EVP Terms

Equifax IDMatrix Services

These terms and conditions govern the supply to the Customer by Equifax Australia Information Services and Solutions Pty Limited ABN 26 000 602 862 (Equifax) of its electronic identity verification service, the IDMatrix™ Service, which verifies an applicant’s details against various datasets including Equifax Proprietary Databases, Public Databases and Third Party Databases (defined below) according to verification requirements specified by the Customer (Business Rules). Defined terms used in these terms and conditions have the meaning specified in the glossary in section 8.

1. ACKNOWLEDGEMENTS

1.1 Applicable terms. The Customer acknowledges that these terms and conditions govern the use of the IDMatrix™ Service within the LAB Groups Services and that further terms and conditions may apply to the use of data accessed using the IDMatrix™ Service. Accordingly, where the Customer:
(a) is an existing subscriber to or user of one or more of Equifax’s Proprietary Databases, the terms and conditions of use applicable to those Proprietary Databases (such as Equifax’s Terms of Supply) will continue to apply to the Customer’s use via the IDMatrix™ Service;
(b) pursuant to the Business Rules requests Equifax to use Third Party Databases in providing the IDMatrix™ Services, the terms and conditions of use of those Third Party Databases (such as the terms applicable to use of Australia Post address data in Schedule 1 for address validation as part of the IDMatrix™ Service) will apply to the Customer in addition to these terms; and
(c) pursuant to the Business Rules requests Equifax use the DVS, the Customer must:
(i) nominate Equifax as its Gateway Service Provider;
(ii) apply to become and be approved as a DVS Business User in accordance with the Commonwealth Attorney-General’s Department’s requirements; and
(iii) comply with the DVS Business User Terms and Conditions specified by the Commonwealth Attorney-General’s Department from time to time.
1.2 Changes to terms. Where a third party data supplier imposes any conditions on the use of data by end users pursuant to the data supplier’s agreement with Equifax, the Customer acknowledges that Equifax may impose those conditions on the Customer. Equifax will notify LAB Group of the conditions, LAB Group will then notify the Customer of the conditions, and the Customer must comply with them.
1.3 Applicant consent. The Customer must obtain the consent of each Applicant to verify their identity using the IDMatrix™ Service and, where required by Equifax, must also obtain the authority of the Applicant for Equifax to act as the Applicant’s agent in accessing applicable Third Party Databases for identity verification.

2. CUSTOMER OBLIGATIONS

2.1 Use of IDMatrix™ Service. The Customer must:
(a) not use the IDMatrix™ Service, Service Materials or any data generated by use of the IDMatrix™ Service, for any purpose other than the Approved Purpose;
(b) not resell the IDMatrix™ Service, Service Materials or any data generated by use of the IDMatrix™ Service (whether as is or in combination with other services or other data);
(c) not change, delete or alter any metadata provided by Equifax as part of the IDMatrix™ Service; and (d) comply with other reasonable requirements notified by Equifax to LAB Group and notified by LAB Group to the Customer from time to time relating to the use of the IDMatrix™ Service.
2.2 Customer data.
(a) Where Equifax is in possession of Customer data, Equifax will be responsible for its confidentiality, privacy and security, however Equifax is not responsible for the storage or back-up of any Customer data.
(b) The Customer acknowledges that Equifax may retain the output of each use of the IDMatrix Service by the Customer in relation to an Applicant (Output Information). The Output Information may be retained, used and disclosed to third parties by Equifax for identity information enhancement purposes (Equifax Use). The Customer must ensure that it has Applicant consent to support the Equifax Use.

2.3 AMLCTFA. The AMLCTFA, among other regulations, places obligations on the Customer in relation to identifying, and verifying the identity of, its customers, and related reporting and record keeping. The Customer acknowledges that while the IDMatrix™ Service is intended to assist the Customer to comply with the AMLCTFA, the obligation to comply with the AMLCTFA remains with the Customer.
2.4 Business Rules. The Customer warrants that the Business Rules as provided to Equifax are in compliance with all Applicable Laws for the conduct by the Customer of its business.

