Terms & Conditions
Please see the Treefort Terms & Conditions below.
TERMS AND CONDITIONS
- In these Terms and Conditions:
a)“Administrator” means a person who has been designated by their Organization to manage all user accounts within the Organization.
b)“Authentication ID” means a security mechanism determined by Provider, and which may include user identification and passwords, by which an Administrator or an Authorized User identifies themselves to the System to gain access.
c) “Authorized User” means a person to whom an Administrator has issued an Authentication ID.
d) “Business Terms Agreement” means an agreement between you and the Provider that sets out additional or alternative terms that govern the relationship between you and your Organization and the Provider.
e) “Confidential Information” means the System, Data, and all ideas, designs, business models, databases, drawings, documents, diagrams, formulas, test data, marketing, financial or personnel data, sales information, client or supplier information, information of an individual used to create the ID Verification Report or any other information already furnished and to be furnished or made available by Provider to you. Confidential Information does not include information or material which is or was, at the time of disclosure or thereafter, demonstrably: (i) already known by you prior to the disclosure thereof, (ii) generally available to and known by the public (other than as a result of a disclosure directly or indirectly by you), (iii) available to you on a non-confidential basis from a source other than the Provider, (iv) independently acquired or developed by you without violating any of your obligations under these Terms and Conditions, or (v) information for which the Provider has authorized the unrestricted disclosure.
f) “Content” means all materials and content made available to users on the Website or System including notices, guidelines, communications, text, RSS feeds, graphics, images, illustrations, audio-visual works, multimedia elements, photographs, videos, music, sound recordings, policies, documents, software, information, data and any other work, including the manner in which such content is presented.
g) “Data” means any data, files, documentation, or other information that you may upload to the System, or which may be uploaded on your behalf. Data may include Personal Information.
h) “Data Breach” means any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Data and/or Personal Information that has been transmitted, stored, or otherwise processed.
i) “ID Verification Report” means the form of report produced by the System for each individual who is the subject of the ID verification process. The ID Verification Report will contain, at a minimum, the following information: a) the name of the individual; b) his/her address; and c) a pass or fail mention.
j) “Organization” means the entity you work for or the entity who has otherwise provided you access to the System.
k) “Personal Information” means data about an “identifiable individual”. It is information that on its own or combined with other pieces of data, can identify someone as an individual.
l) “Privacy Laws” mean all applicable privacy and data protection legislation and regulations, national and provincial laws and regulations relating to the processing of Personal Information, as amended, replaced or updated from time to time.
m) “Provider” means Treefort Technologies Incorporated.
n) “Related Parties” means any person or entity acting on behalf of or under authority of Provider to carry out Provider’s obligations under the Agreement, including but not being limited to Provider’s employees, agents, contractors and Sub-Contractors.
o) “Reliable Sources” means certain credit bureaus, financial institutions, telecommunication companies, and other entities the System receives ID verification information from;
p) “Sub-Contractor” means any person or entity acting on behalf of or under Provider’s authority to carry out specific processing activities with Data and/or Personal Information.
q) “System” means the computer server and application computer software, known as “Treefort”, that: (i) determines whether personal information about an individual inputted by you matches information about the individual held by Reliable Sources; and, (ii) obtains and reviews other risk indicators associated with the individual whose identity is being identified.
USE OF SYSTEM
2. These Terms and Conditions govern your access to and use of the System.
3. Subject to these Terms and Conditions, Provider hereby grants you a non-exclusive, non-transferable, revocable right to access and use all or a portion of the System in accordance with the provisions of these Terms and Conditions.
4. If you are an Administrator you will provide each Authorized User with an Authentication ID. You shall control and maintain the security of the Authentication IDs and you shall be responsible for all instructions, commitments and other actions or communications taken under each Authentication ID. You shall promptly report to Provider any errors or irregularities in the System or any unauthorized use and inform Provider immediately if an Authentication ID becomes known to any unauthorized person.
