READ THIS CONTRACT CAREFULLY. BY CLICKING THE “ACCEPT” BOX YOU ARE AGREEING TO ENTER INTO THIS AGREEMENT FOR IDM GLOBAL, INC. (“IDM”) SERVICES (“AGREEMENT”) IN AN ONLINE ELECTRONIC FORMAT AND TO BE BOUND BY ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, TO THE EXCLUSION OF ALL OTHER TERMS. THIS IS A LEGAL AGREEMENT BETWEEN IDM AND YOU (“YOU,” “CLIENT”) FOR THE USE OF IDM’S SERVICES. IF THE TERMS OF THIS AGREEMENT ARE CONSIDERED AN OFFER, ACCEPTANCE IS EXPRESSLY LIMITED TO SUCH TERMS. IDM DOES NOT AUTHORIZE THE USE OF THE SERVICE UNTIL YOU HAVE AGREED TO BE BOUND BY THE TERMS OF THIS AGREEMENT BY CLICKING ON THE "I ACCEPT THE TERMS OF THE SERVICES AGREEMENT" RADIO BUTTON BELOW. IF YOU DO NOT UNCONDITIONALLY AGREE TO ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT, CLICK THE “CANCEL” BUTTON BELOW.
1. SERVICE AND SUPPORT
IDM Solution. IDM provides certain software and services (“IDM Services”) to evaluates various elements of Client’s customer’s (“Customer”) information (“Transaction Data”), including, but not limited to, full name, address, phone number, email address and ID information for the purpose of to assess the likelihood that a Customer owns the information that is presented as part of an identity validation process (e.g. a KYC process). The assessment is based on IDM’s own database of identities and reputation, as well as a mix of third party data sources. The assessment follows a “Risk Based Approach”. The definition of risk and the overall assessment are based on a set of rules and parameters specified in the IDM platform.
The IDM Service provides the option of three levels of authentication:
A. Basic. The Service checks for location based on IP address, performs sanctions screening, and checks for nefarious funds if in BTC or ETH.
B. IDV Validation. In addition to the “Basic” features, and depending on the Customer’s country in which the Customer is located, the Service checks for identity matching parameters, such as the match between name, address, phone and email. The Service may also perform social network and deep/dark web analysis.
C. ID DV. In addition to the “IDV Validation” features, and depending on the country in which the Customer is located, the Service includes document verification.
D. 4D ID. In addition to “ID DV” features, and depending on the country in which the Customer is located, the Service includes Selfie test.
The IDM Service can be accessed through APIs or through the “KYC Plugin”. The KYC Plugin is a software that can be embedded into a web application that guides Client’s Customers through the data acquisition process of KYC Transaction Data. It evaluates the data collected, presenting the results based on the set of rules specified in the IDM system.
IDM reserves the right to make changes in the IDM Service from time to time provided, however, no changes will reduce the features or functionality in any material respects. In addition, IDM will provide no less than fifteen (15) days prior written notice for changes that could impact negatively Client’s operation, except for urgent maintenance and support changes that are critical patches or required to improve the availability or robustness of the Services.
1.2Additional Services. IDM offers certain Additional Services which are complimentary services to the IDM Service as identified in IDM’s Platform User Interface (“IPUI”). Certain of the Additional Services include additional terms and conditions of service (“Third Party Terms”) which supplement this Agreement and are set forth in the IPUI and are incorporated herein by reference. In the event of a conflict between the terms of this Agreement and the Third Party Terms, the Third Party Terms shall control with respect to the Additional Services.
1.3Client Support. IDM will provide Client access to IDM’s professionals for Client support to resolve maintenance and support issues relating to Client’s use of the Service. Telephone support to IDM’s help desk is available Monday through Friday from 9:00 am Pacific Time to 5:00 pm Pacific Time (“Business Hours”). One hour email response is available for critical issues during Business Hours and next business day email response is available for non-critical maintenance and support issues and critical issues raised outside of Business Hours by contacting IDM’s help desk at helpdesk@IdentityMind.com . IDM shall use its reasonable commercial efforts to expeditiously resolve maintenance and support issues relating to Client’s use of the Services.
