iProov Services: Acceptable Use Policy

Version 1.4

This Acceptable Use Policy (“Acceptable Use Policy”) sets out acceptable use requirements for the iProov Services which are provided by iProov Limited or a member of its group of companies (“iProov” “we” or “us”), including software and any associated documentation provided by iProov in connection with iProov Services (as used herein, collectively the “Services”). By using the Services, you acknowledge that you have read, understood and agreed to comply with the terms of this Acceptable Use Policy.  Any defined terms used and not otherwise defined in this Acceptable Use Policy shall have the meanings given to them in agreement(s) to which you and we are party, which applies to the Services (the “Agreement”).  You agree to ensure that there is no breach of this Acceptable Use Policy by you or (where relevant) your employees, consultants, agents, customers, suppliers or independent contractors, and you acknowledge that you will be liable and responsible for any such breach. For the purposes of this Acceptable Use Policy, references to (1) “you” include (a) any natural person or entity that uses or accesses the Services, (b) any direct or indirect customer of iProov that provides people with access to the Services (whether discretely or as part of another offering or service), and (c) any business that markets, sells or licenses the Services (whether discretely or as part of another offering or service) directly or indirectly to one or more customers or users; and (2) “iProov Services” include iProov Technology Services.

Restrictions, Limitations, Misuse.  The following restrictions and limitations shall apply to your access to and use of the Services, and your breaches of any of the following shall be deemed a misuse of the Services and a breach of obligations owed to iProov:

  1. You agree to use the Services for lawful purposes only.
  2. You will not and will not allow a third party to:  
    1.  copy, modify, sell, sub-license, rent, or transfer the Services to any third party; 
    2. attempt to defeat, circumvent or disable any copy protection mechanism in the Services; 
    3. modify, distribute, alter, or tamper with the Services; 
    4. use, or permit access to, the Services separately to operate in or as a time-sharing, outsourcing, service bureau, application service provider, or managed service provider environment; 
    5. reverse engineer, disassemble, or decompile the Services or apply any other process or procedure to derive the source code of any software included in the Services (except to the extent applicable legal requirements don’t allow this restriction, and then only after you have given us notice and a reasonable opportunity to resolve any interoperability issues); 
    6. introduce any infringing, obscene, libelous, or otherwise unlawful data or material into the Services;
    7. access all or any part of the Services in order to build or facilitate the build of a product or service which competes with or substantially replicates any part of the Services; or
    8. remove, obscure, or alter any intellectual property right or confidentiality notices or legends appearing in or on any aspect of any of the Services;
    9. introduce or attempt to introduce any form of computer virus, malware, worm or other form of malicious software to any part of the Services; or
    10. introduce into or distribute through the Services any imagery or other content that: (a) does not meet iProov’s stated guidelines or requirements; (b) is sexually explicit, obscene, lewd, or indecent; (c) is discriminatory based on race, gender, colour, religious belief, sexual orientation or disability; (d) may infringe iProov’s or any other person’s intellectual property or other rights, (e) may infringe applicable law; or (f) is capable of causing damage or injury to any person or property.
  3. In addition to the restrictions set out above, the following are prohibited and will constitute a breach of the obligations owed to iProov:  
    1. accessing or using the iProov Services other than as expressly permitted by your Agreement;
    2. knowingly generating Transactions that are prevented from completing;
    3. attempting to spoof the Services, including by means of images or by injecting digital data into the iProov APIs, without iProov’s specific written approval; 
    4. probing or attempting to penetrate the Services, either through access to Services or other online methods, by communication with iProov staff, by attempted physical access to iProov facilities or sites of third party servers hosting the Services or elements of it, without iProov’s specific written approval;
    5. submitting Transactions or TCP/IP traffic to iProov at a sustained rate faster than that agreed in writing with, or in the absence of such agreement specified from time to time by, iProov;
    6. testing the throughput, performance, latency, simultaneous Transaction capacity or other performance parameters of the Services without the written agreement of iProov;
    7. publishing or publicly disclosing statistical measures of the performance of the Services or the existence or details of any spoof attempts made against the Services, without the written agreement of iProov;
    8. indicating or suggesting that the Services are provided  without the involvement of iProov;
    9. using, encouraging, aiding or facilitating the use of the Services to breach trade mark, patent, copyright, trade secret or other intellectual property laws, to breach the privacy, data protection, publicity or other rights of others, or to impair the privacy of communications; or
    10. attempting to penetrate or manipulate, or encouraging, aiding or facilitating the penetration or manipulation of, the security features of the Services or any other system (including but not limited to unauthorized access to or use of data, systems or networks, probing, scanning or testing the vulnerability of a system or network, breaching security authentication measures, or conducting unauthorized monitoring of data or traffic.   

In addition to the other rights or remedies available to us, and (where we have that role) provided contractually and legally consistent with our role as a processor of personal data (see next paragraph), we may (i) immediately, temporarily suspend Services where (a) continued use of Services would breach applicable legal requirements, (b) continued use of Services would have an adverse impact on our network or systems, or (c) we reasonably believe suspension is necessary to mitigate any actual or potential damage or liability resulting from a breach of this Acceptable Use Policy; and (ii) in cases that we reasonably consider appropriate, notify the appropriate law-enforcement agencies of any breach of this Acceptable Use Policy.

Under applicable GDPR-based data protection laws in the UK and European Economic Area, iProov is a processor of the personal data of users of the Services; the controller of that personal data (which determines the purpose and means of the processing of the user’s personal data) is the business, governmental or other entity that typically provides the user with its interface to the Services (whether discretely or in combination with another offering or service).  This Acceptable Use Policy is intended to protect the controller and its users, as well as the Services.  

We reserve the right to modify or replace this Acceptable Use Policy at any time and at our sole discretion.  We will indicate at the top of this Acceptable Use Policy the date such document was last updated.  Any changes to or new versions of this Acceptable Use Policy will be effective immediately upon posting the revised version on portal.iproov.com/acceptableuse or a successor website.