Terms & Conditions of Software Use

This terms and conditions page (together with the documents referred to on it) informs you of the terms and conditions of use by which you may make use of our portal and email services as a registered user. Please read these terms of use carefully before you start to use the sites. By using our secure email and portal services and/or by ticking the relevant box on registration, you indicate that you accept these terms of use and that you agree to abide by them. If you do not agree to these terms of use, please refrain from using our services and contact your company administrator/payroll department.

For the purposes of these policies, the web application you use to access your secure documents or send your secure emails may be referred to a site/sites or websites.  Our website/s can also be branded to suit client requirements.  Therefore, a website powered by SSLPost may be branded with partner, reseller or your company logos, colours and names.

SSLPost is a registered trading name of SSLP Group Ltd, which is a limited company registered in England and Wales, Company Number 09280457.

  1. Information About Us and derivations such as and those operated for clients using their domain extensions for the purposes of delivering SSLP Group services under agreement or contract, are sites operated by SSLP GROUP LIMITED (“We”). We are registered in England and Wales under company number 09280457 and have our registered office at Suite 5, 116 Ballards Lane, London, N3 2DN. United Kingdom. Our VAT number is 228 214 819.

  1. Accessing our Site

Access to our sites is permitted on a temporary basis, and we reserve the right to withdraw or amend the service we provide on our sites without notice (see below). We will not be liable if for any reason our sites is unavailable at any time or for any period.

From time to time, we may restrict access to some parts of our sites, or our entire sites, to users who have registered with us.

If you choose, or you are provided with, a user identification code, unique URL,  password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time if in our opinion you have failed to comply with any of the provisions of these terms of use.

You are responsible for making all arrangements necessary for you to have access to our sites. You are also responsible for ensuring that all persons who access our sites through your internet connection are aware of these terms, and that they comply with them.

  1. Acceptable Use

You may use our sites only for lawful purposes. You may not use our sites:

  • In any way that breaches any applicable local, national or international law or regulation;
  • In any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect;
  • For the purpose of harming or attempting to harm minors in any way; or
  • To transmit or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam)

You also agree:

  • Not to reproduce, duplicate, copy or re-sell any part of our sites in contravention of the provisions of these terms;
  • Not to access without authority, interfere with, damage or disrupt;
    • any part of our sites;
    • any equipment or network on which our sites is stored;
    • any software used in the provision of our sites; or
    • any equipment or network or software owned or used by any third party.
  1. Intellectual Property Rights

We are the owner or the licensee of all intellectual property rights in our sites in their supplied form.  Those sites are protected by copyright laws and treaties around the world. All such rights are reserved.  The content added to the sites is provided by our clients with which we have an agreement or contract in place to provide a repository for those documents in order to present them to their desired recipients.

You may print off one copy and may download extracts of any page(s)or documents stored within our sites for your personal reference and you may draw the attention of others within your organisation to material posted on our sites at your own risk.

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

Our status (and that of any identified contributors) as the authors of material on our sites (as supplied), must always be acknowledged.

If you print off, copy or download any part of our sites in breach of these terms of use, your right to use our sites will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

You must not use any part of the materials on our sites, as provided, for commercial purposes outside the agreement we have with our client without obtaining a licence to do so from us or our licensors.

  1. Our Sites Changes Regularly

We aim to update our sites regularly and may change the content or layout at any time. If the need arises, we may suspend access to our sites, or close it indefinitely. Any of the material on our sites provided by our clients or as supplied to the client may be out of date at any given time, and we are under no obligation to update such material.

  1. Our Liability

The material displayed on our sites (as supplied) is provided without any guarantees, conditions or warranties as to its accuracy. To the extent permitted by law, we and other members of our group of companies hereby expressly exclude:

  • All conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity;
  • Any liability for any direct, indirect or consequential loss or damage incurred by any user in connection with our sites or in connection with the use, inability to use, or results of the use of our sites, any third party websites linked to it and any materials posted on it or on any third party websites , including, without limitation any liability for:

(i) loss of income or revenue;

(ii) loss of business;

(iii) loss of opportunity;

(iv) loss of profits or contracts

(v) loss of anticipated savings;

(vi) loss of data;

(vii) loss of goodwill;

(viii) wasted management or office time; and

(ix) for any other loss or damage of any kind, however arising and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable, provided that this condition shall not prevent claims for loss of or damage to your tangible property or any other claims for direct financial loss that are not excluded by any of the categories set out above.

