Contiguity Identity Services Terms
Last modified October 16, 20241. Contiguity Identity Services
These terms (“Contiguity Identity Product Terms”) supplement the General Terms and govern your use of the Contiguity Identity Services ("CIS").
By accessing or using Contiguity Identity Services, you agree to be bound by these Terms. If you disagree with any part of the terms, you may not use CIS.
2. Use of the Contiguity Identity Services
2.1 Permitted Uses
You may use the Contiguity Identity Services only:
(a) to verify the identity of Verifiable Individuals to the extent necessary to satisfy your compliance obligations under Law;
(b) to prevent fraud as related to your goods and services;
(c) to prevent misuse of your goods and services;
(d) to improve the safety or security of your business, operations and services; and
(e) in compliance with Section 8 of these Terms, "Allowed Usage Conditions" ("AUC")
2.2 Restricted Uses
Without limiting the unsupported or prohibited use cases identified in the AUC list, you must not, and must not enable or allow any other party to:
(a) modify the Contiguity Identity Services in any way, including by changing
(i) the branding, appearance or user experience of the Contiguity Identity Services; or (ii) the manner or language used to obtain consent from Verifiable Individuals;
(b) represent or imply that Contiguity is acting as your agent or appointed by you for the purpose of conducting or meeting your Due Diligence Requirements;
(c) disclose the Contiguity Data you receive in connection with the Contiguity Identity Services to any third party, except as Law requires;
(d) use the Contiguity Identity Services, any Contiguity Data you receive in connection with the Contiguity Identity Services, or any Verification Data to create or support a product that competes with the Contiguity Identity Services;
(e) use Contiguity Identity Services, the Contiguity Data you receive in connection with the Contiguity Identity Services, or Verification Data in a manner that would violate any Law;
(f) reuse, sell, rent, transfer, make available, or communicate orally or through other means the Contiguity Data you receive in connection with the Contiguity Identity Services (including as the term “sell” is defined in the CCPA, as applicable);
(g) use the Contiguity Identity Services to verify the identity of an individual who is incompetent to provide legally binding consent because of their age or for any other reason; or
(h) use the Contiguity Identity Services as a factor in determining any person’s eligibility for credit, insurance, housing or employment, or in a manner that would cause Contiguity to be a “consumer reporting agency” or cause Contiguity Data you receive to constitute a “consumer report”, each as described in the FCRA (as applicable).
2.3 Further Obligations
(a) If Law requires, you must provide each individual with an alternative method of verification that does not involve processing any biometric information.
(b) If an individual does not consent to Selfie Verification, you may use the Contiguity Identity Services to offer an alternative method of verification that does not use Selfie Verification.
(c) If an individual does not consent to you using the Contiguity Identity Services, then Contiguity is not obligated to perform the Contiguity Identity Services and you are solely responsible for providing an alternative means of verifying that individual.
2.4 Other Services
The onboarding process for the Contiguity Identity Services does not entitle you to use other Contiguity services. If you wish to use other Contiguity services, Contiguity may require you to complete a separate onboarding process.
3. Use of Data
3.1 Contiguity's Use of Verification Data
Verification Data is Protected Data for purposes of this Agreement. As part of the Contiguity Identity Services, unless the Contiguity Identity Services Documentation specifies otherwise, or you instruct Contiguity not to do so, Contiguity may generate and provide to you verification results and Optical Character Recognition (OCR) results from any documents submitted through the Contiguity Identity Services, which results are Contiguity Data for the purposes of this Agreement.
3.2 Your Use of Verification Data and Contiguity Data
You may use the Contiguity Data that Contiguity makes available to you in connection with the Contiguity Identity Services solely for the underlying purpose you disclosed to Contiguity when you were onboarded to use the Contiguity Identity Services. You may use Verification Data solely for the purposes described in your agreements with Verifiable Individuals.
4. Representations and Warranties; Disclaimers
4.1 No Warranty
Contiguity does not represent or warrant that the Contiguity Identity Services will enable you to fulfill your obligations under Law, including with respect to Due Diligence Requirements. You are solely responsible for complying with Law, including with respect to Due Diligence Requirements.
