworkingcondition laws are complied with.
    1. Maintain controls: have policies and procedures in place to prevent modern slavery and human trafficking in their business and supply chains, and provide training where appropriate.
    1. Notify us: promptly inform us if they become aware of any breach or suspected breach of this obligation.
    1. Support cooperation: provide us with reasonable information to demonstrate compliance if requested.

Any breach of this clause will be considered a material breach of these Terms and may result in immediate termination of our relationship.

11.3. Compliance with Law

You must comply with all Applicable Data Protection and Privacy Laws, and local laws regarding data protection, information and general security, and confidentiality, where applicable (see Section 6).

12.    Indemnity and Insurance

  1. You agree to indemnify us against any claims, losses, or damages resulting from your negligence or breach of these Terms.
  1. You must maintain adequate insurance coverage, including employer’s liability and public liability insurance, with a minimum coverage of £1 million or equivalent.

13.    Termination

We may terminate these Terms if:

  1. There is a material breach of these Terms that remains uncorrected within 30 days of notice, or
    1. You become insolvent, bankrupt, or undergo any legal process that impairs your ability to fulfil the contract, or
    1. You fail to comply with relevant laws, including data protection and privacy laws, or
    1. For convenience, either party may terminate these Terms with 30 days’ notice. Upon termination, you must return or securely delete any Personal Data we have provided to you and cease all services under these Terms.

14.    Sub-contracting and Assignment

You may not assign or subcontract any part of the services without our prior written consent. If subcontracting is permitted, you must ensure that your subcontractor complies with all obligations under these Terms, including those related to data protection.

15.    Dispute Resolution

Any disputes arising under these Terms will first be addressed through good faith negotiation. If the dispute cannot be resolved, the matter will be referred to arbitration in accordance with the laws of the jurisdiction in which we are based. The seat of arbitration will be in England & Wales.

16.    Governing Law

These Terms will be governed by and construed in accordance with the laws of England and Wales, and the parties submit to the exclusive jurisdiction of the courts of England and Wales.

17.    Miscellaneous

  1. Headings: the section headings are for convenience only and do not affect the interpretation of these Terms.
    1. Force majeure: neither party will be held liable for failure to perform obligations due to events beyond their control (e.g. natural disasters, government actions).
    1. Entire agreement: this document represents the entire agreement between the parties and supersedes any prior agreements or discussions.

Basis

Consumer

B2B

Health

Studio

Ideas (AI)

Multi-colored letter b's laying stacked on their side
Stylized C for consumers
b2b icon
3D H icon for Health
studio icon
Black I icon for ideas with glowing white markings

The global insight consultancy that digs deeper, challenges assumptions, and turns uncertainty into real business results.

Learn more

Basis Consumer helps brands decode what drives behavior, predict future shifts, and turn research into a competitive advantage.

Learn more

Basis B2B helps brands navigate long sales cycles, niche audiences, and high-stakes decisions with speed and precision.

Learn more

Basis Health helps pharma, biotech, and med device companies translate complex data into strategic clarity—fast.

Learn more

Bring your insights to life with executive-ready creative. We craft high-impact deliverables that go beyond reports, ensuring your insights are acted upon.

Learn more

Basis Ideas builds bespoke data ecosystems to surface early signals, uncover hidden opportunities, and fuel bold moves. It’s innovation strategy, backed by intelligence your competitors don’t have.

Learn more