Clause 6 does not affect our liability for death or personal injury arising from our negligence, nor our liability for fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable law.

  1. Information about you and your visits to our Sites

We process information about you in accordance with our  Privacy Policy. If you provide consent to your Data Controller for us to process your data, you warrant that all data provided by you, to them, is accurate. If you are a registered user, then we may also process your information in accordance with the applicable user agreement and related terms agreed with our client.

  1. Viruses, Hacking and other Offences

You must not misuse our sites by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our sites, the server on which our sites is stored, or any server, computer or database connected to our sites. You must not attack our sites using any form of attack that would result in damage, disruption or disablement of services.

By breaching this provision, you may commit a criminal offence under the UK Computer Misuse Act 1990. We may report any such breach to the relevant law enforcement authorities and co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our sites will cease immediately.

We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our sites or your downloading of any material posted on it or on any websites linked to it.

  1. Third party Websites

Where our sites contains links to websites provided by third parties, these links are provided for your information only. We have no control over the contents of those websites and accept no responsibility for them or for any loss or damage that may arise from your use of them. You access and accept any third party websites at your sole risk and discretion. You are solely responsible for any use of these websites and for any decision to accept or reject any offers via these websites. We do not recommend or endorse any third parties, their websites or any goods or services offered by them and cannot guarantee the availability or accuracy of any third party offers or goods and services linked to from our sites.

Please be aware that your use of any third party websites and acceptance of any third party offers is governed by that third party’s applicable policies which may be different from those on our sites. It is your responsibility to make sure that you have read and understood the third party’s policies before using any third party websites or accepting any third party offers.

  1. International Use

We make no representations that materials on the sites are appropriate or available for use in locations outside the United Kingdom and accessing the sites from territories where its contents are illegal or unlawful is prohibited. If you choose to access the sites from locations outside the United Kingdom, you do so on your own initiative and are responsible for compliance with local laws.

  1. Jurisdiction and Applicable Law

The English courts will have exclusive jurisdiction over any claim arising from, or related to, a visit to our sites although we retain the right to bring proceedings against you for breach of these conditions in your country of residence or any other relevant country.

These terms of use and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.

  1. Third party Rights

A person who is not a party to this Agreement shall have no right under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this Agreement, but this shall not affect any right or remedy of a third party which exists or is available apart from that Act.

  1. Variations

We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we made, as they are binding on you. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our sites.

  1. Call Recording

Please note; all calls may be recorded or monitored for training and quality purposes.

  1. Your Concerns

If you have any concerns about material which appears on our sites, please contact SSLPost by emailing

Privacy Policy

SSLP Group Limited take your privacy seriously. We are registered with the ICO.  Our registration reference number is  SSLP Group Ltd ZA154114.

For data relating to the delivery of epayslip, portal provision, edocuments and/or secure email solutions, we are the Data Processor.  Information provided to us by the Data Controller, as a result of an agreement to provide services, will only be processed for the purposes of fulfilling the requirements of the agreement.  The lawful basis for processing this type of data is Contractual Obligation.

Your data is held on servers within the UK and EU.  Your data is retained according to your organisation’s retention policy and removed only on specific instruction from the Data Controller.  Once instruction for data deletion is received in writing from the Data Controller, your data on the live system will be removed within 5 working days.  Data held on backup will be removed during the backup cycle of a further 90 days.

Your data will not be transferred to a country outside the EEA without express, written permission from your Data Controller and then only when appropriate safeguards are in place as required under UK data protection law.

We do not routinely share your private data with unauthorised third parties for the purposes of marketing or list brokering.  Your data is under the control of your Data Controller and processed in accordance with their request for us to provide services and solutions in a secure manner.