1.4 Updates and Additional Features. Included with the IDM Services are any corrections, modifications and enhancements (“Updates”). IDM may incorporate the Updates to the IDM Services at any time and from time to time without prior notification of Client. Additional features to the IDM Services may be added by IDM from time to time (“Additional Features”). Client shall have the option of accepting such Additional Features if such Additional Features involve additional fees and/or entering into a new agreement.
1.5 Service Level Agreement. IDM’s service level agreement for the IDM Services and those service level agreements for the Additional Services are set forth in the IPUI and are incorporated herein. Claims under the Additional Services service level agreements shall relate solely to the applicable Additional Service.
1.6Client Data Retention. IDM retains data associated with Client’saccess of information sent by Client to IDM and actions performed by Client on such data within IDM’s systems (collectively “Client Data”). Clients can also request a CSV export of all Client Data for the previous year.
2. OBLIGATIONS OF CLIENT
2.1 Information Provided to IDM. Within thirty (30) days of entering into this Agreement, Client shall provide the information about its Customers Transaction Data to IDM specified either in the API or the KYC Plugin depending on the manner in which Client desires to access the Services.
A.Client must implement a one-way cryptographic hash function and data mask as directed by IDM on the Transaction Data prior to Client sending the information to IDM. Client acknowledges that as a result IDM will never obtain from Client the actual details within the Transaction Data and will not be able to reconstruct the actual payment details.
B.Client must utilize SSL/TLS encryption as directed by IDM in order to send the Transaction Data to IDM.
C.In the event Client uses the KYC Plugin, all information from the plugin to the IDM system already conforms to the items referenced above.
2.3Customer Notification. If required by applicable law or Client’s privacy or data use policies, Client shall be responsible to inform Customers that the Transaction Data is being provided to IDM in order for IDM to provide the Services on behalf of Client and for IDM to use the Transaction Data as otherwise provided for in the Agreement.
2.4 Transaction Data. IDM pools certain hashed elements of the Transaction Data along with other data attributes provided by other clients (“IDM Identity Integrity Pool”) in order to match transaction information for the purpose of determining fraud, reputation, and identity as it relates to a given transaction. Client acknowledges that once such Data is part of the IDM Identity Integrity Pool it is neither identifiable as coming from Client nor separately removable. In providing the Service, IDM warrants that no data is provided to any of its clients that allow that client to profile another client’s customer’s purchasing behaviors or to obtain any personal information of another client’s customers. All data is solely used for purposes of determining fraud, reputation, and identity as it relates to a given transaction. Client grants IDM a perpetual, non-terminable, royalty free license to utilize the Transaction Data as part of the IDM Identity Integrity Pool. All data is solely used for purposes of determining fraud, reputation, and identity as it relates to transactions.
2.5Use of Service. Client will not intentionally authorize, enable or engage in any unauthorized implementation of the Services, including the use, display, syndication, sublicensing or delivery of the Services to any third party unless approved in writing by IDM.
[___] 2.6. European Union General Data Protection Regulations. If the box next to this Section is checked Client acknowledges that it will be sending IDM Customer Information of Customers located in the European Union and therefore that the European Union's General Data Protection Regulations apply to that information. Therefore, the terms of IDM's Data Protection Agreement accessed by clicking this hyperlink, are incorporated into this Agreement.
3. SERVICE FEES
3.1Fees. Client shall pay to IDM the fees (the “Fees”) for the Service in the amount and by the means set forth as described as part of signing up for the Services.. The Fees are subject to increase in the event that Client elects to obtain Additional Features in accordance with Section 1.4 hereof. IDM may modify the Fees, from time to time, upon written notice to Client to reflect any changes in the prices charged by the Additional Services providers for the Additional Services. The Fee Statement also specifies the timing of when the Fees are due and payable.
3.2Taxes. Client shall be responsible for all taxes or levies of whatever nature arising out of or in connection with this Agreement, in particular including without limitation any sales or use taxes in effect, but excluding taxes based on IDM’s net income
4. DATA SECURITY
4.1IDM follows reasonable industry practices for network and application security. IDM receives no payment card information, but instead receives a one-way salted cryptographic hash of the account number. All Transaction Data is sent securely using HTTPS using the IDM API. All data is stored in a secure, monitored hosting center under PCI Level 1 standards. Access to Transaction Data is restricted to authorized parties and IDM personnel.
