Third Party Vendor Terms - illion Customer Terms

These illion customer terms (“Terms of Use”) are applicable to a Organisation where the Organisation wishes to access or does access data provided by illion Data Registries Pty Ltd in respect of Credit Information, where the Territory is Australia or illion (New Zealand) Limited where the Territory is New Zealand (illion). These Terms of Use form part of the agreement between Verifi and the Organisation. Verifi may update these terms by posting the update version on the Verifi Website. The version of these terms available on the Verifi Website as at the time that the Database or Third Party Vendor Service is used shall govern such use.

Organisation Terms

1. Restrictions on Use

1.1 The use of information (“Information”) is subject to these terms and conditions (“Terms of Use”). The Information to which you (“Organisation”) are granted access is provided by illion Data Registries Pty Ltd in respect of Credit Information, where the Territory is Australia and illion (New Zealand) Limited where the Territory is New Zealand (illion) for the sole and limited purpose of the Organisation's internal business use only in the Territory (save that incidental use outside that Territory (e.g. when a user is travelling) is permitted provided always that the user’s primary place of employment is within that Territory). Such licence is non-exclusive, non-transferable and limited for the Term (as defined in Section 9.2 below) and is subject to the restrictions set forth herein. illion retains all ownership rights (including copyrights and database rights and other intellectual property rights) in the Information in any form and Organisation obtains only such rights as are explicitly granted in these Terms of Use. Organisation means "you" or “your” and includes the organisation and the people represented by the Organisation.

1.2 Organisation shall not request or make available Information for the use of others, including for any parent, subsidiary, affiliated entity, franchisee or dealer of the Organisation. The Organisation shall not make Information available to others in any form, unless required by law where the Organisation has notified us or unless the Organisation obtains our written consent.

1.3 It is agreed that the Organisation may use Information only for the purpose of verifying an individual’s identity under the applicable laws relating to financial transaction reports, anti-money laundering, anti-bribery, anti-corruption and counter-terrorism financing in the relevant Territory (AML/CTF Laws). The Organisation must not re-license, resell or further distribute Information.

1.4 Organisation shall not use Information in connection with providing advice or recommendations to others, publish Information in the news media, incorporate or use Information in any kind of database or marketing list to be provided to a third party, use Information to generate any statistical or other information that is or will be provided to third parties, use or permit the use of Information to prepare any comparison to other information databases that will be provided to third parties, or produce Information in judicial or administrative proceedings, including discovery proceedings, without our prior written consent, unless required by law and where Organisation has notified us of such legal requirement.

2. Copying

2.1 Organisation shall not copy, download, batch harvest, upload or in any other way reproduce the Information for the purpose of aggregating the Information, save that Organisation may create a copy or backup of the Information for the purpose of maintaining an internal archive or for regulatory compliance. Such backup or archive shall not be used for any commercial purpose.

3. Compliance with Laws

3.1  You must comply with all applicable laws, regulations and directives that relate to the access and use of the Information (including laws and regulations in countries of use, as well as the Territory). These include those relating to marketing by means of electronic communications services, customer solicitation, consumer protection, consumer credit, anti-corruption, Anti-Money Laundering / Counter-Terrorism Financing Laws, and the Privacy Act 1988 (Cth) (Australia) and the Privacy Act 2020 (New Zealand) as applicable,  related regulations, and codes of conduct (“Privacy Laws”) being in either Australia or New Zealand (the “Territory”) and all privacy laws of each other country in which personal information is received, collected, held, used or disclosed by that party in connection with this Agreement. If Organisation is excluded from the operation of all or part of any Privacy Laws (because for example, Organisation’s annual turnover is less than $3 million), Organisation agrees to comply with those Privacy Laws (including credit reporting provisions) as if it were bound.

3.2  Organisation will not use Information to engage in any unfair, anti-competitive or deceptive practices and will use the Information only in compliance with applicable laws or regulations, including laws and regulations regarding telemarketing, customer solicitation (including fax and/or e-mail solicitation), data protection, privacy and anti-corruption.

