onTerms.org

Data Licensing

topic
refonterms:data:1.0.0:EW
urlhttps://onterms.org/t/data/1.0.0/EW
urnurn:onterms:data:1.0.0:EW:sha256-cfd16d2335b55091a45c894f9f76c8ae3c250ab8b2f53fe683782f592ada7e46
sha-256sha256:cfd16d2335b55091a45c894f9f76c8ae3c250ab8b2f53fe683782f592ada7e46

Incorporation clause

This Order incorporates by reference the onTerms Standard Terms onterms:data:1.0.0:EW, available at https://onterms.org/t/data/1.0.0/EW and verifiable against SHA-256 sha256:cfd16d2335b55091a45c894f9f76c8ae3c250ab8b2f53fe683782f592ada7e46. Each party acts in the course of its business and not as a consumer.

Adopt-verbatim. The only negotiable surface is the typed Elections. The body is pinned by the hash above. Re-hash the canonical envelope offline to verify it has not changed.

onTerms Data Licensing Module v1.0 (Standard Terms, England & Wales)

onterms:data:1.0.0:EW · Status: v0.9 DRAFT. Not legal advice.

For commercial licensing of datasets and data feeds by data vendors to business licensees: the GRANT (what data, what use, exclusivity, redistribution, derived data, royalty), as distinct from onDPA which covers the data-PROTECTION layer. This is onDPA's commercial twin, not a duplicate. Targeted at the SMB and mid-market data-vendor long tail; the largest bespoke AI-lab corpora deals are out of scope and drop out to a human. Immutable adopt-verbatim body; the negotiable surface is the typed Elections; composes with CORE, onDPA (onterms:dpa:1.0.0:EW) and the dispute module (onterms:dispute:1.0.0:EW). Capitalised terms from the Dictionary.

0. B2B-only

Each party acts in the course of business (a data vendor as Licensor and a business Licensee), gated by a registry-verified RegistryAttestation at enrolment (spec/verifier.md §V2), not a cosmetic checkbox. This module is never used to license data to a consumer.

1. The Licensed Data (pinned by content hash)

1.1 The Order identifies the Licensed Data: the dataset or feed the Licensor licenses, described by name, schema and scope, and pinned by content hash (the sha256: digest of the agreed Licensed Data Snapshot, the canonical pinned bundle). The content hash is the canonical identifier of what was licensed: it fixes provenance and resolves later disputes about which data the grant covered. 1.2 For a static dataset the Snapshot is the single licensed artefact. For a feed, the Snapshot pins the agreed starting state and the Order's schema definition; each later increment supplied under the elected refresh cadence is part of the Licensed Data on delivery. 1.3 A change to the dataset schema, fields or population beyond the Order's described scope is a new Licensed Data, not a unilateral expansion of this grant.

2. Grant and permitted purpose

2.1 Subject to payment and to these terms, the Licensor grants the Licensee a licence to access and use the Licensed Data solely for the elected Permitted Purpose. The grant is non-transferable except as CORE permits on assignment, and is limited to the Licensee and its Affiliates and Authorised Users acting for the Licensee. 2.2 Permitted Purpose is one of: internal_analytics (internal business analysis, no external product), build_into_product (incorporating the Licensed Data or its features into the Licensee's own product or service), ai_training (using the Licensed Data to Train, fine-tune or evaluate the Licensee's models), or resale_of_insights (selling derived insights, distinct from reselling the Licensed Data itself, which is governed by clause 3). 2.3 Use outside the Permitted Purpose is outside the grant. A purpose the parties want that does not fit the closed taxonomy is a non-standard term that drops out to a human, not an open Election.

  • data.permittedPurpose · enum {internal_analytics, build_into_product, ai_training, resale_of_insights} · internal_analytics

3. Exclusivity and redistribution

3.1 Exclusivity is non_exclusive by default. exclusive binds the Licensor not to license the same Licensed Data to others within the Order's scope (purpose, field, territory and term as stated); it is read down to what is reasonable to protect the Licensee's legitimate interest, and an exclusivity wider than the Order scope is non-standard and drops out to a human. 3.2 Redistribution is off by default: the Licensee may not resell, sublicense, syndicate, publish or onward-supply the Licensed Data as such. Where redistribution is elected on, it is confined to the Permitted Purpose and the Order's scope and flows these terms down to recipients. 3.3 Redistribution of raw Personal Data is never authorised by this clause alone; it remains gated by onDPA and Mandatory Law (clause 7).

  • data.rights.exclusivity · enum {non_exclusive, exclusive} · non_exclusive
  • data.rights.redistributionPermitted · bool · false

4. Derived data ownership

4.1 Derived Data means the outputs, models, insights, aggregates and analyses the Licensee generates from the Licensed Data, distinct from the Licensed Data itself. Ownership of Derived Data is elected: licensee (default), licensor, or shared. 4.2 Whichever applies, the Licensor retains all IP Rights in the underlying Licensed Data; no Election transfers ownership of the Licensed Data, only of what is newly created from it. 4.3 Derived Data that still contains or can re-identify Personal Data from the Licensed Data remains subject to onDPA regardless of which party owns it.

  • data.derived.ownership · enum {licensee, licensor, shared} · licensee

5. Refresh and update cadence

5.1 The Licensor supplies updates to the Licensed Data at the elected cadence: one_off (a single pinned Snapshot with no update duty), monthly, weekly, daily or realtime (feed). 5.2 For a recurring cadence the Licensor uses reasonable efforts to deliver each increment on schedule; a transient delay is not a breach of warranty. 5.3 Each increment is supplied under the same grant, Permitted Purpose and scope as the Snapshot, and is part of the Licensed Data on delivery.

  • data.refresh.cadence · enum {one_off, monthly, weekly, daily, realtime} · one_off

6. Fees and royalty

6.1 Fees are stated in the Order under the elected fee model: flat_fee (one-off), subscription (recurring), or per_record (by volume accessed or delivered). 6.2 Undisputed invoices are payable within the CORE payment terms; overdue B2B debt carries interest under the Late Payment of Commercial Debts (Interest) Act 1998. 6.3 Where the Order states a royalty (for example a share of resale_of_insights revenue), the Licensee keeps reasonable records and the Licensor may audit them on reasonable notice, no more than once a year, at the Licensor's cost unless a material under-report is found.

  • data.fee.model · enum {flat_fee, subscription, per_record} · subscription

7. Data protection (onDPA rides above)

7.1 Where the Licensed Data contains Personal Data, onDPA governs the protection layer and is incorporated by reference; this module governs only the commercial grant. The parties confirm their onDPA roles (commonly controller-to-controller on a data sale, or controller-to-processor where the Licensor supplies on the Licensee's instructions) in the Order or onDPA. 7.2 Nothing in this module authorises any Processing that lacks a lawful basis, and no Election switches off, waters down or contracts out of onDPA or Mandatory Law: where this module and the protection layer conflict on Personal Data, onDPA and Mandatory Law prevail and the conflicting words are read down. 7.3 The Permitted Purpose, exclusivity, redistribution and derived-data Elections operate subject to the protection layer; an elected commercial freedom never enlarges what may lawfully be done with Personal Data.

8. Warranties (provenance and right to license; accuracy disclaimer)

8.1 Provenance and right to license. The Licensor warrants that it has the right to license the Licensed Data for the Permitted Purpose, that to its knowledge the Licensed Data was lawfully collected and, where it contains Personal Data, that an appropriate lawful basis exists for supplying it for the elected purpose, and that the Licensed Data does not, to the Licensor's knowledge, infringe a third party's IP Rights. 8.2 Accuracy and fitness disclaimer. Except for clause 8.1, the Licensed Data is provided as is: the Licensor does not warrant that it is accurate, complete, current, error-free or fit for a particular purpose, and the Licensee is responsible for validating it before relying on it. 8.3 This clause does not exclude any liability that cannot lawfully be excluded (clause 9 and the overlays).

9. Term, termination and effect; liability (CORE)

9.1 Term and termination run per CORE; either party may terminate for uncured material breach, and the Licensor may suspend or terminate for use outside the Permitted Purpose or breach of clause 3. On termination accrued Fees remain payable. 9.2 Effect of termination. The Licensee ceases all use of the Licensed Data and, where deletionOnTermination is on (default), deletes the Licensed Data and any copies not separately licensed, certifying deletion on request; survival of a pinned Snapshot lawfully built into a deployed product before termination is addressed in the Order, not by silent retention. 9.3 onDPA deletion handoff. Where the Licensed Data contains Personal Data, the deletion or return obligation is performed under onDPA's end-of-Processing obligations, which override clause 9.2: even if deletionOnTermination is set off for the commercial copy, onDPA's deletion-or-return duty for Personal Data still applies and cannot be switched off. Derived Data ownership (clause 4) survives termination, subject to clause 7.3. 9.4 Liability, CORE architecture, fee-scaled. General cap = the greater of (a) the elected multiple x the charges paid and payable under the relevant Order and (b) the monetary floor. The monetary floor is one-directional: it raises the cap only on claims brought by the small Licensor, and is never the Licensor's own exposure ceiling; the Licensor's exposure tracks the multiple x Order charges. 3x super-cap for data and security incidents; fixed uncapped carve-outs (death or personal injury by negligence, fraud, the IP indemnity, breach of confidentiality, the payment obligation); consequential loss excluded both ways. 9.5 Disputes per the dispute module; governing law England & Wales (CORE allowlist default).

  • data.termination.deletionOnTermination · bool · true (hands off to onDPA when Personal Data is in scope)

Elections (consolidated)

Path Type Allowed Default
data.permittedPurpose enum internal_analytics, build_into_product, ai_training, resale_of_insights internal_analytics
data.rights.exclusivity / .redistributionPermitted enum / bool non_exclusive, exclusive / t-f non_exclusive / false
data.derived.ownership enum licensee, licensor, shared licensee
data.refresh.cadence enum one_off, monthly, weekly, daily, realtime one_off
data.fee.model enum flat_fee, subscription, per_record subscription
data.termination.deletionOnTermination bool t-f true
data.liability.capMultiple enum 1, 1.5, 2, 3 1
data.governing_law enum (CORE allowlist) EW, US-NY, US-DE, IE, NL, FR, DE, SC, NI EW

Hard-coded E&W overlays (not Elections)

onDPA governs the protection layer for any Personal Data and rides above this commercial grant; no Election switches off, waters down or contracts out of onDPA or Mandatory Law (Processing without a lawful basis is never authorised, and the onDPA deletion-or-return duty survives whatever deletionOnTermination is set to). The provenance and right-to-license warranty cannot be disclaimed; the accuracy disclaimer cannot exclude non-excludable liability. CRTPA 1999 excluded; death or personal injury by negligence and fraud never excluded; UCTA-reasonable mirrored caps with a one-directional floor (raises the small Licensor's claim cap, never its exposure ceiling); uncapped carve-outs (IP indemnity, confidentiality, payment); Late Payment Act applies; governing law E&W default; composes with CORE, onDPA and the dispute module.