SSLP Group and Brexit

SSLP Group Ltd utilises datacentres in both the UK and Eire.  You can read our “appropriate safeguards” statement here. (pdf document)

In the case of no Adequacy Agreement being in place on June 2021, SSLP Group has, in place, an agreement with the Eire datacentre that enables the free flow of data between Processor (datacentre) and Client (SSLP Group Ltd) in the form of a GDPR Data Processing Addendum.

This is the statement from our Eire Datacentre providers:

Transfers from the EEA to the UK after the transition period. If no special arrangements for transfer are agreed between the UK and the EU, then customers wishing to transfer personal data from the EEA to the UK (including to our London Region) can rely on the Standard Contractual Clauses for the transfer. The Standard Contractual Clauses are a part of every AWS services agreement and are contained in our AWS Data Processing Addendum.

By visiting our website, you are accepting and consenting to the practices described in this policy.

Post Brexit data transfers from EU Data Controllers – advice for EU Data Controllers and clients sending data from the EU to the UK for processing

As a UK data processor, SSLP Group Ltd are reminding all Data Controllers based in the EU to ensure there is a Standard Contractual Clause (SCC) in place in the event that the EU does not put an Adequacy Agreement in place from June 2021.

As you are aware, there are currently no restrictions placed on the flow of data from the UK to the EU.  However, data flowing from the EU to the UK will require either an Adequacy Agreement or for the Data Controller to issue a standard contractual clause to the UK-based Data Processor for signature and agreement.

Here is the current advice from the Information Commissioner’s Office:

If you are a UK business or organisation that receives data from contacts in the EEA, you need to take extra steps to ensure that the data can continue to flow at the end of the transition period.

  • UK is committed to maintaining the high standards of the GDPR and the government plans to incorporate it into UK law alongside the Data Protection Act 2018 at the end of the transition period. UK businesses will be covered by the UK data protection regime.
  • The UK government has stated that transfers to the EEA will not be restricted. So if you send data from the UK to the EEA you will still be able to do so and you don’t need to take any additional steps.
  • If a business or organisation in the EEA is sending you personal data, then it will still need to comply with EU data protection laws. You will need to take action with them so the data can continue to flow.
  • For most businesses and organisations, SCCs (Standard Contractual Clauses) are the best way to keep data flowing to the UK. Use our SCC Interactive Guidance tool to help you.

The ICO website has many useful tools including an SCC tool that will produce the required document at the end.  The link to the tool is above.  Please forward the completed and signed SCC to DPO@SSLPOST.COM for countersignature by our DPO.

As the SCC has to be driven by the Data Controller, SSLPost will not be issuing these but countersigning and returning those sent by Data Protection Officers of clients based in the EU.

You may choose to wait until the final decisions and agreements have been made, anticipating the Adequacy Agreement will be issued.  However, in the case that this does not occur in a timely fashion, the SCC will ensure data can flow freely across borders.

 Information we may collect from you

We may collect and process the following data about you:

  • Information you give us. You may give us information about you by filling in forms on our websites including but not limited to, or other secure document delivery web application provided by SSLP Group to your business)(our sites, or our sites) or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our sites for secure email, edocument delivery or epayslip solutions, and when you report a problem with our sites or our solution, request us to contact you or otherwise contact us. The information you give us may include your name, address, email address, phone number.  For solution registration purposes, this may include national insurance number and/or payroll number and email.  Your primary Data Processor or Data Controller may also provide this information to us in order to resolve a query.
  • Information we collect about you. With regard to each of your visits to our web app, we may automatically collect the following information:
    • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, screen size, time zone setting, browser plug-in types and versions, operating system and platform;
    • information about your visit, including the full Uniform Resource Locators (URL); page response times, download errors, log in attempts, lengths of visits, page interaction information (such as scrolling, clicks and mouse-overs).
  • When using SSLP Group solutions, we do not routinely monitor your activity once logged in to view your documents.  However, activity data will be gathered for your company Administrator.  If your company has requested Google Analytics style data, this may also be recorded for analysis purposes by us for your company Administrator.  Please contact your Administrator to establish if this option has been activated.
  • Information we receive from other sources. We may receive information about you if you use any other websites we operate or other services we provide. We may also be required to work closely with other third parties, under contract (including, for example, business partners, sub-contractors, hosting, analytics providers, search information providers, information providers) and may receive information about you from them.