4.2 Disclaimer
(a) Contiguity does not guarantee that the Contiguity Identity Services will detect or prevent all fraudulent activities or correctly verify the identity of any individual.
(b) Contiguity makes no representation or warranty that the Contiguity Identity Services will enable you to comply with Law, and you remain solely responsible for ensuring that you meet your legal obligations.
(c) You are responsible and liable for your actions and decisions in connection with the Contiguity Identity Services, including your decisions to enter, or not enter, into business relationships with any persons.
(d) Contiguity and its Affiliates are not liable for any losses, damages, or costs that you suffer in connection with any fraudulent activities that the Contiguity Identity Services did not detect or prevent.
(e) Contiguity and its Affiliates are not liable for any losses, damages, or costs caused by your failure to meet any of your Due Diligence Requirements, or by the Contiguity Identity Services failing to correctly verify the identity of any individual.
5. Privacy and Data Protection
5.1 Disclosing Your Privacy Policy
In connection with each verification request that is submitted to the Contiguity Identity Services, you must use the Contiguity API to provide to Contiguity a link to the version of your online Privacy Policy that applies to the Verifiable Individual.
5.2 Requirements for Your Privacy Policy
If you receive access to any Verification Data as part of the Contiguity Identity Services, your Privacy Policy must, at a minimum:
(a) state that you and Contiguity are each independent controllers of Verification Data, and that Contiguity will process Verification Data in accordance with Contiguity's Privacy Policy and these Terms, in addition to acting as a service provider to you;
(b) state the process through which Verifiable Individuals can submit data subject requests (including data deletion and data access) to you, and provide your contact information for this purpose;
(c) state the ways in which you will use Verification Data, including, if Law requires, whether you will sell or disclose Verification Data (including as the term “sell” is defined in the CCPA);
(d) if Law requires, (i) state the alternative verification methods that you make available to individuals who do not consent to be verified by the Contiguity Identity Services; (ii) state that using the Contiguity Identity Services may include transmitting Verification Data outside of your jurisdiction, including to the United States; and (iii) state that Verification Data may be submitted to third-party service providers, including Governmental Authorities, for the purpose of verifying the identity of the Verifiable Individual; and
(e) include all other information Law requires you to include.
5.3 Minimum Requirements
If you do not receive access to any Verification Data as part of the Contiguity Identity Services, your Privacy Policy must, at a minimum, satisfy the requirements of Section 5.2(a), (b) and (d) of these Terms.
5.4 No Inconsistent Terms
Your Privacy Policy must not contain any terms that contradict Contiguity's or any Contiguity service provider’s rights to use Verification Data for the purposes described in these Terms or as otherwise authorized by the Verifiable Individual (e.g., through consent screens provided through the Contiguity Identity Services).
5.5 Contiguity may Notify or Obtain Consent
Depending upon your implementation of the Contiguity Identity Services, Contiguity may provide notice to or obtain consent from Verifiable Individuals as described in the Contiguity Identity Services Documentation for the purpose of enabling Contiguity to provide the Contiguity Identity Services.
5.6 Your Obligation to Obtain Consent
You must obtain all consents from Verifiable Individuals that are required for (a) your use of Verification Data; and (b) Contiguity's use of any Personal Data that you submit to Contiguity in connection with your use of the Contiguity Identity Services. If you provide Contiguity with phone numbers for verification, Contiguity may verify those phone numbers by sending each phone number a text message. You represent that you have obtained consent from each Verifiable Individual for Contiguity to send a text message to their phone number. If you use Contiguity Identity Services in conjunction with other Services, you must obtain all consents that are required to allow you to collect and share Verification Data with Contiguity, and allow Contiguity to use that data as this Agreement describes.
5.7 Security Controls
You must implement and maintain safeguards and security controls that are reasonable for the size, nature and maturity of your business and industry to protect Verification Data and Contiguity Data against unauthorized access, use and disclosure. If you fail to do so, in addition to all other remedies available to Contiguity, Contiguity may suspend or restrict your access to the Contiguity Identity Services and Verification Data.
5.8 Assistance to Notify
If Contiguity is required to send a data subject notification to any Verifiable Individuals related to your use of the Contiguity Identity Services, including a data breach or required notice about a Contiguity Privacy Policy update, you must assist Contiguity in notifying Verifiable Individuals, including by emailing those Verifiable Individuals on Contiguity's behalf and as Contiguity directs.
6. Audit
6.1 Obligation to Provide Information
You must provide information that Contiguity requests for the purpose of ensuring that you comply with this Agreement, including information verifying:
(a) that your use of the Contiguity Identity Services complies with these Contiguity Identity Terms and Law;
(b) that your receipt and use of the Contiguity Data and Verification Data complies with these Contiguity Identity Terms and Law;
(c) that you have not modified the Contiguity Identity Services without Contiguity's consent;
(d) your industry, business activities, licensing and regulatory standing; and
(e) your purpose for using the Contiguity Identity Services.
6.2 Obligation to Respond Promptly
You must respond to Contiguity's requests for information promptly, but no later than 14 days after Contiguity's request. Contiguity may suspend or terminate your access to the Contiguity Identity Services immediately if you fail to provide information Contiguity requests under this Section 6.
7. Retention and Deletion of Data
7.1 Data Contiguity Stores on Your Behalf
(a) Contiguity stores, on your behalf, a copy of Verification Data for a period of 5 years following verification. You are responsible for (i) determining how long Law requires you to store copies of Verification Data; and (ii) storing (either yourself or through Contiguity) the Verification Data for the time period Law requires.
(b) Upon termination of these Contiguity Identity Terms, Contiguity may delete copies of Verification Data that Contiguity has stored on your behalf.
7.2 Data Contiguity Stores for its Own Purposes
Notwithstanding Section 7.1 of these Contiguity Identity Terms, Contiguity may retain a copy of Verification Data as long as Law permits.
8. Allowed Usage Conditions
In order to be eligible to use Contiguity Identity Services, you (or your company) must be located in:
- United States
- United Kingdom
- France
- Canada
- Mexico
- Switzerland
Contiguity Identity Services cannot be for any of the following purposes:
-
Reselling as an independent ID verification service or selling or renting the data you receive from Contiguity Identity: Resale, provision, or further distribution of identity verification services or data to third parties. For example, your primary business is selling ID verification to other businesses.
-
Processing Personal Health Information (PHI) by a HIPAA-covered entity: Verification or storage of PHI protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This only applies for businesses that are sharing data covered by the US HIPAA.
-
Eligibility for Credit, Employment, Housing, or Insurance or any “Permissible Purpose” under the US Fair Credit Reporting Act (FCRA): Conducting ID verification to determine if an individual is eligible for credit, housing, employment, insurance—or other purposes under the FCRA. This only applies to businesses that are using Identity for an activity that is covered by the US FCRA.
-
Verifying anyone considered a minor or who is under the age of 16.
-
Verifying anyone who is linked directly or indirectly with the jurisdictions listed below or that Contiguity has deemed high risk:
-
Cuba, Iran, China, North Korea, Syria, and the Crimea, Donetsk, and Luhansk Regions, or persons Contiguity has deemed high risk, such as those individuals or entities named to a restricted person or party list of the US, United Kingdom, European Union or United Nations, including the sanctions lists maintained by the US Office of Foreign Assets Control or the Denied Persons List or Entity List maintained by the US Department of Commerce
-
India, Pakistan, Bangladesh, Afghanistan, Iran, Iraq
-
9. Representation and Warranty
You represent as of the Effective Date, and warrant at all times during the Term, that you do not use the Contiguity Identity Services for any “permissible purpose” under (and as defined in) the FCRA, or in a manner that would violate the GLBA, the United States Driver's Privacy Protection Act, the United States Health Insurance Portability and Accountability Act, or other substantially similar Law.