1. Identity Verification Platform.
These terms (“Identity Verification Terms”) supplement the Terms Of Service and govern your use of the Hive.id Identity Verification Services and Data.
2. Use of the Hive.id Identity Verification Services.
2.1 Permitted Uses.
You may use the Hive.id Identity Verification Services only:
(a) to verify the identity of Verifiable Individuals to the extent necessary to satisfy your compliance obligations under Law;
(b) to prevent fraud or misuse as related to your goods and services;
(c) to improve the safety or security of your business, operations and services;
2.2 Restricted Uses.
You must not, and must not enable or allow any other party to:
(a) represent or imply that Hive.id is acting as your agent or appointed by you for the purpose of conducting or meeting your Due Diligence Requirements;
(b) use the Hive.id Identity Verification Services, any information you receive in connection with the Hive.id Identity Verification Services, or any Verification Data to create or support a product that competes with the Hive.id Identity Verification Services;
(c) use the Hive.id Identity Verification Services, the information you receive in connection with the Hive.id Identity Verification Services, or Verification Data in a manner that would violate any Law;
(d) reuse, sell, rent, transfer, make available, or communicate orally or through other means the information you receive in connection with the Hive.id Identity Verification Services (including as the term “sell” is defined in the CCPA, as applicable);
(e) use the Hive.id Identity Verification Services to verify the identity of an individual who is under the age of 16 (and, if verifying the identity of an individual in Brazil aged 16 or 17, you must ensure that the individual’s parent or guardian has consented to and assisted in the access and use of the Hive.id Identity Verification Services in accordance with Law).
(f) use the Hive.id Identity Verification Services as a factor in determining any person’s eligibility for credit, insurance, housing or employment, or in a manner that would cause Hive.id to be a “consumer reporting agency” or cause Hive.id Data you receive to constitute a “consumer report”, each as described in the FCRA (as applicable);
(g) use the Hive.id Identity Verification Services or verify the identity of Verifiable Individuals linked directly or indirectly with the High-Risk Jurisdictions.
2.3 Further Obligations.
(a) If Law requires, you must provide each individual with an alternative method of verification that does not involve processing of any biometric information.
(b) If an individual does not consent to Selfie Verification, you may use the Hive.id Identity Verification Services to offer an alternative method of verification that does not use Selfie Verification.
(c) If an individual does not consent to you using the Hive.id Identity Verification Services, then Hive.id is not obligated to perform the Hive.id Identity Verification Services and you are solely responsible for providing an alternative means of verifying that individual.
3. Use of Data.
3.1 Hive.id’s Use of Verification Data.
Verification Data shall be considered Protected Data for the purposes of this Agreement. As part of the Hive.id Identity Verification Services, unless you instruct Hive.id not to do so, Hive.id may generate and provide to you verification results and Optical Character Recognition (OCR) results from any documents submitted through the Hive.id Identity Verification Services, which results are Hive.id Data for the purposes of this Agreement.
3.2 Your Use of Verification Data and Hive.id Data.
You may use the Hive.id Data and Verification Data that Hive.id makes available to you in connection with the Hive.id Identity Verification Services solely for the purposes described in your agreements with Verifiable Individuals.
4. Representations and Warranties; Disclaimers.
4.1 No Warranty.
Hive.id does not represent or warrant that the Hive.id Identity Verification Services will enable you to fulfill your obligations under Law, including with respect to Due Diligence Requirements. You are solely responsible for complying with Law, including with respect to Due Diligence Requirements.
4.2 Disclaimer.
(a) Hive.id does not guarantee that the Hive.id Identity Verification Services will detect or prevent all fraudulent activities or correctly verify the identity of any individual.
(b) Hive.id makes no representation or warranty that the Hive.id Identity Verification Services will enable you to comply with Law, and you remain solely responsible for ensuring that you meet your legal obligations.
(c) You are responsible and liable for your actions and decisions in connection with the Hive.id Identity Verification Services, including your decisions to enter, or not enter, into business relationships with any persons.
(d) Hive.id and its Affiliates are not liable for any losses, damages, or costs that you suffer in connection with any fraudulent activities that the Hive.id Identity Verification Services did not detect or prevent.
(e) Hive.id and its Affiliates are not liable for any losses, damages, or costs caused by your failure to meet any of your Due Diligence Requirements, or by the Hive.id Identity Verification Services failing to correctly verify the identity of any individual.
5. Privacy and Data Protection
5.1 Disclosing Your Privacy Policy
In connection with each verification request that is submitted to the Hive.id Identity Verification Services, you must provide to Hive.id a link to the version of your online Privacy Policy that applies to the Verifiable Individual.