3.3  In relation to personal data contained in the Information, Organisation undertakes to comply with the following obligations: (i) to use such personal data only for internal business use in connection with the particular transaction for which the Information was originally requested; (ii) to ensure that such personal data is only used by appropriate authorised and trained personnel; (iii) to take and maintain appropriate technical and organisational security measures and procedures to safeguard such personal data from accidental loss or unauthorised disclosure; and (iv) subject to the requirements of applicable data protection regulations, to keep such personal data strictly confidential and not re-distribute for any purpose.

3.4  In relation to access to Credit Information in Australia contained in the Information, the Organisation undertakes to comply with following obligations (i) to ensure that in your  capacity as a Organisation you are expressly authorised by the individual whose identity is being verified to disclose specified personal information (including name, date of birth and residential address) to a credit reporting agency (CRA) such as illion for identity verification purposes under the AML/CTF Act (ii) you will notify your clients, or other individuals required to be identified under the AML/CTF Act, of unsuccessful attempts to verify identity using credit reporting data;(iii) you must retain information about verification requests and assessments for 7 years from the date of the request for CRAs and for 7 years after ceasing to provide designated services to a client for reporting entities and to delete it at the end of those periods; (iii) you must give your clients and individuals another option, not reliant upon credit reporting information, for verifying their identity (iv) retain a record containing specified information relating to a verification request containing the name of the CRA to which the request was made, the personal information provided to the CRA, the assessment received, and any other information specified in the AML/CTF Rules. Organisation agrees and understands that their obligations under this clause survive the expiry or early terminations of these Terms of Use.

4. Privacy Code clauses for NZ

4.1 The Privacy Act 2020 (NZ) and the Credit Reporting Privacy Code issued under that legislation together with any related regulations requires certain clauses to be in every agreement between illion and Organisation. This section 4 includes these clauses. Terms not defined here have the meaning given in the Privacy Law.

4.2 Where Organisation collects credit information directly or indirectly from the Individual concerned for disclosure to illion, the Organisation must inform the individual of the purposes for which illion is collecting the information and the purposes for which the information will be used and disclosed.

4.3 The Organisation must not disclose information to illion without taking such steps as are, in the circumstances, reasonable to ensure that the information is accurate, up to date, complete, relevant, and not misleading.

4.4 Where the Organisation collects a driver licence number from the individual concerned and discloses that driver licence number to illion, the Organisation must take the additional steps (as set out in sub-clauses 1(a), (b) and (c) of Schedule 5 of the Code) which are set out below:

4.4.1 the Organisation makes clear to the individual that the provision of the driver licence number is voluntary;

4.4.2 the Organisation collects the driver licence card number from the individual and discloses this to illion; and

4.4.3 where the driver licence number and driver licence card number are collected from the individual in person, the Organisation takes reasonable steps to ensure that the individual is the individual shown on the driver licence.

4.5. The Organisation must, as soon as reasonably practicable, update any credit account information, credit default information, serious credit infringement information or credit non-compliance action information (including confirmed credit non-compliance action information) previously disclosed to illion and ensure that the information remains accurate, up to date, complete, relevant, and not misleading.

4.6 Where the Organisation has disclosed credit non-compliance action information to illion, the Organisation must, after 3 months but within 6 months, confirm to illion whether it remains of the view that the action is an action that a reasonable person would consider indicates an intention, on the part of the individual, no longer to comply with the individual’s obligations in relation to credit.

4.7 The Organisation must nominate the relevant purpose or purposes under Rule 11 of the Code for which access may be sought (for example, in this case, by a prospective landlord, or a prospective landlord’s agent, for the purpose of assessing creditworthiness of that individual as a prospective tenant or as a guarantor of a tenancy), and confirms that this is the Organisation’s purpose at the time of each access.

4.8 The Organisation must co-operate with all reasonable compliance checks conducted by illion and, for that purpose, must supply, upon request, evidence to confirm compliance with the requirements of the parts of the agreement giving effect to this Schedule, or with Rule 11 or evidence to substantiate any credit account information, credit default information, serious credit infringement information or credit non-compliance action information (including confirmed credit non-compliance action information) disclosed to illion by the Organisation.