5. You agree:
a) not to sell, lease, transfer, provide or otherwise make available the System or any portion of the System to any third party, whether as a demonstration or otherwise;
b) not to take any action whatsoever to access, store, merge, aggregate, compile, decompile, manipulate, copy, reverse engineer, create derivative products, derive the source code, sublicense, sell, distribute, commercially exploit, frame, mirror, scrape or data-mine the System or any content in any form or by any means, and you will not attempt to access any restricted areas of the System;
c) not to develop a product that will compete with the System for a period of three (3) years after you stop using the System;
d) to be responsible for all actions taken by you, and all communications made by you, while you access the System;
e) to comply with all laws that apply or may apply to your access of the System, including Privacy Laws;
f) to ensure that all devices used by yourself to access and use the System are placed in a secure location, and that such devices are secured when not in use through such means as screen locks or shutting power controls off;
g) you will not share your Authentication ID with anyone including your staff and associates;
h) you will not use the System for personal (non-business), improper or unlawful purposes;
i) that if you cease working for your Organization, or if you otherwise cease your association with the Organization, you will immediately return all documentation and information associated with the System to your Organization, and you agree you will not access the System even if your Authentication ID still allows for access to the System.
j) not to access the System in a manner that could damage, disable, abuse or otherwise interfere with the System, its security, any services, system resources, accounts, servers or networks connected to or accessible through the System, or any other person’s use or enjoyment of the System; and,
k) not to upload to, distribute to, or otherwise disseminate through the System any material or information of any kind that is libelous, defamatory, obscene, pornographic, abusive, or otherwise violates any law or infringes or violates any rights of any other person or entity (including any intellectual property or other property rights), or that contains viruses, backdoors or any other harmful or malicious code.
6. a) The System has a search function that allows Authorized Users to search for ID Verification Reports generated by other organizations for which they have been granted access. This search function is in addition to the ability of an Authorized User to search for ID Verification Reports that have been generated by their Organization. The ability to search for ID Verification Reports generated by other organizations is turned off by default, but an Administrator may turn it on so that Authorized Users in the Organization can search for ID Verification Reports generated by other organizations for which they have been granted access by the other organization. If the ability to search for ID Verification Reports generated by other organizations is turned on you agree to:
i. only search for ID Verification Reports that relate directly to transactions you are contemplating, or have entered in to, and for which you have consent to receive it from the individual to whom the ID Verification Report relates; and,
ii. use the ID Verification Reports you obtain as a result of a search only for the purpose of satisfying your KYC requirements, determining whether you want to enter into a transaction or to complete a transaction you have already entered into.
b) The System also has a sharing function that allows your Organization to make ID Verification Reports generated by Authorized Users in your Organization available to specific authorized users in other organizations. This requires providing access to the ID Verification Report to other organizations. The sharing of ID Verification Reports generated by your Organization is turned off by default, but an Administrator can turn it on so that ID Verification Reports generated by your Organization can be accessed by other organizations. You agree that you will not sell, lease, transfer, provide or otherwise make available an ID Verification Report to any third party other than the individual whose identity is being verified, whether as a demonstration or otherwise, other than through the sharing function in the System and only to the other organizations that have a legitimate interest in having access to the report.