5.2 Requirements for Your Privacy Policy.
If you receive access to any Verification Data as part of the Hive.id Identity Verification Services, your Privacy Policy must, at a minimum:
(a) state that you and Hive.id are each independent controllers of Verification Data, and that Hive.id will process Verification Data in accordance with Hive.id Privacy Policy and these Hive.id Identity Verification Terms, in addition to acting as a service provider to you;
(b) state the process through which Verifiable Individuals can submit data subject requests (including data deletion and data access) to you, and provide your contact information for this purpose;
(c) state the ways in which you will use Verification Data, including, if Law requires, whether you will sell or disclose Verification Data (including as the term “sell” is defined in the CCPA, as applicable);
(d) if Law requires, (i) state the alternative verification methods that you make available to individuals who do not consent to be verified by the Hive.id Identity Platform; (ii) state that using the Hive.id Identity Platform may include transmitting Verification Data outside of your jurisdiction, including to the United States; and (iii) state that Verification Data may be submitted to third-party service providers, including Governmental Authorities, for the purpose of verifying the identity of the Verifiable Individual; and
(e) include all other information Law requires you to include.
5.3 Minimum Requirements.
If you do not receive access to any Verification Data as part of the Hive.id Identity Verification Services, your Privacy Policy must, at a minimum, satisfy the requirements of Section 5.2(a), (b) and (d) of these Hive.id Identity Verification Terms.
5.4 No Inconsistent Terms.
Your Privacy Policy must not contain any terms that contradict Hive.id’s or any Hive.id service provider’s rights to use Verification Data for the purposes described in these Hive.id Identity Verification Terms or as otherwise authorized by the Verifiable Individual (e.g., through consent screens provided through the Hive.id Identity Verification Services).
5.5 Hive.id may Notify or Obtain Consent.
Depending upon your implementation of the Hive.id Identity Verification Services, Hive.id may provide notice to or obtain consent from Verifiable Individuals as described in the Documentation for the purpose of enabling Hive.id to provide the Hive.id Identity Verification Services.
5.6 Your Obligation to Obtain Consent.
Where Hive.id does not obtain consent from the Verifiable Individual under Section 5.5 of these Hive.id Identity Verification Terms, you must obtain the Verifiable Individual’s consent as this Hive.id Identity Verification FAQ describes. You must obtain all consents from Verifiable Individuals that are required to allow you to collect and share Verification Data with Hive.id, and allow Hive.id to use that data as this Agreement describes.
5.7 Security Controls.
You must implement and maintain safeguards and security controls that are reasonable for the size, nature and maturity of your business and industry to protect Verification Data and Hive.id Data against unauthorized access, use and disclosure. If you fail to do so, in addition to all other remedies available to Hive.id, Hive.id may suspend or restrict your access to the Hive.id Identity Verification Services and Verification Data.
5.8 Assistance to Notify.
If Hive.id is required to send a data subject notification to any Verifiable Individuals related to your use of the Hive.id Identity Verification Services, including a data breach or required notice about a Hive.id Privacy Policy update, you must assist Hive.id in notifying Verifiable Individuals, including by emailing those Verifiable Individuals on Hive.id’s behalf and as Hive.id directs.
6. Audit.
6.1 Obligation to Provide Information.
You must provide information that Hive.id requests for the purpose of ensuring that you comply with this Agreement, including information verifying:
(a) that your use of the Hive.id Identity Verification Services complies with these Hive.id Identity Verification Terms and Law;
(b) that your receipt and use of the Hive.id Data and Verification Data complies with these Hive.id Identity Verification Terms and Law;
(c) that you have not modified the Hive.id Identity Verification Services without Hive.id’s consent;
(d) your industry, business activities, licensing and regulatory standing; and
(e) your purpose for using the Hive.id Identity Verification Services.
6.2 Obligation to Respond Promptly.
You must respond to Hive.id’s requests for information promptly, but no later than 14 days after Hive.id’s request. Hive.id may suspend or terminate your access to the Hive.id Identity Verification Services immediately if you fail to provide information Hive.id requests under this Section 6.
7. Retention and Deletion of Data.
7.1 Data Hive.id Stores on Your Behalf.
(a) You instruct Hive.id to store on your behalf a copy of Verification Data for a period of 3 years following verification, or a shorter period as you may instruct according to the Documentation. You are responsible for (i) determining how long Law requires you to store copies of Verification Data; and (ii) storing (either yourself or through Hive.id) the Verification Data for the time period Law requires.
(b)Upon termination of these Hive.id Identity Verification Terms, Hive.id may delete copies of Verification Data that Hive.id has stored on your behalf.