Uses made of the information

We use the information held about you in the following ways:

  • Information you give to us. We may use this information to carry out our obligations arising from any contracts entered into between you and us, us and your primary Data Processor (for instance, your payroll provider) or us and your Data Controller, or to ensure that content from our sites is presented in the most effective manner for you and for your computer.
  • Information we collect about you. We will use this information in one or more of the following ways;
    • to administer our sites
    • to provide services under a contract or agreement;
    • to improve our sites to ensure that content is presented in the most effective manner for you and for your computer;
    • to allow you to participate in interactive features of our services, when you choose to do so;
    • to provide your Data Controller with activity information, to enable them to manage the service we provide;
    • as part of our efforts to keep our sites safe and secure;
    • To confirm that you are a human not a bot;
  • Information we receive from other sources. We may combine this information with the information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Where providing services under contract or agreement, we may only process your data in a manner consistent with the contract or agreement.  SSLP Group Ltd employees will, from time to time, be required to access your data for legitimate business purposes in order to deliver our agreement under the contract, such as to assist you with a support query or to investigate or resolve an issue raised by you.  If you are an employer or a payroll bureau, your clients/employees will need to be made aware of this.

Exercising your rights

Where SSLP Group is the Data Processor.  If you are a user of our services, provided under contract, requests to revoke consent, requests to correct information held about you, requests to be deleted and requests for information must be sent to your company Data Protection Officer who will take the appropriate action and pass on that request to us, if required.

Other sites.  Our sites may, from time to time, contain links to and from the websites of our partner networks, and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

Accessibility Policy

SSLPost is a registered trading name of SSLP Group Ltd, which is a limited company registered in England and Wales, Company Number 09280457.

SSLP Group Ltd will make every effort for all pages on the sites to conform to at least Level 1 standard of the W3C’s Web Content Accessibility Guidelines. We will continue to make improvements and make sure the sites conform to these guidelines. SSLPost & SSLP Group Ltd are not responsible for the accessibility of any third-party websites which the sites may link to. With respect to the provision of services online we have implemented a number of features to make the sites easy to use, especially for users with disabilities. The following features improve navigation for text only browsers, screen reader users, and users of keyboard navigation.

  1. Style Sheets.   The sites uses Cascading Style Sheets (CSS) for visual layout. If your browser supports it, style sheets can be disabled or over-ridden to customise the appearance of the websites, to your preference.
  2. Tabbing Order.  We appreciate that not all people using our sites can use a mouse; we will ensure that all of our websites can be browsed in a logical manner using the Tab button. Pressing the ‘Tab’ key while on a web page will select the next link on the page. You can press ‘Tab’ repeatedly to get to the chosen link. The selected link is indicated by the dotted border around the link. Once your chosen link is selected, you can trigger it by pressing the ‘Enter’ key on your keyboard. You can move backwards through links by pressing ‘Shift’ + ‘Tab’ together.
  3. Font Size.  You can change the font size of each page to your preference through the browser.
    • In Internet Explorer, select ‘View’, then ‘Text Size’, and then your preferred size.
    • In Firefox press ‘CTRL +’ to increase font size and ‘CTRL -‘ to decrease. ‘CTRL 0’ will reset sizes to default.
    • In Chrome press ‘CTRL +’ to increase font size and ‘CTRL -‘ to decrease. ‘CTRL 0’ will reset sizes to default.
    • In Safari, select ‘View’, then ‘Text Size’, and then your preferred size.
    • In Opera, select ‘View’, then ‘Text Size’, and then your preferred size.
  4. Forms. Labels are used to assist access to form fields. All forms follow a logical tab sequence.
  5. Colours. The sites have been designed to be easy to read through its colour combinations. If you have any difficulty in reading parts of the sites, try increasing the font size, or try altering the visual appearance of your browser.
  6. Links. We have worked hard to ensure that our links are meaningful, and some links are explained in greater detail by using a title attribute, visible when hovering over the link.
  7. Scripting. JavaScript is necessary to use the site.  Flash may be used on the sites to enhance the experience of the user within the PDF viewer as a fallback mechanism. An effort will be made to make sure that if a user does not have the correct plug-in for Flash elements, it does not detract from the user accessing the core content of the websites
  8. Standards. The sites are built to HTML5 and CSS 3.0 standards. To ensure code quality and that standards are maintained we are committed to checking this on a regular basis.
  9. Browsers. We support only current evergreen browsers. The sites will function and look as intended in browsers that support these standards.

