Terms of Service

Paul Avalon Trading as Avalon Data

Effective Date:

Governing Law: England and Wales

1. The Scope of Service

Avalon Data ("we", "us") provides independent compliance gap analysis, specifically the 140-Point Essential Shield Audit.

Independent Status: We act as an independent professional consultancy. We are not a law firm, and our services do not constitute legal advice under the Legal Services Act 2007.

No Regulatory Guarantee: While our audits aim for Substantial Compliance, we do not guarantee that our recommendations will prevent regulatory action by the SRA or ICO. Final accountability remains with the Client's COLP/COFA.

2. Client Obligations

To perform an accurate audit, the Client agrees to:

  • Full Disclosure: Provide truthful and complete access to digital assets and internal policies.
  • Point of Contact: Appoint a COLP or Senior Partner as the primary liaison.
  • Implementation: Acknowledge that "Substantial Compliance" is only achieved upon the full implementation of remediations suggested in the Audit Report.

3. Intellectual Property (IP) Protection

Avalon IP: The 140-Point Essential Shield Audit Methodology, including all scoring algorithms, proprietary checklists, and the "Compliance Shield" branding, is the exclusive property of Avalon Data.

Limited License: Upon full payment, the Client is granted a non-transferable license to use the Avalon Compliance Certificate for professional indemnity insurance (PII) renewals and client assurance for a period of 12 months.

Prohibitions: Clients may not reverse-engineer, resell, or distribute our audit methodology to third parties.

4. Limitation of Liability

The "Fees Paid" Cap: To the maximum extent permitted by law, Avalon Data's total liability for any claim (whether in contract or negligence) shall be limited to 100% of the fees paid by the Client for the specific audit in question.

Exclusion of Indirect Loss: We are not liable for "consequential losses," including lost profits, loss of reputation, or fines issued by regulators (SRA/ICO).

Insurance: We maintain Professional Indemnity Insurance (PII) appropriate for a compliance consultancy.

5. Data Processing (Article 28)

When we audit your files, we act as a Data Processor. In line with Article 28 of the UK GDPR:

  • Purpose: We process data only on your documented instructions to perform the audit.
  • Confidentiality: All Avalon staff are bound by strict statutory and contractual confidentiality duties.
  • Deletion: Upon completion of the audit and issuance of the certificate, we will delete all client-identifiable data within 30 days, unless required by law to retain it.

6. Termination & Fees

Payment: Fees for the Essential Shield Suite are payable in advance or within 7 days of the audit date.

Termination: Either party may terminate the agreement on 14 days' written notice. Fees for work already completed remain payable in full.

Contact Us

If you have any questions about these Terms of Service, please contact us: