PLEASE READ THESE TERMS CAREFULLY ALONGSIDE THE APPLICABLE ENTITY SPECIFIC TERMS (LINKED IN THE ORDER FORM) AND THE ORDER FORM.
Unless an Order Form specifically states otherwise, this Onfido Services Agreement (this “OSA”) applies to each fully executed Order Form. The Order Form, together with this OSA and its Schedules, and the Entity Specific Terms relevant to the Onfido contracting entity, collectively establish the “Agreement” between Onfido and the legal entity or individual listed in the applicable Order Form (“Client”). The order of precedence in the event of inconsistency or conflict between any terms is (i) Order Form (ii) Entity Specific Terms (iii) OSA Schedules and (iv) OSA.
1. DEFINITIONS AND INTERPRETATIONS
1.1 In this Agreement, unless the context otherwise requires, the following definitions will apply:
Accurate Volume Projections means for each individual Service purchased: (i) quarterly volume forecasts six weeks in advance to a degree of accuracy within 10% of the actual monthly volumes; and (ii) notice at least seven days in advance of any major volume spikes, i.e. where the number of checks in a given hour exceeds three standard deviations from the average number of hourly checks in a given month.
Baseline Tolerance means within 25% of the baseline volume commitment notified by the Client to Onfido as at the Effective Date, apportioned pro rata monthly over the Term.
Brand Features means the trade names, trademarks, logos and other distinctive brand features of the applicable party.
Charges means the charges for the Services set out in the Order Form.
Client means the Onfido client signing an Order Form as more particularly detailed in the Order Form.
Client Data means information supplied by a User or the Client in connection with this Agreement (including Personal Data, and metadata), but excludes Feedback.
Confidential Information means information disclosed by (or on behalf of) one party to the other party in connection with or in anticipation of this Agreement or any Order Form (including the content of this Agreement and all Order Forms) that is marked as confidential or, from its nature, content or the circumstances in which it is disclosed, might reasonably be supposed to be confidential. It does not include information that the recipient already knew, that becomes public through no fault of the recipient, that was independently developed by the recipient or that was lawfully given to the recipient by a third party.
Content means any information, text, graphics, or other materials uploaded, downloaded or appearing as part of the Services.
Denial of Service (“DoS”) means an attack on computer systems, networks, devices, services or other IT resource causing disruption to the targeted resource and preventing legitimate users from partial or full access to that resource.
Document means the supported documents listed on the Onfido website, or such other (Service specific) list of documents as is otherwise notified to the Client from time to time, as is subject to change and update from time to time. Where new documents are added to the Documents, they may be subject to an initial service level grace period of ninety days.
Effective Date means the date on which this Agreement takes effect, as set out in the Order Form.
Entity Specific Terms means the terms linked in the Order Form set out on the Onfido website, as relevant to the specific Onfido contracting entity.
Export Control and Sanctions Laws means any applicable export control, trade or financial sanctions laws, regulations, orders, directives, licences and requirements of any governmental or other relevant authority with jurisdiction over activities undertaken in connection with this Agreement (each such authority being a “Sanctions Authority”).
External Data Providers means any third party: institution, organisation, corporate entity or government agency responsible for the provision of data or information in relation to the Services.
FCRA means the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq.
Feedback means any feedback or suggestions provided by the Client under this Agreement in relation to the Services.
Go Live Date means the date set out in the Order Form as the Go Live Date.
GST means value added tax chargeable under Singapore law for the time being and any similar additional tax.
HST means harmonised sales tax, which is a combination of federal and provincial taxes on goods and services in five Canadian provinces.
IGST means the integrated goods and services tax chargeable under Indian law and any similar additional tax.
Information Security Policy has the meaning attributed to it in Clause 10.3.1.
Intellectual Property Rights means all patents, rights to inventions, utility models, copyright and related rights, trademarks, service marks, trade, business and domain names, rights in trade dress or get-up, rights in goodwill or to sue for passing off, unfair competition rights, rights in designs, rights in computer software, database rights, topography rights, moral rights, rights in Confidential Information (including Know-How and trade secrets) and any other intellectual property rights, in each case whether registered or unregistered and including all applications for and renewals or extensions of such rights, and all similar or equivalent rights or forms of protection in any part of the world.
Know-How means unpatented technical information (including information relating to inventions, discoveries, concepts, methodologies, models, research, development, and testing procedures; the results of experiments, tests, and trials; processes, techniques, and specifications; quality control data, analyses, reports, and submissions) that is not in the public domain.
Notice has the meaning attributed to it in Clause 11.6.
Order Form means each fully executed Onfido order form that incorporates this OSA, its Schedules, and the Entity Specific Terms and its Schedules, and describes the Services to be provided by Onfido from time to time as agreed between the parties.
Permitted Purpose means legitimate, professional, informational, internal business operations purposes and not in any event for the reselling or otherwise making the Services available to any third parties.
Personal Data has the meaning attributed to it in Clause 10.1.
Privacy Laws means any applicable rules, laws, regulations, directives and governmental requirements currently in effect and as they become effective relating to privacy or data protection.
Processing has the meaning attributed to it in Clause 10.1.
PST means provincial sales tax, which is a province specific tax that is collected separately from the GST. In Manitoba, the PST is known as Retail Sales Tax (RST); and Quebec charges Quebec Sales Tax (QST).
RBI means the Reserve Bank of India, India’s central bank established under the Reserve Bank of India Act, 1934.
Record of Processing means the records of Onfido Processing and list of third party service providers detailed at https://highq.in/jgfufndu8w, or as otherwise notified to Client from time to time.
Reports means a summary at a User level containing one or more of the checks outlined in the Order Form.
Restricted Territory means a country or territory that is subject to any general financial or trade restrictions or embargoes under Export Control and Sanctions Laws from time to time.
Sanctioned Person means an entity or individual who is named on a list issued from time to time by a Sanctions Authority identifying persons who are subject to Export Control and Sanctions Laws.
Sandbox Environment means a test environment for Clients to simulate API requests and to test their integration with the Software.
Security Breach has the meaning attributed to it in Clause 10.5.
Services means the services and/or products offered by Onfido from time to time under this Agreement and as more particularly detailed in the applicable Order Form (including, as the case may be, the Reports, Content, Software, Site, and API).
Site means https://onfido.com/ and its subdomains.
SLA means the Onfido service levels for the Services as set out in the Order Form.
Software means any software provided by Onfido, including the software development kit (or “SDK”) and any Maintenance Release which is being made available to the Client as part of the Services.
Taxes or Tax means all applicable sales or consumption taxes on the Services (or goods) provided hereunder (including sales tax, use tax, excise tax, services tax, TVA, VAT, GST, PST and HST) imposed by any governmental authority having jurisdiction on all items, goods and/or Services being paid for by the Client hereunder.
TVA means value added tax chargeable under French law for the time being and any similar additional tax.
User means any person whose identity is being verified by the Client using the Services.
VAT means value added tax chargeable under German or English law for the time being and any similar additional tax.
1.2 Where the words include(s), including or in particular are used in this Agreement or any Order Form, they are deemed to have the words without limitation following them.
1.3 References to clauses are to the clauses of the Onfido Services Agreement.
1.4 A reference to a party includes its successors and permitted assigns.
This Agreement will commence on the Effective Date and will continue in effect for the duration from the Go Live Date as set forth in the Order Form (the “Initial Term”), unless terminated sooner in accordance with this Agreement. If the Initial Term of this Agreement is not specified in the Order Form, then the Initial Term for this Agreement will be for twelve (12) months from the date of the last signature of the Order Form. After the Initial Term, this Agreement will automatically renew for successive twelve (12) month periods (each, a “Renewal Term”), unless written termination notice is provided by either party at least thirty (30) days prior to the expiration of the then-current term (such Notice to be effective at the end of the Initial Term or the then current Renewal Term). The Initial Term and the Renewal Terms (if any) are collectively referred to as the “Term”.
3. COST INCREASE
Where: (i) any External Data Provider increases an existing charge and/or changes the basis on which it provides information, or confirmation of qualifications or membership; and (ii) the cost of Onfido providing a background check under this Agreement increases as a direct result (each a “Cost Increase”), Onfido may increase the agreed Charges set out in the Order Form by the Cost Increase provided that Onfido will use reasonable endeavours to notify Client of the Cost Increase prior to implementing the Cost Increase. Notwithstanding the foregoing, Client is responsible for all Cost Increases provided that these are properly incurred by Onfido. In the event that the Client does not wish to incur to the cost increase that may arise under this provision, it will be permitted to terminate the Agreement in accordance with its terms.
4. PARTIES’ OBLIGATIONS
4.1 Onfido will, during the Term, provide the Services with reasonable skill and care and in accordance with the SLA.
4.2 The parties will provide each other with: (a) all necessary co-operation in relation to this Agreement; and (b) access to such information as may be required in order to render and receive the Services, as set out in this agreement.
4.3 Unless agreed otherwise in an Order Form, the Client: (a) may download, view, copy and print Content and use the Services for the Permitted Purpose only; (b) agrees that the Reports, Services, the Site and Content may not be sold, transferred, sublicensed, commercially exploited or otherwise made available to, or used for the benefit of, any third party other than the Client; (c) will not make the Services available or otherwise use the Services in any jurisdiction such that Onfido's provision of the Services would require Onfido to physically store data (of any kind) in that jurisdiction, without first obtaining Onfido’s prior written consent; (d) will not make the Services available or otherwise use the Services in any jurisdiction where the Services are not permitted by applicable law; and(e) agrees to provide Users with human intervention in respect of any disputed Reports or with alternative methods to dispute Reports and any other information resulting from the use of the Services.
4.4 The Client will comply with all applicable laws and regulations (including any obligation to seek prior regulatory review, approval, or similar) with respect to its use of the Services and will not: (a) use the Services to discriminate against the User or in a manner that causes damage or injury to any person or property; (b) use the Services in a manner that could be reasonably expected to bring Onfido into disrepute or otherwise harm its reputation; (c) act or omit to act in a way which interferes with or compromises the integrity or security of the Services; (d) access all or any part of the Services in order to build a product or service which competes with the Services; (e) amend or remove Onfido Brand Features or “powered by Onfido” language from the Services, Site, or Software; (f) make use of the Onfido API without prominently displaying “powered by Onfido” language in a place that is clearly visible to Users; (g) except as may be allowed by any applicable law which is incapable of exclusion by agreement between the parties: (i) attempt to copy, modify, duplicate, create derivative works from, frame, mirror, republish, download, display, transmit, or distribute all or any portion of the Services (as applicable) in any form or media or by any means to any individual or entity, including without limitation, Users; or (ii) attempt to reverse compile, disassemble, reverse engineer or otherwise reduce to human-perceivable form all or any part of the Services; or (h) attempt to access the Services other than through the means made available to the Client by Onfido. Any breach of this clause will be deemed to be a material breach.
4.5 Onfido will only process the Personal Data to the extent, and in such a manner, as is necessary to provide the Services and to (a) detect and prevent fraud, (b) develop and improve Onfido’s services including machine-learning technologies; (c) pseudonymise, aggregate and, where feasible, anonymise the Personal Data to compile statistics, benchmarking and analytics regarding the Services; (d) as necessary to comply with applicable law or regulation; and/or (e) exercise legal rights or defend legal claims.
4.6 The Client will only provide Personal Data to Onfido that is complete and in a form that Onfido can Process, and Client agrees that if any Personal Data is not provided as such, any resulting impact on the quality of the Services shall not cause Onfido to be in breach of this Agreement or any SLA.
4.7 The Client is responsible for maintaining the confidentiality of any password(s) or other security measures used to access the Services, and is fully responsible for all activities that occur under such password(s) or other security measures. The Client will notify Onfido immediately of any suspected or confirmed unauthorised access to or use of the Services. If Onfido reasonably believes that there has been unauthorised access to or use of the Services, or is notified of such by the Client pursuant to this clause, Onfido reserves the right to immediately withdraw or suspend access to the Services and to alter the Client’s password(s), provided that Onfido restores access to the Services and/or provides new Client password(s) (as applicable) as soon as reasonably possible.
4.8 The Client acknowledges and agrees that the veracity of any information transmitted through the Site and in relation to the Services is the sole responsibility of the originator from which the content originated (for example, data suppliers) and Onfido will not be liable for omissions in content or errors or false statements, including in respect of data provided by third parties. The Services are not intended to be used as the sole basis for any business decision (including where those business decisions concern a User). The Client agrees and acknowledges that Onfido does not monitor or police information submitted by or on behalf of the Client through its Services and has no liability for any inaccuracy, incompleteness or other error in the Services (including the Site, the Reports and the Content) which arises as a result of data provided by the Client or any third party.
4.9 The Client will indemnify, defend, and hold harmless Onfido and its respective officers, shareholders, directors, and personnel, (and keep such individuals indemnified on a full indemnity basis), from and against any third party claims, suits, hearings, actions, damages, liabilities, fines, penalties, costs, losses, judgments or expenses (including reasonable attorneys' fees) arising out of or relating to the Client’s use of the Services (collectively, “Claims”), provided and to the extent that such Claims are not due to any breach of this Agreement by Onfido.
5. CHARGES AND PAYMENT
5.1 In consideration of the provision of the Services, the Client will pay the charges set out in the applicable Order Form in the manner set out in this Agreement and/or the applicable Order Form.
5.2 All charges quoted to the Client will be exclusive of Taxes which (where applicable) Onfido will add to its invoices at the appropriate rate. All payments due to Onfido will be in the currency set out in the Order Form.
6. PERMITTED USE AND PROPRIETARY RIGHTS
6.1 Without prejudice to clause 6.2, Onfido and its licensors own all Intellectual Property Rights and all other rights in the Services, Feedback, Onboarding Packages (if applicable) and/ or Beta Features and all improvements, modifications and derivative works thereof. Onfido licenses all such rights to the Client free of charge during the Term on a non-exclusive, non-transferable, royalty-free worldwide basis to such extent as is necessary to enable the Client to make use of the Services in accordance with this Agreement and the Order Form. The Client will leave in place (and not alter or obscure) all proprietary notices and licences contained in the Services. All rights in and to Intellectual Property Rights owned or controlled by Onfido not expressly granted herein are reserved.
6.2 As between Onfido and the Client, all Intellectual Property Rights in and to Client Data will be owned by the Client. The Client owns or has otherwise obtained all necessary rights, title and interest in and to the Client Data and grants to Onfido, its affiliates, and third party service providers a licence to copy, modify, repackage, distribute, resell, share, deliver, transfer or otherwise make available, and to create or develop derivative works from Client Data for the purposes set out in Clause 4.5.
6.3 Any new Intellectual Property Rights which are created as a result of, or in connection with, this Agreement (“New IPR”), shall be owned by Onfido. To the extent not owned solely by Onfido, Client hereby assigns, including by present assignment of future rights, all right, title and interest in and to all Intellectual Property Rights in the New IPR to Onfido and agrees to execute such deeds or documents and do such act and things as Onfido may deem necessary or desirable to give effect to that assignment. To the extent that the foregoing assignment cannot as a matter of law be assigned, the Client hereby grants to Onfido a nonexclusive, perpetual, irrevocable, royalty free, worldwide licence to make use of New IPR and otherwise exploit without restriction.
6.4 The Client will allow Onfido to reference and/or include the Client in any advertising or promotional material, including:
- using the Client's Brand Features in advertising or promotional materials, including on the Onfido Website, social media sites, external marketing powerpoints and presentations, and sales materials at conferences;
- working with Onfido on finalising a case study within 90 days following the Client's first use of the Services; and
- naming the Client in a press release, such press release to be jointly worked on with the Client within 90 days of the Commencement Date and to be subject to Client’s final approval.
7. TERMINATION AND EXIT
The termination rights of the parties are set out in the Entity Specific Terms.
8. LIMITATION OF LIABILITY
8.1 SUBJECT TO THE PROVISIONS OF CLAUSE 8.2, THIS CLAUSE 8 SETS OUT THE ENTIRE FINANCIAL LIABILITY OF EITHER PARTY (INCLUDING ANY LIABILITY FOR THE ACTS OR OMISSIONS OF EITHER PARTY’S EMPLOYEES, AGENTS AND SUB-CONTRACTOR) IN RESPECT OF: (A) ANY BREACH OF THIS AGREEMENT OR ANY ORDER FORM; AND (B) ANY USE MADE BY THE CLIENT OF THE SERVICES (INCLUDING THE REPORTS, THE CONTENT AND THE SITE) OR ANY PART OF THEM; AND (C) ANY REPRESENTATION, STATEMENT OR TORTIOUS ACT OR OMISSION (INCLUDING NEGLIGENCE) OR BREACH OF STATUTORY DUTY ARISING UNDER OR IN CONNECTION WITH THE AGREEMENT AND ANY ORDER FORM.
