This Defend Supplement is attached to and incorporated into the Proof General Terms (“General Terms”), the Order Form, or both. Capitalized terms not otherwise defined have the meanings given in the General Terms, the Proof Glossary, or the Order Form.
- Applicability. This Defend Supplement applies to any Subscriber who uses Defend.
- Defend. Defend is comprised of features designed to provide additional signals that will assist a Subscriber with verifying a User’s identity. “Defend Data” refers to any data received by Subscriber as part of the Defend Services. Defend includes the following features:
2.1 Enhanced Identity Tab.
(a) Phone and IP address risk signals;
(b) Aggregated identity risk score for each Identify and Notarize Transaction; and
(c) Proof ID Report (exportable).
2.2 Enhanced TransactionDashboard.
(a) Aggregated Identity risk column (showing highest risk individual on the Transaction);
(b) Each Identify and Notarize Transaction will have a complete identity risk score;
(c) Risk alert filter;
(d) Pulling in all transactions with high and medium identity alerts; and
(e) Includes webhook alerting for all high and medium alerts.
2.3 In Platform Prompts.
(a) Empty state on risk alert filter; and
(b) Banner on the Identity tab.
- Subscriber Responsibilities. The risk score and the fraud indicators do not definitively indicate that fraud has occurred. Subscriber is solely responsible for (i) reviewing the risk score and fraud indicators provided by Defend; (ii) deciding whether action should be taken; and, (iii) if Subscriber decides action is appropriate, taking that action. Proof shall have no liability for a failure to detect fraud.
- Acceptable Use Policy.
4.1 Acceptable Uses. Subscriber agrees to comply with the following limitations on the use of data provided the Services: (i) not to use the Services for any “permitted purpose” covered by the Fair Credit Reporting Act (15 U.S.C. Sec. 1681 et seq.) (“FCRA”) or use any of the information it receives through the Services to take any “adverse action”, as that term is defined in the FCRA; (ii) not to use the Services in violation of the Drivers Privacy Protection Act (18 U.S.C. Section 2721 et seq.) (“DPPA”); (iii) not to use the Services in violation of the Illinois Biometric Information Privacy Act (740 ILCS 14 et seq.) (“BIPA”), and similar and/or associated laws, whether state, local, foreign, or domestic; (iv) not to use the Services other than pursuant to an exception to the privacy provisions of the Gramm-Leach-Bliley Act (15 U.S.C. Sec. 6801 et seq.) (“GLBA”); (v) not to use the Services in violation of such other legislation that may be enacted in the future that Proof determines limits the use of the Services by Subscriber; (vi) not access the Defend Data from an IP address located outside of the United States and its territories; (vii) maintain for a period of five (5) years a complete and accurate record pertaining to Subscriber’s use of Defend Data; and (viii) immediately notify Proof, in writing if Subscriber suspects, has reason to believe, or confirms that an Account ID or the Defend Data (or data derived directly or indirectly therefrom) is or has been lost, stolen, compromised, misused or used, accessed or acquired in an unauthorized manner or by any unauthorized person, or for any purpose other than legitimate business reasons. Subscriber will not use the information gathered through the Services that include GLBA or DPPA governed data for marketing purposes. Subscriber shall provide all necessary notices and obtain all necessary consents and approvals required pursuant to applicable laws, including (i) the transfer of Subscriber Data to Proof and its vendors, (ii) the use of such Subscriber Data by Proof and its vendors in accordance with the Agreement, and (iii) the access by Proof or its vendors to Customer Proprietary Network Information as such term is defined in the Telecommunications Act. Neither Subscriber nor any of its shareholders, directors, officers or other principals is a citizen of, entity that is formed in, or has its principal place of business in, a country which is subject to any embargo, prohibition, or similar sanction under applicable laws, or is an individual who is identified on the Specially Designated Nationals or Blocked Persons list provided by the U.S. Treasury Department. Subscriber agrees and acknowledges that at any time Proof may investigate and take appropriate steps to safeguard data provided by the Services and ensure that Subscriber is in compliance with this provision. If at any time, Proof determines, in its sole and reasonable discretion, that Subscriber is not using the Defend Data in compliance with any of the foregoing, Proof may terminate the Agreement with Subscriber immediately without notice and without waiving any claim for damages.