7. If you are an Administrator, in addition to all other tasks and obligations imposed on you by these Terms and Conditions you agree to:
a) assign, record and control the issuance and use of all Authentication IDs within your Organization, keeping the same Authentication IDs confidential except to those who are permitted to use them;
b) without delay, disable any Authentication ID and notify Provider immediately if Provider determines an Authentication ID issued by you has been provided to a person who is not an Authorized User or ceases to be an Authorized User. You shall also, in compliance with law, notify the individuals whose information was potentially accessed or acquired that an unauthorized use has occurred;
c) ensure your Organization complies, at all times, with all applicable legal and regulatory requirements and with the policies of the Reliable Sources in respect of the use of the System, including:
d) ensure that all devices used by Authorized Users to order or access the System are accessible only by the Authorized User, and that such devices are secured when not in use through such means as screen locks, shutting power controls off, or other commercially reasonable security procedures;
e) implement secure authentication practices when providing Authentication IDs to Authorized Users, including but not limited to: (i) using individually assigned email addresses and not shared e-mail accounts; (ii) prohibiting the sharing of Authentication IDs; and (iii) use of anti-malware, anti-spam, and similar controls;
f) confirm your Organization has effective administrative, technological, and physical safeguards in place to stop theft, loss and unauthorized access, copying, modification, use, disclosure, or disposal of information that are consistent with industry best practices;
g) respect all applicable Privacy Laws including any requirements of notification or declaration in relation to a Data Breach or incident of confidentiality as required by the applicable legislation;
h) educate Authorized Users with respect to Privacy Laws and policies and take reasonable steps to ensure compliance through training, confidentiality agreements and sanctions, as needed;
i) ensure Authorized Users who are fired, resign or whose association with your Organization is otherwise terminated return to you, or securely dispose of, all Confidential Information and terminate their access to the System;
j) monitor compliance with the obligations of these Terms and Conditions, and immediately notify the Provider if you suspect or know of any unauthorized access or attempt to access the System. Without limiting the generality of the foregoing, you agree that on at least a quarterly basis you will review the use of the System to ensure that such uses were performed for a legitimate business purpose and in compliance with all terms and conditions herein;
k) maintain and enforce data destruction procedures to protect the security and confidentiality of the Confidential Information and all other information obtained through the System as it is being destroyed or deleted when you or your Organization no longer has a need to keep it; and,
l) put in place procedures and protocols that ensure no one in your Organization uploads to, distributes to, or otherwise disseminates through the System any material or information of any kind that is libelous, defamatory, obscene, pornographic, abusive, or otherwise violates any law or infringes or violates any rights of any other person or entity (including any intellectual property or other property rights), or that contain viruses, backdoors or any other harmful or malicious code.
Priority and Changes:
8. If you or your Organization have entered into a Business Terms Agreement with the Provider the terms of that agreement shall have priority in the event of a conflict between the Business Terms Agreement and these Terms and Conditions.
9. Provider reserves the right, at its sole discretion, from time to time, to modify, add, or delete portions of these Terms and Conditions, and you agree to be bound by such changes. Such changes will be effective immediately upon notice to you and the notice may be given by any means including, posting in the System, on our Website or by e-mail. You agree to regularly review the Terms and Conditions and to be aware of such changes. If you do not agree with the updated Terms and Conditions, please stop using our System. Your use of the System following any such change constitutes your agreement to follow and be bound by the changed Terms and Conditions.
10. As you request and consume ID Verification Reports from the System you are required to pay to the Provider the request fees. The Provider charges a fee for every ID Verification Report produced by the System and the fees are set out in the pricing guide the Provider will deliver to you.
11. You or your Organization will be invoiced following the end of each calendar month for the total number of ID Verification Reports initiated by you during that month. For clarity, if you initiate an ID Verification in one month, but the ID Verification Report is not delivered to you until the next month, the charges for that ID Verification Report will be included in the invoice for the first month.
12. All invoices will be delivered to you or your Organization via email using the email address you have given to the Provider.
13. Payment terms are NET 15 days from the invoice date.
14. You or your Organization will submit payment based on the invoice amount.
15. If any payment due to Provider is not received by the required payment date, all overdue payments will be subject to a late payment charge of 2% per month.
16. You may stop using the System for any reason at any time.
17. Provider may terminate your ability to access the System for any reason at any time on 30 days’ written notice to you.
18. Provider may terminate your ability to access the System with immediate effect if you or your Organization:
a) commits a material breach of these Terms and Conditions;
b) suffers or incurs any form of insolvency or enters an arrangement with creditors;
c) fails to pay any amount due to the Provider on the due date and fails to cure the default within thirty (30) days of receiving written notice of the non-payment;
d) has provided incomplete or inaccurate information to Provider during the account set-up process or fails to maintain such information on a timely basis;
e) operates in a territory that introduces a data localization requirement that affects the Personal Information, the Confidential Information or the Data the Provider stores or where Provider must store it or introduces any law that could require Provider to build a ‘back door’ to any data Provider stores or processes;
f) becomes a competitor of Provider or the System, or controls any person or organization which is a competitor of Provider or the System. Provider shall determine if you or your Organization is a competitor in its sole discretion; or
g) use the System in such a way that it causes harm to any individual or to Provider’s reputation or goodwill.