7.2 Data Hive.id Stores for its Own Purposes.
Notwithstanding Section 7.1 of these Hive.id Identity Verification Terms, Hive.id may retain a copy of Verification Data as long as Law permits.
Definitions
“Affiliate” means an entity that directly or indirectly Controls, is Controlled by, or is under common Control with another entity.
“Beta” means “proof of concept,” “beta,” “pilot,” “invite only” or similar designation.
“Beta Service” means any Beta portion of the Cloud Services or Hive.id Technology.
“CCPA” means California Consumer Privacy Act of 2018, Cal. Civ. Code Sections 1798.100-1798.199.
“Change of Control” means (a) an event in which any third party or group acting together, directly or indirectly, acquires or becomes the beneficial owner of, more than 50% of a party’s voting securities or interests; (b) a party’s merger with one or more third parties; (c) a party’s sale, lease, transfer or other disposal of all or substantially all of its assets; or (d) entering into of any transaction or arrangement that would have the same or similar effect as a transaction referred to in the foregoing (a)-(c); but, does not include an initial public offering or listing.
“Claim” means any claim, demand, government investigation or legal proceeding made or brought by a third party.
“Cloud Service” means a service Hive.id makes available to you under this Agreement.
“Communication” means any written or electronic transmission of information or communication, including a notice, approval, consent, authorization, agreement, disclosure or instruction.
“Content” means all text, images, and other content that Hive.id does not provide to you and that you upload, publish or use in connection with the Cloud Services.
“Control” means direct or indirect ownership of more than 50% of the voting power or equity in an entity.
“Credential Compromise” means an unauthorized access, disclosure or use of your Hive.id Account credentials.
“Data Processing Agreement” means the data processing agreement located at www.hive.id/legal/dpa.
“Documentation” means the sample code, instructions, requirements and other documentation (a) available on the Hive.id Website, the first page of which is located at docs.hive.id; and (b) included in the Hive.id SDKs.
“Due Diligence Requirements” means requirements imposed by Law that govern, are related to, or are similar to Anti-Money Laundering (AML), Know Your Customer (KYC), Know Your Business (KYB) and Customer Due Diligence (CDD).
“ECCI Rules” means the Rules of Estonian Chamber of Commerce and Industry in effect on the date the applicable arbitration proceeding begins.
“FCRA” means Fair Credit Reporting Act, 15 U.S.C. Section 1681, et seq. and Equal Credit Opportunity Act, 15 U.S.C. Section 1681, et seq.
“Feedback” means ideas, suggestions, comments, observations and other input you provide to Hive.id regarding Hive.id services and the Hive.id Technology.
“Fees” means the fees applicable to the Cloud Services.
“Force Majeure Event” means an event beyond the control of Hive.id, including a strike or other labour dispute; labour shortage, stoppage or slowdown; supply chain disruption; embargo or blockade; telecommunication breakdown; power outage or shortage; inadequate transportation service; inability or delay in obtaining adequate supplies; weather; earthquake; fire; flood; act of God; riot; civil disorder; civil or government calamity; epidemic; pandemic; state or national health crisis; war; invasion; hostility (whether war is declared or not); terrorism threat or act; Law; or act of a Governmental Authority.
“GDPR” means the General Data Protection Regulation (EU) 2016/679.
“Governmental Authority” means a regulator or other governmental agency or entity with jurisdiction over the Cloud Services, Hive.id or you, as applicable.
“High-Risk Jurisdiction” means the following jurisdictions or administrative regions that Hive.id has deemed to be of particularly high risk (for legal, commercial, operational or any other reasons): Cuba, Iran, North Korea, Syria, Russian Federation, and the Crimea, Donetsk, and Luhansk Regions.
“Hive.id Account” means your Hive.id account.
“Hive.id API” means all instances of the Hive.id application programming interfaces, including all endpoints that enable Hive.id users to use Hive.id services.
“Hive.id Dashboard” means the interactive user interface through which a Hive.id user may view information about and manage a Hive.id account located at dashboard.hive.id.
“Hive.id Data” means data that you obtain via the Cloud Services, including (a) information relating to Hive.id API interactions via the Hive.id Technology; (b) information Hive.id uses for security or fraud prevention; and (c) all aggregated information Hive.id generates from the Cloud Services.
“Hive.id Identity Verification Services” means the Cloud Services that enable Hive.id to collect and verify, and Hive.id and you to store, information regarding individuals for the purpose of verifying the identity of those individuals.
“Hive.id Legal Page” means www.hive.id/legal.
“Hive.id Losses” means all amounts awarded to the third party making a Claim, and all penalties, fines, and third-party costs (including legal fees) paid by Hive.id.
“Hive.id Pricing Page” means www.hive.id/pricing.
