Third Party Vendor Terms - Biometrics

1. Definitions and Interpretation

“Agreement” means the Agreement for the Provision of Electronic Identity Verification Services between Verifi and the Organisation and capitalized terms have the same meaning in this Schedule.

“Third Party Vendor” means GB Group Plc;

2. Application

2.1 The Organisation agrees to be bound by the terms and conditions in these Third Party Vendor terms “DFBV Terms” and acknowledges that these DFBV Terms form part of the Agreement from the earlier of the Organisation first notifying Verifi that it intends to use; or the Organisation subscribing for, accessing or using any, service or data from the Third Party Vendor noted in this Schedule.

3. Third Party Vendor Specific Terms

3.1 The following terms shall have the following meanings:

3.1.1 “Customer Data” means any data provided to us or our Group Companies by you for processing in accordance with the terms of the Agreement including where relevant any Personal Information together with any data created or captured by or for you via the DFBV (including biometric data).

3.1.2 “DFBV” means the document and facial biometrics verification capability that allows you to: Capture image of documents for verification; Capture document data using OCR (Optical Character Recognition) technology; Capture selfie headshot for comparison against reference image; Conduct captured data checks against external data source/database, also known as “IDScan”

3.1.3 “Controller” means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of Personal Information

3.1.4 “Group Company” means our Associated Entity and “Associated Entity” has the meaning given to that term in the Corporations Act 2001 (Cth).

3.1.5 “Personal Information” has the meaning given to that term in the Privacy Act or the equivalent or corresponding definition under any applicable Privacy Requirements

3.1.6 “Privacy Requirements” means all applicable laws and regulations relating to the collection, holding, use, disclosure or other processing of Personal Information and privacy in any relevant jurisdiction, including, the Privacy Act 1988 of Australia, the Australian Privacy Principles (APPs), the Privacy Act 1993 of New Zealand, the New Zealand Information Privacy Principles (IPPs), and where relevant, the GDPR and the UK’s Data Protection Act 2018, and any amendment, consolidation or re-enactment of any of the above, any legislation of equivalent purpose or effect enacted in Australia, and any orders, guidelines and instructions issued under any of the above by relevant national authorities or a judicial authority in Australia.

3.1.7 “Processor” means a natural or legal person, public authority, agency or any other body which processes Personal Information on behalf of the Controller or the equivalent or corresponding definition (if any) under any applicable Privacy Requirements.

3.1.8 “Sub-Processor” means a natural or legal person, public authority, agency or any other body contracted by the Processor to process Personal Information for the purpose of carrying out a specific processing activity on behalf of the Controller.

3.1.9 “Trademarks” means the trademarks and service marks as may be identified by us to you from time to time.

3.2 Intellectual Property

3.2.1 The DFBV, and all items contained within the services provided by it are the intellectual property of GB Group plc, its Group Companies, and/or their relevant licensors (the “Proprietors”) and are protected by applicable intellectual property law including international treaty provisions and the laws of the country in which the services are being used.

3.2.2 You agree to protect all copyright and other ownership interests of the Proprietors in all items supplied under these DFBV Terms.

3.2.3 The Proprietors retain title and ownership of the items supplied under these DFBC Terms, the media on which it is recorded, and all subsequent copies, regardless of the form or media in or on which the original and other copies may exist. Except as stated above, these DFBV Terms do not grant you any rights to patents, copyrights, trade secrets, trademarks or any other rights in respect to the items.

3.2.4 Nothing in these DFBV Terms shall impair, limit or curtail our right to continue with any development, maintenance and/or distribution of our technology or products. You agree that you shall not assert in any way any patent owned by you arising out of or in connection the DFBV or modifications made thereto against the Proprietors or their customers, agents and contractors.

3.2.5 We may require you include copyright notices and attribution notices. If we make such a request, you shall comply with such a request promptly. You agree that all copies of the items reproduced for any reason by you, contain the same copyright notices, and other proprietary notices as appropriate, as appear on or in the items delivered by us to you.

3.2.6 We may agree with you to allow you to use the Trademarks in connection with your use of the DFBV. In the event of such mutual written agreement, subject to the restrictions contained in these DFBV Terms: (a) we grant to you a non-exclusive, non-transferable, royalty-free license to use Our Trademarks only on or in connection with the Application, provided always that such use shall be subject to any instructions, conditions, and requirements as we may prescribe from time to time in relation to such use; and (b) you agree to the following terms: (i) Your use of the Trademarks does not give you any right, title or interest in the Trademarks, other than the license rights granted herein; (ii) you may not assign, transfer or sublicense any trademark right granted herein without our prior written consent; (iii) you agree not to use the Trademarks in any way that will disparage us or our products, injure our reputation otherwise diminish or damage our goodwill in the Trademarks or infringe our intellectual property; (iv) you acknowledge the validity of the Trademarks and our sole of the Trademarks, and that we retain all right, title and interest in and to the Trademarks; (v) you recognize the value of the goodwill associated with the Trademarks, and acknowledges that such goodwill inures exclusively to the benefit of and belongs to us; (vi) you shall take no action that will interfere with or diminish our rights in the Trademarks; and (vii) you agree not to adopt or use a trademark, service mark, or any other designation confusingly similar to the Trademarks.