19. Termination of the Agreement shall not affect any rights, remedies, obligations, or liabilities of the parties that have accrued up to the date of termination.
SCOPE OF USE
22. IF YOU ACCESS CREDIT REPORTS OR OTHER INFORMATION PROVIDED BY A RELIABLE SOURCE THROUGH THE SYSTEM FOR UNAUTHORIZED PURPOSES YOU MAY BE SUBJECT TO CIVIL AND CRIMINAL LIABILITY UNDER CANADIAN CONSUMER LAWS PUNISHABLE BY FINES AND IMPRISONMENT.
RIGHT TO CONTROL ACCESS, FUNCTIONALITY, AND CONTENT
23. Provider reserves the right, at its sole discretion, from time to time, without notice, to:
a) modify, add, or delete portions of the System, including its functionality or content; and
b) deny, restrict, control, or revoke your access to the System, or to any portion of the System.
24. By using the System you acknowledge and consent to the Provider sharing information about you and your use of the System with the Reliable Sources for the purpose of obtaining approval from the Reliable Sources to share information and documentation developed or provided by the Reliable Sources with you and also to satisfy the audit requirements of the Reliable Sources.
ECONOMIC SANCTION LAWS AND NO CONSUMER REPORTS
26. You acknowledge the Provider is subject to economic sanctions laws, including but not limited to those enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), the European Union, and the United Kingdom. You certify that, to your knowledge, you are neither identified on, and you shall not knowingly provide access to the System to any individuals or entities identified on (1) OFAC’s list of Specially Designated Nationals, (2) the UK’s HM Treasury’s Consolidated List of Sanctions Targets, (3) the EU’s Consolidated List of Persons, Groups, and Entities Subject to EU Financial Sanctions, (4) any other applicable sanctions lists, or (5) any person 50 percent or more owned, directly or indirectly, individually or in the aggregate by a person(s) identified in (1) through (4).
27. You agree the System is not provided by “consumer reporting agencies,” as that term is defined in the Fair Credit Reporting Act (15 U.S.C. § 1681, et seq.) (“FCRA”) and outputs of the System, including the ID Verification Reports do not constitute “consumer reports,” as that term is defined in the FCRA. You may not use the System, in whole or in part, as a factor in determining eligibility for credit, insurance other than title insurance, employment or another purpose in connection with which a consumer report may be used under the FCRA.
29. You acknowledge the Confidential Information consists of confidential and proprietary information of the Provider. You shall hold all Confidential Information in confidence and shall use the same degree of care to maintain the confidentiality of the Confidential Information you use to maintain the confidentiality of other confidential information you or your Organization controls or has access to, but with at least a reasonable degree of care commensurate with the nature and importance of the Confidential Information.
REPRESENTATIONS, WARRANTIES, AND DISCLAIMERS
34. EXCEPT AS OTHERWISE EXPRESSLY STATED IN THESE TERMS AND CONDITIONS, PROVIDER EXPRESSLY DISCLAIMS ALL CONDITIONS, WARRANTIES AND REPRESENTATIONS, EXPRESS, IMPLIED OR STATUTORY INCLUDING, BUT NOT LIMITED TO, IMPLIED CONDITIONS OR WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, DURABILITY, TITLE AND NON-INFRINGEMENT, WHETHER ARISING BY USAGE OF TRADE, COURSE OF DEALING, COURSE OF PERFORMANCE OR OTHERWISE, OR THAT THE SERVICES, SYSTEM OR DOCUMENTATION WILL MEET CUSTOMER’S NEEDS OR WILL BE AVAILABLE FOR USE AT ANY PARTICULAR TIME OR WILL BE ERROR FREE. UNDER NO CIRCUMSTANCES WILL PROVIDER BE LIABLE FOR THE RESULTS OF THE USE OR MISUSE OF THE SERVICES, SYSTEM OR DOCUMENTATION, INCLUDING ANY USE CONTRARY TO LAW, BY YOU. Without limiting the generality of the foregoing, you are advised that information obtained from the Reliable Sources may contain errors as source data is sometimes reported or entered inaccurately, processed incorrectly and is not warranted to be free from defects. By accepting these Terms and Conditions you acknowledge that Provider is not the source of the data in the System.