8.2 NOTHING IN THIS AGREEMENT OR IN ANY ORDER FORMS LIMITS OR EXCLUDES EITHER PARTY'S LIABILITY: (A) FOR DEATH OR PERSONAL INJURY; OR (B) FOR FRAUD OR FRAUDULENT MISREPRESENTATION; OR (C) FOR WILFUL MISCONDUCT; (D) PAYMENT OF SUMS PROPERLY DUE AND OWING TO THE OTHER IN THE COURSE OF NORMAL PERFORMANCE OF THIS AGREEMENT AND ALL ORDER FORMS; OR (E) ANYTHING NOT PERMITTED TO BE LIMITED BY APPLICABLE LAW..
8.3 SUBJECT TO CLAUSES 8.1 AND 8.2, NEITHER PARTY WILL BE LIABLE UNDER OR IN CONNECTION WITH THIS AGREEMENT OR ANY ORDER FORM (WHETHER IN CONTRACT, TORT OR OTHERWISE) FOR ANY: (A) LOSS OF PROFIT; (B) LOSS OF ANTICIPATED SAVINGS; (C) LOSS OF BUSINESS OPPORTUNITY; (D) LOSS OF OR CORRUPTION OF DATA; (E) LOSS OF REPUTATION OR GOODWILL; OR (F) SPECIAL, INDIRECT OR CONSEQUENTIAL LOSSES; SUFFERED OR INCURRED BY THE OTHER PARTY (WHETHER OR NOT SUCH LOSSES WERE WITHIN THE CONTEMPLATION OF THE PARTIES AT THE DATE OF THIS AGREEMENT AND/OR THE APPLICABLE ORDER FORM). ONFIDO WILL NOT BE LIABLE FOR LOSS SUFFERED BY THE CLIENT TO THE EXTENT ONFIDO CANNOT INDEPENDENTLY SUBSTANTIATE A CLAIM DUE TO THE FACT THAT THE CLIENT HAS INSTRUCTED ONFIDO TO DELETE THE UNDERLYING PERSONAL DATA.
8.4 EITHER PARTY'S TOTAL AGGREGATE LIABILITY IN CONTRACT, TORT (INCLUDING NEGLIGENCE OR BREACH OF STATUTORY DUTY), MISREPRESENTATION, RESTITUTION OR OTHERWISE ARISING IN CONNECTION WITH THE PERFORMANCE OR CONTEMPLATED PERFORMANCE OF THIS AGREEMENT AND ALL APPLICABLE ORDER FORM WILL BE LIMITED TO 125% OF THE TOTAL AMOUNT PAID AND PAYABLE BY THE CLIENT UNDER THE APPLICABLE ORDER FORM FOR THE 12 MONTHS PERIOD IMMEDIATELY PRECEDING THE EVENT GIVING RISE TO THE FIRST CLAIM.
8.5 SUBJECT TO CLAUSE 8.2, THE CLIENT ASSUMES SOLE RESPONSIBILITY FOR WORKFLOWS AND CONCLUSIONS DRAWN FROM USE OF THE SERVICES (INCLUDING THE REPORTS, THE CONTENT AND THE SITE).
8.6 In the event that the Client elects to access Onfido's services through a third party interface, integration or similar ("Third Party Integration"), such Third Party Integration will be outside the scope of this Agreement, and shall remain the sole responsibility of the Client. The Client will contract directly with such third party, and Onfido will (i) have no liability in respect of such third party, or Third Party Integration; and (ii) not be in breach of this Agreement to the extent such breach is caused by the Third Party Integration.
9.1 The recipient of any Confidential Information will not disclose that Confidential Information, except to (i) employees, affiliates and/or professional advisors who need to know it and who have agreed in writing (or in the case of professional advisors are otherwise bound) to keep such information confidential and (ii) third party service providers where and only to the extent required to fulfil the purpose of the Agreement. The recipient will ensure that those people and entities: (a) use such Confidential Information only to exercise rights and fulfil obligations under this Agreement and the applicable Order Form; and (b) keep such Confidential Information confidential. The recipient may also disclose Confidential Information when required by law after giving reasonable Notice to the discloser, such Notice to be sufficient to give the discloser the opportunity to seek confidential treatment, a protective order or similar remedies or relief prior to disclosure.