4.2IDM shall at all times maintain a program to ensure the security and confidentiality of Transaction Data and Client's Customer information. This program shall protect against any anticipated threats or hazards to the security or integrity of this information, protect against any unauthorized access to or use of the information and be in compliance with all applicable state and federal laws. IDM shall promptly notify Client regarding any security breach that compromises Transaction Data or Client's Customer Information and work diligently to mitigate the impact of such a breach.
5. LIMITED WARRANTY, LIMITED REMEDY, AND LIMITED LIABILITY
5.1 Service Defects. Client shall report to IDM any failure of the Services to conform substantially to its specifications (“Defects”). IDM agrees to employ commercially reasonable efforts to remedy Defects.
5.2Warranty. Each party hereby represents and warrants to the other that (i) such party has the right, power and authority to enter into this Agreement and to fully perform all its obligations hereunder; and (ii) the making of this Agreement does not violate any agreement existing between such party and any third party.
5.3 Disclaimer. THE SERVICES ARE PROVIDED “AS IS.” IDM DOES NOT WARRANT THAT THE SERVICES WILL BE UNINTERRUPTED OR ERROR-FREE AND MAKES NO WARRANTY REGARDING RESULTS THAT MAY BE OBTAINED OR THAT THE SERVICES WILL MEET ALL OF CLIENT’S REQUIREMENTS. IDM MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY RELATING TO THE SERVICE. IDM SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT, AND ALL WARRANTIES ARISING BY STATUTUE OR OTHERWISE IN LAW OR FROM A COURSE OF DEALING OR USE OF TRADE, AS TO ANY MATTER. THE PARTIES EXPRESSLY ACKNOWLEDGE THAT THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS AGREEMENT.
5.4 Sole Remedy. If IDM fails to correct Defects or breaches this Agreement, then Client’s sole and exclusive remedy shall be termination of this Agreement. The remedies expressly granted herein constitute the sole remedy against IDM for any claims concerning the Service or this Agreement.
5.5 Limited Liability. IDM’S TOTAL CUMULATIVE LIABILITY TO CLIENT UNDER THIS AGREEMENT OR ARISING FROM THE SERVICES SHALL BE LIMITED TO AN AMOUNT EQUAL TO $10,000.00. CLIENT RELEASES IDM FROM ALL OBLIGATIONS, LIABILITY, CLAIMS OR DEMANDS IN EXCESS OF THE LIMITATION. IDM SHALL NOT BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL, INDIRECT, ECONOMIC OR PUNITIVE DAMAGES, OR LOSS OF PROFIT EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
A. Client shall indemnify and hold IDM harmless from any claims (i) arising out of Client’s use of the Service or (ii) brought by Customers or third parties arising out of the Service or Client’s failure to obtain Customer consent to the collection of the Transaction Data, the transmission of the Transaction Data to IDM, the use of the Transaction Data to provide the Service and the decision to proceed or not proceed with a transaction based on the Service, except for those claims that are a result of IDM's willful misconduct or gross negligence.
B. IDM shall indemnify and hold Client harmless from any claims (i) that the IDM Service infringes on the intellectual property rights of any third party or (ii) breaches of the data security provisions of Section 4 hereto which result in the unauthorized dissemination of Customer data.
6. TERM AND TERMINATION
6.1 Term. The initial term of this Agreement shall commence on the date that Client accepts the terms of this Agreement (“Effective Date”) and continue for an initial term of one (1) year (“Term”).
6.2 Termination for Cause. Either party may terminate this Agreement if any of the following events occur: (i) the other party materially breaches this Agreement (after receiving written notice of such breach and 30 days opportunity to cure); (ii) this Agreement is in violation of applicable law; or (iii) the other party becomes insolvent, enters into bankruptcy or other similar proceedings, or attempts to make an assignment for the benefit of creditors. In addition, IDM shall have the right to terminate this Agreement in the event that Client or Client’s principals are indicted, plead or are found guilty of any financial services crimes or crimes involving moral turpitude (IDM has the right to perform KYC investigations on Client and Client’s principals). In the event of a termination under Section 6.2(i), subject to the other terms and conditions of this Agreement, either party shall be eligible to seek those remedies available to it in accordance with applicable laws.