3. INTELLECTUAL PROPERTY RIGHTS

3.1 Ownership. Other than as provided in this section 3, nothing in these terms and conditions transfers ownership in, or grants any right to, any Intellectual Property Rights of a party.
3.2 Service Materials. Equifax grants to the Customer a non-transferable, non-exclusive, royalty-free licence to use the Service Materials to the extent necessary for the Customer’s use of the IDMatrix™ Service in accordance with these terms and conditions.
3.3 Customer Materials. The Customer grants to Equifax a perpetual, non-transferable, non-exclusive, royalty free licence to use and exercise all of the Intellectual Property Rights in Customer Materials to the extent necessary for Equifax’s supply of the IDMatrix™ Service.
3.4 Developed Materials. Any Intellectual Property Rights in Developed Materials will be owned by Equifax. The Customer agrees to assign all Intellectual Property Rights in the Developed Materials to Equifax and to execute (and procure that its Employees execute) all documents and do all things necessary to give effect to the foregoing assignment. Equifax grants to the Customer a non-transferable, non-exclusive, royalty-free licence to use the Developed Materials to the extent necessary for the Customer’s use of the IDMatrix™ Service in accordance with these terms and conditions.
3.5 Equifax warrants that the IDMatrixTM Services and Developed Materials, and their use or enjoyment by Customer under this agreement, do not infringe the Intellectual Property Rights of any person. Equifax will indemnify, hold harmless and defend Customer, its Affiliates and their representatives from and against any loss or liability arising from any claim, demand, suit, action or proceeding for an infringement, or an alleged infringement, of the Intellectual Property Rights
of any person, which occurred because of the purchase, possession or use of the Deliverables or the provision of the Services.

4. TERMINATION

4.1 Termination. Equifax may terminate provision of the IDMatrix™ Services by notice to the Customer:
(a) if the Customer breaches a material provision of these terms and conditions and the breach is not capable of remedy or, where the breach is capable of remedy, the Customer fails to remedy the breach within 14 days of receiving a notice from Equifax detailing the breach and requiring that it be rectified;
(b) if the Customer becomes Insolvent;
(c) if the Customer engages in fraud or wilfully wrongful or unlawful conduct; or (d) if the Customer’s agreement with LAB Group terminates for any reason.
4.2 Suspension. Where Equifax reasonably believes that the Customer is in material breach of any of these terms and conditions, Equifax may on notice suspend provision of the IDMatrix™ Services until such time as the breach is remedied.

5. WARRANTY AND LIABILITY

(a) Equifax makes no warranties or representations about, and is not liable for any loss or damage incurred in relation to, information sourced from third parties and accessed using the IDMatrix™ Service, or its reliability, accuracy, completeness or currency.
(b) Equifax warrants that the IDMatrix™ Service will operate in accordance with the Service Materials, however Equifax does not warrant that the IDMatrix™ Service will be available or operate uninterrupted or error-free.
(c) Except as otherwise provided in these terms and conditions and to the extent permitted by law, Equifax excludes any warranty regarding the IDMatrix™ Service, including conditions, warranties and guarantees imposed by law.
(d) Equifax is not liable to the Customer, and the Customer has no claim against Equifax, in contract, in tort (including negligence), under statute or on any other basis for any loss or damage suffered by the Customer or any other person in reliance on any third party information accessed using the IDMatrix™ Service.
(e) To the extent permitted by law, Equifax limits its liability:
(i) with the exception of indemnity confidentiality obligations, in the aggregate for all claims of direct loss or damage suffered by the Customer under or in connection with this agreement to three (3) times the amounts paid and payable under this agreement; and
(ii) in respect of any failure to comply with a statutory guarantee which cannot be excluded to the resupply of services or the cost of resupplying the services, at Equifax’s option.

6. ASSIGNMENT AND SUB-LICENSING

The Customer may not sub-license or assign any rights or licences granted to it in relation to the IDMatrix™ Service without Equifax’s consent.

7. CONFIDENTIALITY, PUBLICITY AND PRIVACY

7.1 Neither party may, without the prior approval of the other party (which approval is to be within the other party’s sole discretion) make a record of or make public or disclose to any person any information about this agreement, the other party’s Confidential Information or the other party’s operations.
7.2 Equifax may disclose Confidential Information relating to Customer only to those of its Representatives (including without limitation the Key Personnel) who have a need to know, are aware that the Confidential Information must be kept confidential and have agreed in writing to Customer to comply with the terms of this clause 7. Equifax agrees that a failure by its Representatives (including without limitation the Key Personnel) to comply with this clause 7 will be deemed to be a breach of this agreement by Equifax.
7.3 Each party must ensure that its Representatives engaged by it for the purposes of the agreement, do not make public or disclose information referred to in clause 7.1
7.4 Either party may at any time require the other party to give, and arrange for its Representatives engaged in the performance of the agreement to give, written undertakings in a form acceptable to that party relating to the
non#disclosure of that party’s Confidential Information and the other party must arrange for all such undertakings to be given promptly.
7.5 The obligations of the parties under this clause are not to be taken to have been breached where the information referred to in this clause:
(a) is or becomes public knowledge other than by breach of the obligations under this clause;
(b) is lawfully in the possession of the receiving party without restriction in relation to disclosure before the date of receipt from the disclosing party;
(c) is legally required to be disclosed; or
(d) has been independently developed or acquired by the receiving party (other than as a result of a breach of this agreement, any other agreement or any duty of confidentiality between the parties).
7.6 Equifax agrees that it will not, nor will its Representatives, without the prior written consent of Customer in each instance:
(a) use in advertising, publicity or otherwise the name of Customer, or Customer Group or of any of the Representatives of Customer Group or any trade name, trademark, trade device, service mark, symbol or any abbreviation, contraction or simulation thereof owned by Customer or the Customer Group; or
(b) represent directly or indirectly, that any product or any service provided by Equifax has been approved or endorsed by the Customer Group or any of Customer Group’s Representatives.
7.7 Equifax agrees that, in addition to other standards of confidentiality and privacy, it will:
(a) only use the personal information provided by Customer or which is handled by Equifax for the purpose of fulfilling Equifax’s obligations under this Agreement pursuant to which access to the personal information has been granted;
(b) take reasonable steps to ensure that the personal information used or held pursuant to this Agreement is protected against misuse and loss, and from unauthorised access, modification or disclosure;
(c) not disclose any personal information without written authority of Customer (except to the individual to whom the personal information relates) and notify Customer immediately if Equifax becomes aware that a disclosure of personal information may be required by law;
(d) comply with all legislation, principles, industry codes and policies by which Equifax is bound (including without limitation the Privacy Act 1988), and by any other limitations which Customer, acting reasonably, informs Equifax from time to time that Equifax is bound by, in connection with personal information disclosed to Equifax;
(e) handle personal information in a manner as directed by Customer from time to time, provided that the direction will not cause Equifax to breach any legislation, principles, industry codes or policies by which Equifax is bound;
(f) notify Customer immediately if Equifax becomes aware that Equifax has breached or will breach any of these terms; and
(g) not do anything with the personal information that will cause Customer to breach its obligations within Australia under the Privacy Act 1988, and elsewhere under any applicable legislation or regulations relating to privacy or use of information.

8. GOVERNING LAW

This agreement is governed by the laws of New South Wales and the Customer submits to the exclusive jurisdiction of the Courts of New South Wales in relation to any matter relating to this agreement and the Customer’s use of the IDMatrix™ Service.

9. GLOSSARY

In these terms and conditions, unless the context clearly indicates otherwise:

Affiliate means any entity controlled by, under common control with, or controlling a party hereto, where “controlled”, “control” or “controlling” means the ownership, directly or indirectly, of more than fifty (50) percent of the shares, voting rights or other equity interest in the party or an Affiliated party.
AMLCTFA means the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
Applicable Laws means all legislation, regulations, regulatory policies, binding guidelines, binding industry codes, regulatory permits and licences which are in force from time to time which apply to the subject matter of this agreement including the AMLCTFA and Privacy Laws;
Applicant means a person who applies for a Customer Product;
Application means an application for a Customer Product;
Approved Purpose means the purposes of verifying an Applicant’s identity for the Customer’s internal business purposes and for the purposes of complying with Applicable Laws;
Business Rules means the business rules provided to Equifax by the Customer and agreed to by Equifax governing the completion of Applications by Applicants and verification of an Applicant’s details;
Confidential Information in relation to a party and any of their Affiliates means information that (a) is by its nature confidential; (b) is designated by that party as confidential; or (c) the other party knows or ought to know is confidential. Customer Materials means Materials supplied by or on behalf of the Customer for use in the provision of the IDMatrix™ Service;
Customer Group means
(a) Customer and Customer’s Affiliates;
(b) any other entity in which Customer or any Affiliate has the right (or is entitled to acquire the right) to control 10% or more of the voting shares;
(c) any other entity with which Customer has entered into a joint venture or partnering arrangement; and
(d) any other entity in respect of which Customer and/or any of Customer’s Affiliates provides technology services and/or assistance, influences or is able to influence the management decisions relating to that entity.
Customer Product means financial products or any other Designated Service offered by the Customer;
Corporations Act means the Corporations Act 2001 (Cth);
Designated Service has the same meaning as in the AMLCTFA
Developed Materials means Materials acquired or created by Equifax or Equifax’s Employees in the performance of the Services (whether or not they were created jointly with the Customer or its Employees), including documents, ideas, equipment, processes and systems, but excluding Equifax Material and Customer Materials;
Document Verification Service (DVS) means the data service provided by the Commonwealth of Australia represented by the Attorney-General’s Department (ABN 92 661 124 436) to approved Business Users subject to the Document
Verification Service Business User Terms and Conditions of Use as published by the Attorney-General’s Department from time to time;
Employees means employees, officers, agents, sub-contractors and representatives;
ID Index means the system for analysing and scoring data comprised in the Customer Materials and the search results provided to Customer in response to an IDMatrix™ Request and includes the search parameters based on the Customer’s Business Rules;
IDMatrix™ Request means an automated request by the Customer to Equifax for Equifax to verify an Applicant’s details using the IDMatrix™ Service;
IDMatrix™ Service means Equifax’s electronic customer verification service “IDMatrix™” (incorporating the ID Index) by which Equifax applies the Business Rules to an Applicant to verify an Applicant’s details using Proprietary Databases, Public Databases and Third Party Databases (as agreed) for the purpose of allowing the Applicant to obtain a specified Customer Product using agreed access and delivery methods;
Insolvent means being insolvent under administration or insolvent or having a controller appointed, or being in receivership, in receivership and management, in liquidation, in provisional liquidation, under administration, wound up, subject to any arrangement, assignment or composition with, or protection from creditors under any statute, dissolved (other than to carry out a reconstruction while solvent) or being otherwise unable to pay debts when they fall due or having something with the same or a similar effect happen under the laws of any jurisdiction;
Intellectual Property Rights means all current and future registered and unregistered rights in respect of patents, copyright (including moral rights as that term is defined in the Copyright Act 1968), designs, circuit layouts, trademarks, trade secrets, know-how, confidential information, invention and discoveries and all other intellectual property as defined in article 2 of the convention establishing the World Intellectual Property Organisation 1967;
Material means any material, whether tangible or intangible, in any form, including documents, records, software, data and any other information;
Personal Information has the same meaning as in the Privacy Act 1988 (Cth); Privacy Law means:
(a) the Privacy Act 1988 (Cth);
(b) any Guidelines, Public Interest Determinations or other advices relating to Personal Information issued by the Office of the Australian Information Commissioner; and
(c) any other requirement under Australian law, industry code or policy relating to the handling of Personal Information;
Proprietary Database includes the following databases either owned by Equifax, or to which Equifax has rights of access:
(a) Equifax Identity Data;
(b) Equifax Commercial Credit Database;
(c) National Tenancy Database; and
(d) other databases agreed by the parties from time to time;

Public Database includes the following public databases:
(e) Australian Electoral Roll – Current;
(f) Australian Electoral Roll – Historical 2004;
(g) Equifax Phone Number Directory;
(h) Equifax Public Records; and
Service Materials means any Materials supplied by Equifax to Customer in connection with the IDMatrix™ Service;
Third Party Database includes the following third party databases:
(a) Visa Entitlement Verification Online;
(b) DFAT’s My Passport;
(c) Medicare;
(d) Births, Deaths and Marriages for each of New South Wales, Victoria, Queensland, Western Australia, South Australia, Tasmania, Northern Territory and the Australian Capital Territory;
(e) Government Driver Licence authorities or agencies in each of New South Wales, Victoria, Queensland, South Australia, and the Australian Capital Territory;
(f) Sanctions List; and
other databases agreed by the parties from time to time

IDVerse Services

You acknowledge and agree that:

(a) the Software uses electronic identity document fraud assessment and verification services (ID Document Verification Services) provided by OCR Labs Pty Ltd ABN 20 603 823 276 (IDVerse) through us acting as a reseller;

(b) IDVerse retains all intellectual property rights in respect of the ID Document Verification Services, including any improvements, amendments or modifications to the ID Document Verification Services, and nothing in this Agreement transfers ownership of, or grants any Intellectual Property Rights in, the ID Document Verification Services to you or to us;

(c) subject to any modifications, notices or watermarks agreed with IDVerse, you must not remove or obscure any proprietary notice, watermark or other notices contained in the ID Document Verification Services or the associated documentation;

(d) neither IDVerse nor we warrant that the ID Document Verification Services will detect all fraudulent attempts, meet your requirements or will be uninterrupted or error-free or that information sourced by third parties and accessed using the ID Document Verification Services is reliable, accurate, complete or current;

(e) in addition to our rights in relation to your data set out in these Terms and Conditions, our Privacy Policy and our Data Handling Statement, IDVerse may use your data solely for internal analytics and internal reporting, but will not disclose, share or transfer to any third party (except us) any of your Data or other data concerning you;

(f) you must not transfer, sell, sub-licence, distribute or make available any data or results from the ID Document Verification Services to any third party, except:

(i) to service providers who provide you with operational and technical assistance to help run your business;

(ii) when required by Laws; and

(iii) to a Government Agency or regulatory bodies for the limited purpose of demonstrating compliance with Laws,

(g) you must not use the ID Document Verification Services or any data or results provided to you to train, improve or test (directly or indirectly) any machine learning or artificial intelligence technology or process;

(h) you must not circumvent any mechanisms in the ID Document Verification Services intended to limit your, its administrator’s or user’s use of or access to areas within or components of the ID Document Verification Services;

(i) the DVS checks conducted through the ID Document Verification Services are provided by the Australian Government and are outside our and IDVerse’s control;

(j) we and IDVerse will not be liable for any delay or failure of the DVS checks, and the DVS checks do not form part of the Service Levels for the ID Document Verification Services or Software under this Agreement;

(k) we will notify you if a delay or failure is due to DVS checks;

(l) where you are required to specify a domain for the operation of the ID Document Verification Services, we may verify that you own or control that domain;

(m) we will have no obligation to provide you with the ID Document Verification Services via such domain that you do not own or control;

(n) you shall give us at least 5 days’ notice before changing a domain used for the operation of the ID Document Verification Services under this Agreement; and

(o) to the extent permitted by Law, you are solely responsible for ensuring that all information you provide or input in respect of your users of the ID Document Verification Services is accurate and up-to-date.

Data Zoo Services

You acknowledge and agree that:

(a) the Software uses electronic identity verification services (IDU Services) provided by Data Zoo Pty Limited ACN 146 612 553 (Data Zoo) through us acting as a reseller;

(b) Data Zoo retains all Intellectual Property Rights in respect of the IDU Services and nothing in this Agreement transfers ownership of, or grants any Intellectual Property Rights in, the IDU Services to you or to us;

(c) Data Zoo shall use reasonable care and skill in selecting, obtaining and/or collating the data used to provide the IDU Services (Data Zoo Data) and shall use all reasonable efforts and maintain reasonable procedures that are no less than industry standard, to ensure maximum possible accuracy, currency, validity, quality, completeness, reliability, and continuity of supply of the Data Zoo Data;

(d) notwithstanding clause (c), neither Data Zoo nor we guarantee the accuracy, reliability, currency or completeness of Data Zoo Data, or warrant that the IDU Services will be uninterrupted or error-free;

(e) you must ensure that each search you conduct through the IDU Services will relate only to the name of a specific natural person with whom you have an existing or prospective business relationship;

(f) you grant to Data Zoo a non-transferable, non-exclusive, royalty-free licence to process your data to enable Data Zoo to provide the IDU Services; and

(g) upon termination of the Agreement, you must at our or Data Zoo’s request return to Data Zoo, or destroy all and any Data Zoo Data (excluding any Data Zoo Data that contain the verification results of the IDU Services provided to you based on the data you supplied to Data Zoo) and documentation or Confidential Information Data Zoo provided to you.