Please see your browser’s help documentation for further information.

Cookie Policy

Cookies are small text files that are used by our website to make our user’s experience more efficient. The current Cookie rules (more information), states that we can store cookies on your machine if they are essential to the operation of our site but that for all others we need your permission to do so. SSLP Group uses some non-essential cookies.

To learn more about cookies, including what they are, how they work and how to block them or delete them, please visit for detailed guidance.

The following information describes the cookies that SSLP Group currently use on this site and what we use them for:

Session Cookies

We use a session cookie to remember what you’ve been viewing and the actions you have taken.  If these are disabled, various functionalities of the site will be unavailable and you may not achieve the objective of your visit. More information on session cookies and what they are used for at

Persistent Cookies (Google Analytics and reCAPTCHA)

We may use Google Analytics, a popular web analytics service provided by Google, Inc. Google Analytics uses cookies to help us to analyse how users use the site. It counts the number of visitors and tells us things about their behaviour overall – such as the typical length of stay on the site or the average number of pages a user views.  We only use Google Analytics on sites provided under a contractural agreement if the client instructs us to.  Please contact your administrator/payroll department to find out whether Google Analytics has been requested as part of our agreement to provide services.

The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage. You can read more about how Google uses cookies here.

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google undertakes not to associate your IP address with any other data held by Google. You can find out more about Google’s position on privacy as regards its analytics service at

We also use reCAPTCHA to verify you are a human, not a bot.  This also sends information to Google to enable the function.  Your use of this is subject to Google Privacy Policy and Terms of Use.  reCAPTCHA enables us to provide an additional level of security when using the site to ensure that the site is not being accessed by bots.

We use CloudFlare as a caching frontend for our static CDN (website and webapp resources).  CloudFlare is one of the most popular DNS/caching proxy services on the Internet. CloudFlare might set some cookies to assist them with performance and security.

If you are happy to use our sites now that you know what cookies we use and what we use them for, please click the ‘Accept Cookies’ button in the pop up.

Managing cookies

If you wish to control which cookies are used or turn off cookies, you have the following options available to you:

  • Browse the sites using your browser’s anonymous usage setting which is called ‘Incognito’ in Chrome, ‘InPrivate’ for Internet Explorer or ‘Private Browsing’ in Firefox and Safari.
  • Not use the sites and delete all SSLPost cookies from your chosen Internet browser. To delete any cookies that are already on your computer, please refer to org for detailed guidance regarding your chosen browser. You will need to search in your cookie folders for ‘’ to find our cookies if you wish to perform a deletion.

How can I control my cookies?

Browser controls

You can use your web browser to:

  • delete all cookies;
  • block all cookies;
  • allow all cookies;
  • block ‘third-party’ cookies (ie, cookies set by online services other than the one you are visiting);
  • clear all cookies when you close the browser;
  • open a ‘private browsing’ / ‘incognito’ session, which allows you to browse the web without recording your browsing history or storing local data such as cookies (you should however be aware of the limitations of this feature in a privacy context); and
  • install add-ons and plugins that extend browser functionality.

Where to find information about controlling cookies:

PLEASE NOTE:  Not accepting the cookies will prevent us from learning about visitor behaviour that helps us improve your visit experience. It may also render areas of the websites unusable or prevent us from fulfilling our contractual obligations.  Disallowing cookies when using our solutions, may prevent your administrator from managing aspects of the solution.  Please contact your administrator to discuss cookies.