• Supplier hosts the Supplier Data

• Supplier is a Sub-processor of Client Information 

• Client Information includes Personal Data

• The Sub-processor is located in the United States

• The Sub-processor is located outside of the EEA

• The Supplier is subject to the Privacy Shield Framework so is deemed to offer an adequate level of data protection by the European Commission

The Supplier Data that GBG uses to provide USA Combined is supplied by GBG’s Data Supplier. GBG is obliged under the terms of its agreement with its Data Supplier to ensure that all End Users agree to comply with the following provisions:

1.1 The End User may only use the Supplier Data for the purposes of consumer identity, address and age verification in connection with fraud prevention and transactional completion within the End User’s own business.

1.2 The Data Supplier reserves the right to modify the Supplier Data from time to time, for any reason, and without notice, including the right to terminate the Supplier Data. Any changes, updates and new versions of the Supplier Data will be subject to these terms.

1.3 The End User must not in any circumstances use the Supplier Data or the information provided by the Data Supplier for any purpose that would violate any state or local statute, rule or regulations or in connection with transactions involving:

(a) Live animals or any other living organisms of any kind; 

(b) Illegal activities or violations of law, rules or regulations; or

(c) The exploitation of children, individuals or animals.

The End User agrees to limit its use to legal purposes, and to take appropriate measures so as to protect against the misuse of any information. 

1.4 The Supplier Data cannot be cached, reused, compiled, stored or resold in any manner by the End User. Searches must be undertaken real-time and any output is for one-time use only. 

1.5 The End User acknowledges that it is not a Consumer Reporting Agency and the information provided by the Data Supplier may not be used for any purpose that would violate privacy obligation policies and/or any other terms and provisions of the Gramm-Leach-Bliley Act (15 U.S.C. § 6801 et seq.), the Federal Fair Credit Reporting Act (15 U.S.C. § 1681 et seq.), the Federal Drivers Privacy Protection Act, (18 U.S.C. § 2721 et seq.), or any similar state or local statute, rule or regulation.

1.6 In the event that the End User operates within the tobacco or healthcare industries within the United States of America or provides marketing services to the tobacco industry in the United States of America the End User must inform GBG who must seek consent from its Data Supplier, before the End User uses the Supplier Data.

1.7 The End User shall limit its use of the Supplier Data to the purposes specified at clause 1.1 and shall take appropriate measures so as to protect against the misuse of any information provided by the Data Supplier. 

1.8 The End User must comply at all times with all US Federal and State laws regarding the use of the Supplier Data, including but not limited to the Federal Wire Act and shall abide by all applicable legislation and rules and regulations as may be enacted or adopted after the date hereof.

1.9 The End User must not re-produce, re-transmit, re-publish, or otherwise transfer for any commercial purposes the Supplier Data, data programs or computer applications or the results of the Supplier Data.

2.1 The Supplier Data used to provide this element of the Service is hosted by the Data Supplier. In order to perform the Services, the Data Supplier shall act as Sub-processor of Client Information (including any Personal Data supplied) for the sole purpose of delivering this element of the Service. The End User authorises GBG to appoint the Data Supplier as Sub-Processor for the purposes specified in this clause 2.1.

2.2 The Data Supplier is based in the United States which is located outside of the EEA. The Data Supplier is subject to the Privacy Shield Framework so is deemed to offer an adequate level of data protection for Personal Data by the European Commission, therefore the Parties acknowledge that Personal Data can be safely transferred to the Data Supplier for sub-processing without further data export safeguards.

3.1 The End User agrees that under no circumstances shall the Data Supplier or its service providers, data providers and their respective officers, employees and licensors be liable to the End User, on account of the use or misuse of the Supplier Data or reliance on the Supplier Data. Such limitation of liability shall apply to prevent recovery of direct, indirect, consequential, special, exemplary, and punitive damages (even if the Data Supplier or its data providers have been advised of the possibility of such damages). Such limitation of liability shall apply whether the damages arise from use or misuse of and reliance on the Supplier Data, from inability to use the Supplier Data, or from the interruption, suspension or termination of the Supplier Data (including such damages incurred by third parties).

3.2  By using the Supplier Data the End User:

(a) agrees to indemnify and hold harmless the Data Supplier, its service providers, data providers and their respective officers, employees, and licensors from all claims and expenses, including attorney’s fees, arising from the End User’s use of the Supplier Data;

(b) hereby releases the Data Supplier, its service providers, data providers and their respective officers, employees, and licensors from all claims, demands, debts, obligations, damages (actual or consequential), costs, and expenses of any kind or nature whatsoever, whether known or unknown, suspected or unsuspected, disclosed or undisclosed. The End User agrees to waive any laws that may limit the efficacy of such releases;

(c) acknowledges that the Data Supplier, its service providers, data providers and their respective officers, employees, and licensors shall not be liable to the End User for any loss or injury arising out of or caused in whole or in part by acts or omissions in procuring, compiling, collecting, interpreting, reporting, communicating, or delivering the Supplier Data;

(d) hereby agrees to protect, indemnify, defend and hold harmless any third party service providers, data providers and their respective officers, employees, and licensors in connection with the Supplier Data from and against all costs, claims, demands, damages, losses, and liabilities (including attorney’s fees and costs) arising from or in any way related to use of the information received by the End User.   

4.1 The End User acknowledges that the Supplier Data has been gathered from selected public records and other sources and agrees to accept the Supplier Data “as is” without warranty of any kind. Without limiting to the generality of the foregoing: (i) any warranty, express or implied, with respect to the Supplier Data are hereby disclaimed; (ii) no guarantee or warranty as to the correctness, completeness, merchantability, or fitness for a particular purpose of the Supplier Data or the components thereof is granted hereunder, and (iii) no warranty is made as to the provision of uninterrupted or error-free Supplier Data, or that the Supplier Data is not susceptible to intrusion, attack or corruption.

5.1 Violations of system or network security are prohibited and may result in criminal or civil liability. Examples include but are not limited to the following: unauthorised access, use, probing, or scanning of systems security or authentication measures, data, or traffic; interference with service to any user, host, or network including, without limitation, mail bombing, flooding, deliberate attempts to overload a system, broadcast attacks, forging or any TCP-IP packet header or any part of the header. 

6.1 The End User acknowledges and accepts that it retains no rights, title, or interest in and/or to the data, information, programs and computer applications provided under applicable contractual, copyright, patent and related laws and that any use of the Supplier Data outside of these terms is unauthorized and will be cause to suspend or terminate the supply of the Supplier Data.  

6.2 The End User acknowledges and accepts that if it is determined or reasonably suspected that it has re-sold the Supplier Data or results of or is re-selling or brokering the Supplier Data or violating any laws or regulations including those described herein, the delivery of the Supplier Data may be terminated or suspended immediately.