9.2 The recipient may also disclose Confidential Information (i) when required by law or (ii) where reasonably required in connection with a defence of a legal claim (including any pre-action protocols (for example in response to a letter before claim) and/or settlement discussions). Before the recipient discloses any Confidential Information pursuant to this clause 9.2 it shall, to the extent permitted by applicable law, give reasonable Notice to the discloser, such Notice to be sufficient to give the discloser the opportunity to seek confidential treatment, a protective order or similar remedies or relief prior to disclosure.
10. DATA PROTECTION
10.1 PERSONAL DATA. The Client will provide or make available to Onfido or assist Onfido with the collection of information relating to Users (such information provided under this Agreement is “Personal Data”). Such information includes but is not limited to the information described on the Order Form. Client consents to Onfido’s collection, storage, use, disclosure, international transfer, and destruction of Personal Data (collectively, )“Process” “Processing”) to provide the Services and otherwise in accordance with the Agreement. The Client represents and warrants that it has taken all required steps to ensure that Onfido may lawfully Process the Personal Data for the purpose of providing the Services and the performance of this Agreement in accordance with Privacy Laws (including by having obtained all necessary consents and provided all necessary notices, where required).
10.2 ONFIDO RESPONSIBILITIES. Onfido will:
10.2.1 Process Personal Data only in accordance with this Agreement and the Customer’s written instructions, including via email and the Onfido Dashboard;
10.2.2 inform the Client if, in its opinion, an instruction from the Client infringes any Privacy Laws;
10.2.3 unless required by applicable law, not disclose or otherwise make available any Personal Data to any third party without first (i) imposing contractual obligations on the third party recipient that are substantially similar to those imposed on Onfido under this Agreement related to the Processing of Personal Data; and (ii) including the third party in Onfido’s Record of Processing before sharing any Personal Data with that third party service provider. Onfido shall make the Record of Processing available to Client, and if Client objects to any third party service provider, Client may terminate this Agreement in accordance with the Entity Specific Terms. Onfido agrees to remain liable to the Client for the aforementioned third party service provider’s Processing of Personal Data;
10.2.4 cooperate and assist the Client in responding to any User’s request to exercise their rights of access, rectification, erasure, restriction of Processing, data portability, objection to Processing, or any other rights available to the User under Privacy Laws (collectively "Data Subject Rights"), and Client agrees that Onfido may disclose Client's name and contact information to any User seeking to exercise their Data Subject Rights so User may directly exercise their Data Subject Rights with the Client;
10.2.5 enable the Client to amend, correct, or delete (unless storage of any Personal Data is required for the purposes specified in Clause 4.5) Personal Data within the Services;
10.2.6 where requested by the Client and required under Privacy Laws, provide such assistance as the Client reasonably requires (taking into account the nature of the Processing and the information available to Onfido) for the Client to (i) conduct data protection impact assessments; and (ii) consult with data protection supervisory authorities;
10.2.7 take measures designed to ensure the reliability of all personnel who Process Personal Data by (i) performing background checks upon such personnel (where permissible under applicable law); (ii) assigning specific and necessity-based access privileges to such personnel; (iii) ensuring that such personnel have undergone training in data protection and privacy; and (iv) ensuring that such personnel are bound by obligations of confidentiality;
10.2.8 provide other reasonably necessary assistance for the Client to meet its compliance obligations under Privacy Laws with respect to the Services.
10.3 SECURITY SAFEGUARDS
10.3.1 Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons and in accordance with a comprehensive information security policy (“Information Security Policy”), Onfido will establish, maintain and comply with administrative, physical, technical and organisational safeguards designed to ensure the security and confidentiality of Personal Data and to prevent the unauthorised disclosure of, or access to, Personal Data.
10.3.2 Onfido’s Information Security Policy will: (i) implement back-up and disaster recovery systems; (ii) continuously assess risks to the security of Personal Data by (1) assessing the likelihood and potential damage of such risks, taking into account the sensitivity and risk of the Personal Data, (2) identifying internal and external threats that could result in a Security Breach, and (3) conducting penetration testing; and (iii) take appropriate steps to protect against such risks.
10.4.1 Onfido will keep at its normal place of business detailed, accurate and up-to-date records relating to the Processing of Personal Data by Onfido.