3.3 Disclaimer

3.3.1 You acknowledge and agree that the DFBV are supplied to you on an “as is” and “as available” basis. To the fullest extent permitted by law, we disclaim all warranties and conditions, either express or implied, including but not limited to any conditions or warranties of merchantability and fitness for any particular purpose or noninfringement of any third party right, in relation to the DFBV, other than any written warranty made in the Agreement, this includes, without limitation, any warranties in relation to accuracy or availability of the DFBV.

3.3.2 You agree that the functionality of the DFBV is dependent on other systems (including hardware and software) used by you or provided for you by third parties (each a “Third Party System”). You agree that we are not liable for the performance or availability of any other Third Party System or any error, defect, or vulnerability in the Application or Third Party System.

3.3.3 You acknowledge and agree that the performance of any technology enabling automated face comparison, facial recognition, optical character recognition, tamper detection, document image capture, and document authentication are dependent on the device used to capture the image; the appearance of the subject being photographed, the angle of subject’s face, or any movement by the photographed subject; the quality and legibility of the document being photographed or scanned; and/or lighting, background and other environmental factors affecting luminosity, shadowing, and light contrast. You agree that we do not guarantee the performance of the aforesaid technologies by virtue of your use of the DFBV, and any issues exhibited by the DFBV in connection in whole or in part to any of the foregoing factors do not constitute an error or defect in the DFBV and we are not responsible or liable for rectifying any such issues.

3.4 Data Protection

3.4.1  You agree that services in connection with the DFBV may be carried out by the Group Companies, including IDscan Research Bilsim Teknolojileri Sanayi Ticaret Limited Sirketi, based in Turkey, GBG (Malaysia) Sdn Bhd, based in Malaysia, and/or GB Group Plc, based in the United Kingdom. You further agree to notify your customers of our role in processing their data (including biometric data) and potential transfer of their personal information to these countries.

3.4.2 You acknowledge and agree that Customer Data may be transferred outside New Zealand and/or Australia (as applicable) to our Group Companies in the course of providing any services in relation to the DFBV. For the purposes of this clause and with respect to personal information, you agree that you are the Controller, we are the Processor, and the Group Companies are Sub-processors. We shall be responsible for ensuring that such Group Company complies with relevant Privacy Requirements and the terms of the Agreement. By using the DFBV, you warrant and represent to us that you have obtained the necessary consents and approvals for you to provide the Customer Data to us and for us to transfer the Customer Data to our Group Companies including our Group Companies located outside of New Zealand and/or Australia and you hereby indemnify and defend us and our Group Companies, and hold us and our Group Companies harmless from any losses, liabilities, costs, expenses, and damages incurred or claimed against us as a result of your breach of the foregoing warranty and representation.

3.4.3 You consent for us to use Sub-processors in the delivery of services in connection with the DFBV. Where required, you hereby authorise us to enter into an enforceable contractual arrangement with our relevant Group Companies specifying types of Personal Information to be disclosed, the purpose of disclosure, a requirement to comply with all applicable Privacy Requirements, a requirement to implement a complaint handling procedure, a requirement to implement a data breach response plan and requiring the relevant Group Companies to enter a similar contractual arrangement with any third parties to whom it discloses the Personal Information. You agree that we shall be entitled to sign any prescribed model clauses as a Processor on your behalf and shall not be required to name you in such document.

3.4.4 You will indemnify us and keep us fully indemnified against any liability, costs or expenses (including reasonable legal costs) incurred as a result of any third party making or threatening to make a claim against us, our Group Companies and/or our Customers that its use of the Customer Data in accordance with the terms of this Agreement infringes that third party's Intellectual Property Rights provided that we (a) notifies you promptly in writing of any claim; (b) make no admission or compromise relating to the claim or otherwise prejudice your defence of such claim; (c) allow you to conduct all negotiations and proceedings in relation to the claim; and (d) gives the Customer all reasonable assistance in doing so providing that you pay our reasonable expenses for such assistance.

These terms are dated 26 July 2023.