4.9 The Organisation must promptly cooperate with illion in its efforts to investigate and resolve complaints and requests for correction of credit information and must, for those purposes, supply, upon request, evidence to confirm compliance with the requirements of the parts of the agreement giving effect to this Schedule, or with Rule 11 of Code or evidence to substantiate any credit account information, credit default information, serious credit infringement information or credit non-compliance action information (including confirmed credit non-compliance action information) disclosed to illion by the Organisation.

4.10 The Organisation must take appropriate measures, including the following, to safeguard the credit information held by the illion against improper access:

4.10.1 develop written policies and procedures to be followed by its employees, agents and contractors;

4.10.2 establish controls, including;

4.10.3 The use of passwords, credential tokens or other mechanisms; and

4.10.4 User identification

4.10.5 Provide information and training to ensure compliance with the policies and controls;

4.10.6 monitor usage and regularly check compliance with the policies and controls; and

4.10.7 monitor usage and regularly check compliance with the policies and controls; and

4.10.8 take appropriate action in relation to identified breaches of the policies and controls.

4.11 The Organisation must promptly cooperate with illion in its efforts to undertake a systematic review of the effectiveness of the policies, procedures and controls in place as required.

5. Limitation of Liability

5.1  CUSTOMER AGREES THAT IN NO EVENT SHALL ILLION  (OR ITS AFFILIATES) BE LIABLE FOR ANY LOSS OR DAMAGE OF ANY KIND OR CHARACTER (INCLUDING, BUT NOT LIMITED TO, SPECIAL, INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES) EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES ARISING OUT OF THE USE OF THE INFORMATION, INCLUDING WITHOUT LIMITATION ANY LOSS OR DAMAGES ARISING OUT OF ANY CREDIT DECISIONS MADE, ANY LOSS OF PROFIT, SAVING OR GOODWILL, AND ANY LOSS OR DAMAGE ARISING OUT OF THE CONDUCT OF THIRD PARTIES.

6. Disclaimer of Warranties

6.1  Though illion uses extensive procedures to keep its database current and to maintain accurate data, Organisation acknowledges that the Information will contain a degree of error. Organisation accepts that it (i) is responsible for determining whether the Information is sufficient for Organisation's use and (ii) must rely entirely upon its own skill and judgment when using the Information.

6.2  ALL INFORMATION IS PROVIDED ON AN “AS IS”, “AS AVAILABLE” BASIS. SAVE AS OTHERWISE STATED IN THESE TERMS, ILLION DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING ANY WARRANTIES OF ACCURACY, COMPLETENESS, CURRENTNESS, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE. WE WILL NOT BE LIABLE FOR ANY LOSS OR INJURY ARISING OUT OF, IN WHOLE OR IN PART, ITS CONDUCT IN PROCURING, COMPILING, COLLECTING, INTERPRETING OR REPORTING INFORMATION.

7. Intellectual Property

Organisation acknowledges and agrees that the Information is proprietary to illion and comprises: (a) works of original authorship, including compiled information containing our selection, arrangement and coordination and expression of such information or pre-existing material it has created, gathered or assembled; (b) confidential and trade secret information; and (c) information that has been created, developed and maintained by us at great expense of time and money, such that misappropriation or unauthorised use by others for commercial gain would unfairly or irreparably harm us. Organisation agrees that it will not commit or permit any act or omission by its agents, employees, or any third party that would impair our copyright, database rights or other proprietary and intellectual rights in the Information. Organisation will not use any or our trade names, trademarks, service marks or copyrighted materials in listings or advertising in any manner without our prior written approval. Where required by us, Organisation shall reproduce our copyright notice and proprietary rights legend on all authorised copies of such Information.

8. Indemnification

Organisation agrees to indemnify, defend and hold us harmless from any claim or cause of action against us arising out of or relating to use of the Information by: (i) individuals or entities which have not been authorised by this Agreement to have access to and/or use the Information; and (ii) Organisation, except where such use by Organisation is in accordance with these Terms of Use.

9. Miscellaneous

9.1 Notwithstanding any provision in these Terms of Use, our liability to Organisation for death or injury resulting from its own or that of its employees’, agents’ or subcontractors’ negligence, or for fraudulent misrepresentations, shall not be limited.