4.2 Gramm-Leach-Bliley Act. The information that the Services provide to the Subscriber may contain consumer identification information governed by GLBA. In accordance with the GLBA, Subscriber certifies that such information will only be used for the following purposes:
(a) Fraud detection and prevention purposes including use to protect against or prevent actual or potential fraud, unauthorized transactions, claims or other liability;
(b) Completion of a transaction authorized by the User including but not limited to the collection of delinquent accounts;
(c) Application Verification including but not limited to (i) employment application verification (however, Proof Data cannot be used to make an employment decision as outlined in the Fair Credit Reporting Act (15 U.S.C. §1681 et seq.)), (ii) property leasing application information verification (however, Proof Data cannot be used for making a leasing decision as outlined in the FCRA (15 U.S.C. §1681 et seq.)), and (iii) insurance application information verification (however, Proof Data cannot be used for making a decision to insure an individual or business as outlined in the FCRA (15 U.S.C.§ 1681 et seq.)). Subscriber represents and warrants that Proof Data will not be used for purposes governed by the FCRA;
(d) Law firm and attorney functions including use by persons, or their representatives, holding a legal or beneficial interest relating to the User;
(e) Insurance purposes including (a) account administration, (b) reporting, (c) fraud prevention, (d) premium payment processing, (e) claim processing and investigation, (f) benefit administration, or (g) research projects;
(f) Required institutional risk control programs including complying with federal, state, or local laws, rules, and other applicable legal requirements and
(g) Dispute resolution for resolving customer disputes or inquiries.
4.3 Driver's Privacy ProtectionAct. The information that Proof’s service provides to the Subscriber may contain driver's license and motor vehicle registration information subject to the protections of the DPPA. In accordance with DPPA, Subscriber certifies that such information will only be used for the following purposes:
(a) Use in the normal course of business, to verify the accuracy of personal information submitted by the User and, if the submitted information is incorrect, to obtain correct information, but only for the purpose of preventing fraud by, or pursuing legal remedies against, or recovering on a debt or security interest against, the User (18 U.S.C. § 2721(b)(3));
(b) Use by court or other government agency or entity, acting directly on behalf of a government agency (18 U.S.C. § 2721 (b)(1));
(c) Use for any matter regarding motor vehicle or driver safety or theft; to inform an owner of a towed or impounded vehicle (18 U.S.C.§ 2721 (b)(2));
(d) Use in connection with a civil, criminal, administrative, or arbitral proceeding (18 U.S.C. § 2721 (b)(4));
(e) Use by an employer or its agents or insurer to obtain or verify information relating to a holder of a commercial driver's license thatis required under the Commercial Motor Vehicle Safety Act of 1986 (18 U.S.C. §2721 (b)(9));
(f) Use by an insurer or insurance support organization, in connection with claims investigation activities, antifraud activities, rating or underwriting (18 U.S.C. § 2721 (b)(6));
(g) Use by a licensed private investigative agency, or licensed security service, for a purpose permitted in items (a) through (f)above (18 U.S.C. § 2721 (b)(8)); and
(h) For use in connection with the operation of private toll transportation facilities.
- Indemnification. Subscriber will indemnify, defend, and hold Proof, its affiliates and their officers, directors, employees, agents and representatives harmless from and against any and all costs, damages, liabilities or expenses (including reasonable attorneys’ fees) arising from any third-party claims resulting from (a) use of Defend Data received by Subscriber (or any third party receiving such information from or through Subscriber) furnished by or through Proof; and (b) any Security Incident.
Priority Level
Conditions
Level 1
Critical Business Impact. The Incident seriously affects the functionality of the Services (or component thereof) and cannot be circumvented such that most of the significant functionality of the Services (or component thereof) is available.
Level 2
Significant Business Impact. The Incident partially affects the functionality of the Services (or component thereof), but can be circumvented so that most of the significant functionality of the Services (or component thereof) is available.
Level 3
Minimal Business Impact. The Incident can be circumvented such that the Services (or component thereof) can be used with only slight inconvenience. The problem can be considered insignificant and has no significant effect on the usability of the Services (or component thereof).