6.3Post Termination Retention of Client Data. In the event that IDM terminates this Agreement for Cause, IDM shall have no obligation to retain the Client Data or provide access to the Client Data to Client. Upon a termination of this Agreement for other than if IDM terminates for Cause, at the option of Client, IDM shall either provide a CSV export of all of the Client Data or IDM shall continue to retain such Client Data so long as Client pays the Post Termination Client Data Storage Fee as set forth on the Fee Statement. If Client fails to pay any year’s Post Termination Client Data Storage Fee within 90 days following its due date, IDM shall delete the applicable Client Data.
6.4Survival. The provisions regarding data ownership and licensing, disclaimer of warranties, limitations of liability, indemnification, termination, and any existing payment obligations shall survive the expiration or termination of this Agreement for any reason. All other rights and obligations of the parties shall cease upon termination of this Agreement.
7. GOVERNING LAW; DISPUTES
7.1 Governing Law. This Agreement shall be governed by the laws of the state of California, without reference to any conflict-of-laws provisions. In no event shall this Agreement be governed by the United Nations Convention on Contracts for the International Sale of Goods. All proceedings arising under this Agreement shall be held in Palo Alto, California.
7.2 Legal Fees and Expenses. In the event of any litigation arising under this Agreement, the substantially prevailing party in such litigation shall be reimbursed by the other party for all fees and expenses incurred, including reasonable attorneys’ fees, court costs, and accounting fees.
8.1 Entire Agreement. This Agreement and its exhibits shall constitute the entire agreement between the parties with respect to the subject matter hereof and replaces all prior communications. This Agreement may not be modified or waived except in writing signed by both parties. This Agreement may be executed in one or more counterparts.
8.2 Assignment. This Agreement, and any rights or obligations hereunder, may not be assigned or sublicensed by Client without obtaining IDM’s prior written consent; provided that Client may assign its rights under this Agreement to a successor-in-interest by operation of law, whether by internal reorganization or otherwise upon notice to IDM.
8.3 Interpretation. If any provision of this Agreement is held invalid or unenforceable, the remainder of this Agreement shall nevertheless remain in full force and effect. The rule of construction that any ambiguities are to be resolved against the drafting party shall not be employed.
8.4 Notices. All notices pursuant to this Agreement shall be in writing and shall be sent via US mail, reputable overnight courier service or e-mail to the applicable addresses set forth below or at such other address as may be designated by the parties from time to time.
8.5Waiver. IDM’s failure to enforce Client’s strict performance of any provision of this Agreement will not constitute a waiver of IDM’s right to subsequently enforce that provision, or any other provisions of this Agreement. No waiver of any provision hereof will be effective unless in writing and signed by the party against whom such waiver is sought to be enforced.
8.6Headings.The headings and captions used in this Agreement are for convenience only and shall not in any way affect the interpretation of the provisions of this Agreement.
8.7Remedies.No remedies in this Agreement are exclusive of any other remedies but will be cumulative and shall include all remedies available hereunder or under any other written agreement or in law or equity, including rights of offset.
8.8Export Controls. Each party understands and acknowledges that the parties are subject to regulation by agencies of the U.S. government, including the U.S. Department of Commerce, which prohibits export or diversion of certain products, technology and technical data to certain countries.
8.9Force Majeure. IDM shall not be held responsible for any delay or failure in performance hereunder caused in whole or in part by fire, strike, flood, embargo, labor dispute, delay or failure of any subcontract, act of sabotage, riot, accident, delay of carrier or Client, internet outages, voluntary or mandatory compliance with any governmental act, regulation or request, act of God or by public enemy, or any act or omission or other cause beyond IDM’s control. If any such contingency shall occur, this Agreement will be deemed extended by the length of time such contingency continues.
8.10Relationship Among Parties. Client and IDM are independent contractors, and nothing in this Agreement creates any partnership, joint venture, agency, franchise, sales Client or employment relationship between Client and IDM. All financial and other obligations associated with Client’s business are the sole responsibility of Client.
8.11Counterparts. This Agreement may be executed in counterparts, each of which will be deemed an original and all of which together shall constitute one instrument .
READ THIS AGREEMENT CAREFULLY. BY CLICKING THE “I ACCEPT THE TERMS OF THE SERVICES AGREEMENT” RADIO BUTTON YOU ARE AGREEING TO ENTER INTO THIS AGREEMENT IN AN ONLINE ELECTRONIC FORMAT AND TO BE BOUND BY ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT.
I ACCEPT THE TERMS OF THE LICENSE AGREEMENT