9.2 The term of Organisation’s licence for any particular Information (or element thereof) is 12 months from the date such Information is obtained by Organisation (the “Term”). illion may terminate such licence immediately upon written notice to the Organisation in the event of Organisation’s breach of these Terms of Use.

9.3 This Agreement is governed by the laws of (i) Victoria, Australia, where the Territory is Australia; and (ii) Auckland, New Zealand, where the Territory is New Zealand.

9.4 Each party submits to the exclusive jurisdiction of the courts of the applicable jurisdiction in clause 9.3.

9.5 Without prejudice to any other rights that illion may have under this Agreement or at law, if in its reasonable opinion the Organisation has violated these Terms of Use, illion may suspend Organisation’s access to the Information while the violation is investigated. Any investigation will be carried out promptly and Organisation agrees to cooperate with us in connection with any such investigation.

9.6 Upon expiry or termination of the Term with respect to the Information, Organisation shall immediately delete, destroy or return all originals and copies of any Information, unless Organisation is otherwise instructed by us; and upon request, shall provide us with written certification thereof. This provision shall not apply to the archival copies of the Information as permitted in Section 2 above.

10. illion Product Specific Terms

The Organisation must promptly cooperate with illion in its efforts to undertake a systematic review of the effectiveness of the policies, procedures and controls in place as required.

10.1 In this section, “Personal Information”, “Credit Information”, “Credit Reporter” and “Individual” have the meaning given in Privacy Laws. “Organisation Data” means any information Organisation provides to illion.

10.2 An Organisation must only use illion Information for the permitted purposes determined by this Terms of Use therefore, the Organisation represents and warrants that disclosure by illion of any Credit Information will not give rise to a contravention of Privacy Laws.

10.3 Prior to accessing and/or using any illion Information, Organisation must obtain the consents and provide the disclosures required by Privacy Laws in respect of Personal Information collected, held, used, or disclosed by Organisation for Organisation’s purposes, including without limitation:

10.3.1 seeking the Individual’s express written consent for collecting, holding, using and disclosing Credit Information including the exchange of information with the Credit Reporter.

10.4 Organisation must not use the Credit Information obtained from illion Product for or in connection with marketing purposes.

10.5 Organisation must retain all consents and disclosures in a form reasonably acceptable to and accessible by illion, and must promptly make them available to illion at any reasonable time on request.

10.6 illion will record in an Individual’s Credit Information and may disclose in the course of providing illion Product:

10.6.1 the Organisation’s name and the fact that the Organisation has used the illion Product and the date on which the Organisation used the illion Product; and

10.6.2 any information supplied by the Organisation to illion which illion is permitted to collect under Privacy Laws, provided that illion may only disclose Credit Information as permitted by the Privacy Law.

10.7 Other obligations of the Organisation where illion provides illion Product:

10.7.1 If illion becomes aware that Credit Information supplied by the Organisation is inaccurate:

10.7.1.1 the Organisation must, if requested by illion, ascertain whether other Credit Information of illion are similarly affected and advise illion if they are;

10.7.1.2 the Organisation acknowledges that illion may advise the Commissioner of the inaccuracy and the actions that illion has taken to correct the inaccuracy.

10.7.2 If the Organisation has requested Credit Information in respect of the wrong Individual, the Organisation must immediately advise illion of the mistake and must supply illion with sufficient particulars to correct that mistake.

10.7.3 If the Organisation has become aware that it has given illion:

10.7.3.1 Credit Information that was inaccurate that may have affected, or might, adversely affect, a decision to grant credit; or

10.7.3.2 information for credit reporting that is not Credit Information,

10.7.4 the Organisation must immediately advise illion of the inaccuracy or the nature of the prohibited information (as applicable).

11. CUSTOMER DATA & acknowledgement

11.1 Organisation must supply to illion such Organisation Data, being particulars of Individuals or organisations required to supply or maintain the Services as illion may reasonably specify from time to time.

11.2 Organisation acknowledges that the Products that can be provided will be limited by applicable laws, as well as the way in which Organisation chooses to comply with applicable laws (including consents sought from individuals by Organisation and disclosures made by Organisation to individuals in respect of Personal Information relating to the provision of or consideration of the provision of credit to that Individual (such consents and disclosures being the sole responsibility of Organisation)).