Priority Level
Conditions for Closure of Help-Desk Ticket
Level 1
The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
Level 2
The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
Level 3
The Incident is considered resolved and closed when one of the following occurs: (i) an Incident Resolution has been fully implemented, or (ii) 10 business days have elapsed since Proof’s communication of the information that Proof reasonably believes will resolve the Incident (communicated by email to Subscriber’s designated contact for such Incident), and Subscriber has not responded to Proof. The Incident can be reopened later if it has not been resolved.
Cumulative On-Demand Notary Availability Downtime
(in a given calendar month as measured by Proof monitoring systems, converted to minutes)
(in a given calendar month as measured by Proof monitoring systems, converted to minutes)
On-Demand Notary Downtime Credit
Up to 240 minutes
No On-Demand Notary Downtime Credit
241-360 minutes
1%
361-480 minutes
3%
481-600 minutes
5%
601 minutes or greater
7%
Platform Availability Percentage
(in a given calendar month as measured by Proof monitoring systems)
(in a given calendar month as measured by Proof monitoring systems)
Platform Downtime Credit
99.9% or higher
No Platform Downtime Credit
97% - 99.9%
1%
95% - 97%
3%
93% - 95%
5%
Below 93%
7%
Incident Priority
Acknowledgement Time (During Business Hours)
Provision of Incident Resolution or Interim Process
If Interim Process is provided, Maximum Timeframe for Provision of Incident Resolution
Level 1
1 hour
8 hours
36 hours
Level 2
4 hours
24 hours
5 days
Personal Information Category set forth in Cal.Civ. Code § 1798.140
Source(s) of Personal Information Collection
Business or Commercial Purpose(s) for Collection/Use
Third Parties, Service Providers, and Contractors Receiving Personal Information Category
Retention Period
Personal Identifiers, including real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license or passport number, or other similar identifiers.
Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction; credential analysis companies; identity verification services.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
For job applicants: Asses your application; satisfy legal obligations.
For job applicants: Asses your application; satisfy legal obligations.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; single sign-on providers; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
California Customer Records Personal Information (Cal. Civ. Code § 1798.80(e)), including name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Directly from you; counterparties in a transaction; credential analysis companies; identity verification services.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
For job applicants: Process your application; satisfy legal obligations.
For job applicants: Process your application; satisfy legal obligations.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
Characteristics of protected classifications under California or federal law.
Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction; credential analysis companies; identity verification services.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you; meet our legal obligations.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you; meet our legal obligations; maintain transaction records.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
Biometric information.
Directly from you; indirectly from you as you navigate or use our Services; internet or mobile service providers; credential analysis companies; identity verification services.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; meet our legal obligations; maintain transaction records.
Affiliates; technology service providers.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information about individual interactions with an Internet website, application, or advertisement.
Indirectly from you as you navigate or use our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
Detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; verify, maintain, improve, upgrade, or enhance a service or device that is owned or controlled by us; identify and repair errors; advertise or marketing to you; perform analytics.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; single sign-on providers; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
Barring any legally required additional retention period, up to one year.
Geolocation data
Indirectly from you; devices you use to access our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
Protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
Advertising networks; social networks; technology service providers; customer relationship management providers; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; web mapping platforms.
Barring any legally required additional retention period, up to one year.
Sensory data including audio, electronic, visual, thermal, olfactory, or similar information.
Directly from you; indirectly from you as you navigate or use our Services; internet or mobile service providers; credential analysis companies; identity verification services.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; meet our legal obligations; maintain transaction records.
Affiliates; technology service providers; counterparties in a transaction.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
Professional or employment-related information
Directly from you; notaries; data analytics providers; social networks; advertising networks; counterparties in a transaction; credential analysis companies; identity verification services.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
For job applicants: Process your application.
For job applicants: Process your application.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies.
The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
For job applicants: Barring any legally required additional retention period, up to 7 years for non-hired applicants.
For job applicants: Barring any legally required additional retention period, up to 7 years for non-hired applicants.
Non-public education information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 C.F.R. Part 99)
For job applicants: directly from you; recruiting software providers; background check providers; recruiters.
For job applicants: Process your application.
Affiliates; background screening companies; technology service providers.
For job applicants: Barring any legally required additional retention period, up to 7 years for non-hired applicants.
Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Indirectly from you; devices you use to access our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
Advertise or market to you; perform analytics; maintain, improve, upgrade, or enhance a product or service.
Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; collaboration software providers; customer engagement and communication platforms; web mapping platforms.