10.4.2 Upon sixty (60) days written Notice, once per contract year Onfido will make available to the Client such access to its books and records as is reasonably necessary for audit purposes to demonstrate Onfido’s compliance with its obligations under Privacy Laws. Any audit requests in excess of those set out in this Clause 10.4.2 will be at Onfido's discretion, and at the Client's sole cost (with the exception of in the event that the audit reveals a breach of Privacy Laws) . All audits are subject to confidentiality obligations.
10.4.3 Onfido shall promptly resolve all data protection and security issues discovered by the Client and reported to Onfido that reveal a breach or potential breach by Onfido of any of its obligations under this Agreement or Privacy Laws.
10.5 SECURITY BREACH. In the event Onfido confirms any breach of security involving its facilities, networks or systems and any unauthorised disclosure of, or access to, Personal Data (each, a "Security Breach"), Onfido will (i) without undue delay notify the Client of the Security Breach; and (ii) provide all reasonable help for the Client to investigate and remedy the Security Breach.
10.6 DESTRUCTION OF PERSONAL DATA.
- Subject to 10.6(b), on the earlier of (i) written instructions from Client, which shall include changes to Client’s configuration within the Services, (ii) Onfido’s maximum data retention period, or (iii) a reasonable period of time after the termination or expiration of this Agreement, Onfido will cease processing and delete Personal Data processed for the provision of the Services (unless storage of any Personal Data is required for purposes specified in Clause 4.5)
- All other Personal Data processed by Onfido (including Personal Data processed for backup and logging purposes) or on behalf of Onfido (including Personal Data processed by third parties) is deleted in accordance with Onfido’s Record of Processing.
10.7 INDEMNITY. Onfido will indemnify, defend, and hold harmless the Client and its respective officers, shareholders, directors, and personnel, (and keep such individuals indemnified on a full indemnity basis), from and against any claims, suits, hearings, actions, damages, liabilities, fines, penalties, costs, losses, judgments or expenses (including reasonable attorneys' fees) arising out of Onfido’s breach of Clause 10.5.
11.1 If any provision of this Agreement or Order Form (or part of any provision) is found by any court or other authority of competent jurisdiction to be invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed not to form part of the Agreement or Order Form as applicable and (a) the parties will immediately commence good faith negotiations to remedy such invalidity; and (b) the validity and enforceability of the other provisions of the Agreement or Order Form as applicable will not be affected.
11.2 This Agreement and the applicable Order Form constitutes the whole agreement between the parties and supersedes any previous arrangement, understanding or agreement between them relating to the subject matter of this Agreement and the applicable Order Form. Each party acknowledges that in entering into this Agreement or any Order Form it has not relied upon any oral or written statements, collateral or other warranties, assurances, representations or undertakings which were made by or on behalf of the other party in relation to the subject-matter of this Agreement or an Order Form at any time before its signature other than those which are set out in this Agreement or any Order Form. Furthermore and for the avoidance of doubt, Client understands its business needs and has determined independently that the Services will meet its needs.
11.3 Except as expressly stated otherwise, nothing in this Agreement or any Order Form will create an agency, partnership or joint venture of any kind between the parties. Neither party will have authority to act in the name of or on behalf of the other, or to enter into any commitment or make any representation or warranty or otherwise bind the other in any way.
11.4 Neither party may assign any of its rights or obligations under this Agreement without the prior written consent of the other such consent not to be unreasonably withheld save that either party can, provided not to a direct competitor, assign this Agreement by operation of law, or in connection with a merger, change of control, sale of assets or other similar transaction.
11.5 The Client acknowledges and agrees that the supply of the Reports and Services by Onfido and their use by the Client is governed by laws and regulatory requirements and that these laws and regulatory requirements may be altered from time to time. The Client agrees that Onfido may: (a) modify; or (b) cease to provide the Services (including the Reports, the Content and the Site) to the Client if necessary to comply with the legal or regulatory requirements, and that such modifications or a cessation will not be deemed to be a breach of this Agreement.
11.6 All notices must be in English, in writing, and sent by email to the address for Legal notices as set out in the Order Form, or such other address as either party has notified the other in accordance with this clause (a “Notice”).