INDEMNITY AND LIMITATION LIABILITY
I) comply with all relevant Privacy Laws and:
a) deal with Personal Information only in accordance with your lawful instructions;
b) take reasonable steps to ensure only the Provider’s authorized personnel have access to the Personal Information, and they are under obligations of confidentiality;
c) maintain commercially reasonable and appropriate security measures, including administrative, physical, and technical safeguards, to protect against unauthorized or unlawful access to any Personal Information and against accidental loss or destruction of, or damage to Personal Information and to ensure a level of security appropriate to the risk;
d) ensure that it and any employees, Authorized Users, Related Parties and Reliable Sources are made aware of their obligations regarding the security and protection of Personal Information and, where applicable, the same data protection obligations as set out in these Terms and Conditions shall be imposed upon them by way of a contract or applicable laws;
e) ensure that all agreements with Related Parties and or Reliable Sources are in writing and contain provisions requiring said parties to maintain commercially reasonable security measures to maintain the confidentiality of all Personal Information; and,
f) modify these Terms and Conditions as may become necessary as Privacy Laws become effective or change to ensure these Terms and Conditions are consistent with, and do not violate, the Privacy Laws;
II) maintain and make available to you, a written record of all categories of processing activities carried out by Provider on your behalf. This report shall include, where applicable: (a) categories of processing activities performed; (b) name and contact details of all Sub-Contractors; (c) details of any cross-border data transfers outside of Canada, including documentation of suitable safeguards; (d) a general description of the technical and organizational security measures implemented with respect to the Personal Information; and (e) the name of Provider’s Privacy Officer or privacy representative;
III) notify you without undue delay, but no later than within 72 hours, if Provider receives any complaint, notice or communication which relates directly or indirectly to the processing of Personal Information related to an ID verification initiated by you, or to either party’s compliance with Privacy Laws, and shall provide reasonable cooperation and assistance to you in relation to any such complaint, notice, communication or non-compliance;
IV) deal promptly and properly with all inquiries from you relating to the processing of Personal Information provided by you;
V) make available to you all information necessary to demonstrate compliance with the obligations pursuant to Privacy Laws and allow for and contribute to audits, including inspections, conducted by you;
VI) assist you, when and where possible, with the fulfilment of your obligation to respond to requests by individuals exercising their rights of access, rectification and erasure, restriction of processing, and data portability pursuant to Privacy Laws;
VII) at your direction, delete or return to you all Personal Information provided by you to Provider in its possession after you cease to use the System and to delete existing copies unless Provider is otherwise required by law to maintain the Personal Information;
VIII) not transfer Personal Information outside of Canada without the appropriate legal mechanisms first being implemented, such as any necessary privacy impact assessment of the receiving country, or organization and contractual protections;
IX) implement appropriate technical and organizational measures to ensure the security and protection of Personal Information;
X) in the event of a Data Breach, or suspected Data Breach:
a) inform you without undue delay of the Data Breach or any other breach of security that could potentially affect the confidentiality of Personal Information;
b) promptly provide you with reasonable cooperation and assistance, including providing any necessary documentation concerning the breach, for you to investigate including but not limited filing any reports with government authorities or notifying individuals or any other actions necessary to comply with your breach notification obligations under the Privacy Laws; and
c) take reasonable measures to mitigate against and to prevent similar breaches from occurring in the future.
XI) to the extent possible, provide you the following details regarding a Data Breach when this information is available:
a) the possible cause and consequences for individuals to whom the Personal Information relates of the Data Breach;
b) the categories of Personal Information involved;
c) the risk of serious harm for the individuals to whom the Personal Information relates;
d) identification of the unauthorized recipient(s) of the Personal Information; and
e) the measures taken to mitigate any damage and/or adverse effects;
XII) implement and maintain safeguards and controls to deter, detect, prevent, and correct any unauthorized access or use of the System, Data and Personal Information.
At the mailing address or email address provided by you to Provider