• Supplier hosts the Supplier Data
• Supplier is a Sub-processor of Client Information
• Client Information includes Personal Data
• The Sub-processor is located in British Columbia in Canada
• The Sub-processor is located outside of the EEA
• Commercial organisations in Canada which are subject to the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) are deemed to offer an adequate level of data protection by the European Commission.
• British Columbia as a province of Canada has general private-sector laws that have been deemed substantially similar to PIPEDA and therefore businesses within British Columbia are deemed to be adequate by the European Commission.

The Supplier Data that GBG uses to provide OSINT Data (“OSINT”) is supplied by GBG’s Data Supplier. GBG is obliged under the terms of its agreement with its Data Supplier to ensure that all End Users agree to comply with the provisions set out below. These terms apply to all OSINT Enterprise checks. Individual OSINT Enterprise checks are identified by an ID number on the End User’s Order Form.

1. EXCLUSION OF WARRANTIES
1.1. OSINT is provided from publicly available data sources and so the Data Supplier makes no representation or warranty of any kind regarding OSINT, whether express, implied (either in fact or by operation of law), or statutory, as to any matter whatsoever and expressly disclaims all implied warranties of merchantability, fitness for a particular purpose, quality, accuracy, non-infringement, and title.

2. INTELLECTUAL PROPERTY RIGHTS
2.1. Title to and ownership of all copies of OSINT and its documentation, whether in machine-readable or printed form, and including, without limitation, compilations, or collective works thereof and all related technical know-how and all rights therein (including without limitation rights in patents, patents pending, copyrights, and trade secrets applicable thereto), are and will remain the exclusive property of the Data Supplier. The End User will not act to jeopardise, limit, or interfere in any manner with the Data Supplier’s ownership of and rights with respect to OSINT and its documentation.

3. DATA PROTECTION
3.1. The Supplier Data used to provide OSINT is hosted by the Data Supplier. In order to perform the Services, the Data Supplier shall act as Sub-processor of Client Information (including any Personal Data supplied) for the sole purpose of delivering this element of the Service. The End User authorises GBG to appoint the Data Supplier as Sub-Processor for the purposes specified in this clause 3.1.
3.2. The Data Supplier is located in British Columbia and as a province of Canada has general private-sector laws that have been deemed substantially similar PIPEDA therefore the Parties acknowledge that businesses within British Columbia are deemed to offer an adequate level of data protection for Personal Data by the European Commission. On this basis, the Parties acknowledge that Personal Data can be safely transferred to the Data Supplier for sub-processing without further data export safeguards.

4. TERMINATION
4.1. Notwithstanding any other provisions of the Agreement, GBG may terminate the provision of all or any part of OSINT on thirty (30) day’s prior written notice to the End User if the Data Supplier ceases to supply OSINT to GBG.

5. SUPPORT
5.1. OSINT is provided through a framed portal service and so in relation to OSINT GBG will not be subject to the standard support obligations contained in the Agreement. Accordingly GBG will use reasonable endeavours to resolve all issues with OSINT as soon as reasonably practicable.