11.7 The parties will: (i) comply with all applicable Anti-Corruption Laws; (ii) promptly report to the other party any request or demand for any undue financial or other advantage of any kind received by it in connection with the performance of this Agreement; (iii) cooperate regarding investigations by the other Party into any matters related to bribery and corruption in connection with this Agreement.
11.8 Charges specified in this Agreement are exclusive of any Tax. The Client will be responsible for, and agrees to pay, Tax on all items, goods and/or Services being paid for by the Client hereunder. If the Client is based in Canada and does not provide a valid GST (or HST) number, Onfido will include GST, PST, and HST in invoices if applicable. Any and all payments or reimbursements made hereunder shall be made free and clear of and without deduction for any and all taxes, levies, imports, deductions, charges or withholdings. If the Client is required by law to deduct such Taxfrom or in respect of any sum payable hereunder to Onfido then the sum payable hereunder shall be increased as may be necessary so that, after all deductions are made, the Onfido receives an amount equal to the sum it would have received had no such deductions been made. The Parties will cooperate and take all steps reasonably and lawfully available to them to minimise such Tax and to obtain double taxation relief. If the Client withholds any such amounts from the fees, the Client will provide Onfido with a statement of withholding tax within 30 days from the withholding. Unless otherwise agreed, the party that is liable for payment of any tax upon which interest and penalties are imposed shall bear such interest and penalties. In the event Onfido suffers any fines, penalties or charges due to the Client's non-compliance with this Clause, or the Client fails to comply with the relevant tax legislation and regulations in respect of the Charges, the Client will indemnify Onfido for such costs.
11.9 Except in respect of any transfer of staff pursuant to applicable law, neither party shall (except with the prior written consent of the other party) directly or indirectly solicit or entice away (or attempt to solicit or entice away) from the employment of the other party any person employed or engaged by such other party in the provision of the Services or (in the case of the Client) in the receipt of the Services at any time during the Term or for a further period of 3 months after the termination of this Agreement other than by means of a national advertising campaign open to all comers and not specifically targeted at any of the staff of the other party.
11.10 The Client shall: (i) comply with Export Control and Sanctions Laws; (ii) not engage in any conduct or permit the use of, or access to, the Services in such a way which would constitute an offence under Export Control and Sanctions Laws; (iii) not do, or omit to do, any act that would cause Onfido to be in breach of Export Control and Sanctions Laws; and (iv) have and enforce its own procedures and controls to ensure compliance with Export Control and Sanctions Laws. The Client represents and warrants that it and each company within the same group as the Client is not: (i) a Sanctioned Person; (ii) owned (50% or more, including in the aggregate) or controlled by, or acting on behalf of, a Sanctioned Person; or (iii) located, carrying on business or resident in a Restricted Territory. The Client will immediately notify Onfido if, during the term of this Agreement: (i) it has breached the terms of this clause 11.10; or (ii) any of the representations or warranties set out in this clause 11.10 are no longer true. Any breach of this clause by the Client will be deemed to be a material breach of this Agreement. Onfido reserves the right to implement geo-blocking or such other measures as it deems necessary to ensure that the Services are not provided to Users who are subject to Export Control and Sanctions Laws
11.11 Each party warrants that, in connection with this Agreement, it: (i) will comply with all applicable anti-corruption laws adopted by countries where the Services are being performed, including provisions of the United States Foreign Corrupt Practices Act 1977, the United Kingdom Bribery Act 2010, and any amendments thereto; and (ii) has not been found by a court in any jurisdiction to have violated any such laws. Each party will promptly report to the other party any request or demand for any undue financial or other advantage of any kind received by it in connection with this Agreement.
11.12 Any and all claims for loss arising under this Agreement will be subject to a general obligation of the parties to use all reasonable efforts to mitigate such losses.
11.13 Onfido may modify this OSA or the Entity Specific Terms at any time by posting a revised version on the Site or by otherwise notifying you in accordance with clause 11.6; provided, however, that we will provide advance notice in accordance with clause 11.6 for material adverse changes to the OSA or Entity Specific Terms. Subject to the advance notice requirement with respect to such material adverse changes, the modified terms will become effective upon posting or, if we notify you by email, as stated in the email message. By continuing to use the Services after the effective date of any modifications, you agree to be bound by the modified terms. It is your responsibility to check the Site regularly for modifications to the OSA and Entity Specific Terms. We last modified these on the date listed at the beginning of them.