“Hive.id SDK” means a software development kit listed on www.github.com/hiveidentity.
“Hive.id Technology” means all software (including software in the Hive.id SDKs), application programming interfaces (including the Hive.id API), user interfaces (including the Hive.id Dashboard), and other technology that Hive.id uses to provide and make available the Hive.id services.
“Hive.id Website” means www.hive.id.
“ID Image” means an image of an individual submitted through the Hive.id Identity Verification Services, including an image captured from an individual’s identification document.
“Insolvency Proceeding” means the occurrence of any of the following (or any analogous procedure or step):
(a) as defined in Law, you are unable (or deemed to be unable) to pay your debts;
(b) you are the subject of a petition, resolution, order or any other step in relation to winding up, bankruptcy or equivalent proceedings;
(c) you stop, or threaten to stop, carrying on all or part of your business (except for the purposes of an amalgamation, reconstruction or reorganization);
(d) you enter into a compulsory or voluntary liquidation, or a liquidator is appointed in relation to you or any of your assets;
(e) you are the subject of a petition for an administration order or an application for such an order, or a notice of intention to appoint an administrator to you is given, or any other step is taken by any individual or entity with a view to the administration of you under Law;
(f) a moratorium is agreed or declared with respect to all or part of your debts;
(g) you enter, or propose to enter, into any compromise or arrangement of your debts with or for the benefit of some or all of your creditors generally, or in respect of a particular type of your debts;
(h) you begin proceedings or negotiations, or propose or agree, to reschedule, readjust or defer your debts;
(i) a liquidator, receiver, administrative receiver, administrator, manager, examiner or other similar officer is appointed in respect of the whole or any part of your assets;
(j) an enforcement of any security over, or an execution, attachment, lien, levy, distress or similar procedure is levied against, any of your assets;
(k) any legal proceeding, corporate action or other procedure or step is taken in connection with appointing an administrator, administrative receiver, receiver, liquidator, manager, examiner, trustee in bankruptcy or other similar officer in relation to you or any of your assets;
“IP Claim” means a Claim made against you by a third party alleging that the Hive.id Technology, Cloud Services or a Hive.id Mark provided to and used by you in accordance with this Agreement infringes or misappropriates the IP Rights of the third party making the Claim.
“IP Claim Losses” means (a) all amounts finally awarded to the third party making an IP Claim; and (b) all amounts paid to a third party to settle an IP Claim under an agreement approved by Hive.id.
“IP Rights” means all copyrights, patents, trademarks, service marks, trade secrets, moral rights and other intellectual property rights.
“Law” means all applicable laws, rules, regulations and other binding requirements of any Governmental Authority.
“Legal Process” means a writ of attachment, lien, levy, subpoena, warrant, or other legal order.
“Mark” means a trademark, service mark, design mark, logo or stylized script.
“Personal Data” means any information relating to an identifiable natural person that is Processed (as defined in the Data Processing Agreement) in connection with the Cloud Services, and includes “personal data” as defined in the GDPR and UK GDPR and “personal information” as defined in the CCPA.
“Privacy Policy” means any or all of a publicly posted privacy policy, privacy notice, data policy, cookies policy, cookies notice or other similar public policy or public notice that addresses a party’s Personal Data practices and commitments.
“Protected Data” means (a) all User Information that you provide to Hive.id; and (b) any Personal Data that Hive.id uses when acting as a “Data Processor” (as defined in the Data Processing Agreement) when providing the Cloud Services.
“Request for Arbitration” means a request submitted under the ECCI Rules.
“Representative” means an individual submitting your application for a Hive.id Account.
“Selfie Verification” means the verification of an ID Image using biometric identifiers and facial recognition technology.
“Tax” or “Taxes” means any applicable taxes and duties imposed by any Governmental Authority, including sales and use tax, excise tax, gross receipts tax, value-added tax (VAT), goods and services tax (GST) (or equivalent transaction taxes) and withholding tax.
"UK GDPR” means the GDPR, as transposed into United Kingdom national law by operation of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019.
“Update” means a modification, feature enhancement or update to the Cloud Services or Hive.id Technology that requires you to take some action, which may include changing your implementation of the Cloud Services or Hive.id Technology.
“User Information” means information about you that Hive.id requires to comply with Law, and Governmental Authority requirements, and may include information (including Personal Data) about your representatives, beneficial owners, principals and other individuals associated with you or your Hive.id Account.
“Verifiable Individual” means an individual whose Verification Data is submitted through the Hive.id Identity Verification Services.
“Verification Data” means all data, information, photos, ID Images, and documents (including copies of documents) submitted through the Hive.id Identity Verification Services.