The Datasets have been replaced with 0307 International Sanctions (FCRA), 0308 International PEP (FCRA) and International Adverse Media Datasets (ID numbers 201604, 201605 & 201606) since 8 December 2022.
0307 International Sanctions (FCRA), 0308 International PEP (FCRA) and International Adverse Media Datasets are subject to the Additional Terms available here: https://www.gbgplc.com/en/legal-and-regulatory/legal-additional-terms/id3global/

• The Supplier hosts the Supplier Data
• The Supplier is a processor of End User Data appointed by GBG in its capacity as an independent controller
• The Supplier is located in the United States
• The Supplier is located outside of the EEA and the UK
• GBG relies on a derogation to transfer End User Data to the Supplier based outside of the EEA and the UK in accordance with Article 49 (1)(c) UK GDPR.

The Supplier Data used to provide the ISS Dataset is provided by GBG’s Supplier. GBG is obliged under the terms of its agreement with its Supplier to ensure that all End Users agree to comply with the following licencing provisions. Individual ISS checks are identified by an ID Number on the End User’s Order Form.

1. DEFINITIONS
1.1. In these Additional Terms, the following definitions shall apply, in addition to the definitions set out in the General Terms and Product Terms:
“End User Data” means any data provided to GBG by the End User for processing in accordance with the terms of the Agreement including where relevant any personal data.
“Permitted Purpose” means the purposes, restrictions and or conditions for the use of the Dataset outlined by the Supplier as set out in clauses 2.3-2.5 below, in addition to the Customer Use Case set out in the Agreement and at clause 2.1

2. USE OF THE DATASET
2.1 This Dataset may only be used for the Customer Use Cases detailed in this clause 2.1, provided that such Customer Use Case is selected on the End User's Order Form and the End User complies with any use case restrictions set out in the Agreement or these Additional Terms:
• ID Verification – Fraud
• ID Verification – Regulatory
2.2 In addition to the Customer Use Case restrictions contained within clause 2.1 (including any conditions that apply to that Customer Use Case) the following terms set out in clauses 2.3-2.5 also apply.
2.3 The End User acknowledges that provision of this Dataset by the Supplier does not constitute in any way legal advice.
2.4 The End User understands and agrees that although the Supplier complies with all applicable international laws regarding the access to and search against various data sources applicable to the Supplier Data, the End User must also comply with all applicable international laws regarding the use and distribution of the search results and that the End User's compliance effort is the sole responsibility of the End User.
2.5 The End User warrants that it will not use the Dataset for any reason outside of the Customer Use Case and the Permitted Purpose.

3. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS
3.1 The Supplier Data used to provide you with this Dataset is hosted by the Supplier in the United States. In order to deliver this Dataset, the Supplier shall receive and process End User Data as a processor appointed by GBG in its capacity as an independent controller
3.2 The Supplier is based in the United States, which is located outside of the EEA and the UK. The End User acknowledges that GBG relies on a derogation to transfer End User Data to the Supplier for processing in accordance with Article 49 (1)(c) of UK GDPR

4. AUTHORISATION TO PROVIDE AND TRANSFER INFORMATION
4.1. If the data subject resides within the United States of America or its territories, the End User hereby certifies it will use commercially reasonable efforts to comply with all applicable requirements of the Fair Credit Reporting Act, 15 U.S.C.1681 et seq. ("FCRA") for those searches which relate to FCRA regulated services, including, without limitation, the following requirements:
(a) Prior to completing a search, establish reasonable procedures to ensure that it or its customers have a permissible purpose for requesting the Supplier Data, and that it will use any customer data for single one-time use, including but not limited to GBG requiring a certification of the same from the End User;
(b) Prior to using the Supplier Data, the End User will maintain reasonable procedures to assure maximum possible accuracy of information it provides to its customers; provided, however, that such obligation shall not apply to accuracy issues in the Supplier Data.
(c) Provide its customers with the Consumer Financial Protection Bureau's prescribed notices including, notice to users of consumer reports, which are available on the Consumer Financial Protection Bureau's website at www.consumerfinance.gov/learnmore.
(d) comply with the requirements of the FCRA when applicable, including but not limited to, section 604(b) (conditions for furnishing and using reports for employment purposes) and section 615 (requirements for users of reports), and specify that any adverse action notifications contain the name and contact information of both the End User as well as the Supplier.
(e) Comply with FCRA §611 procedures in case of disputed accuracy. Upon receipt of a dispute either from a consumer or a customer relating in any way to the Supplier Data provided by the Supplier, the End User will immediately or within five (5) business days of receiving the notice, notify SIC of the dispute along with any and all information provided by the consumer.
(f) Not request Supplier Data about themselves, their families or friends other than as permitted by the Supplier, this Agreement, or applicable law.
(g) Will not use the Supplier Data to discriminate unlawfully against a consumer or otherwise misuse the information, as provided by any applicable federal or state equal opportunity laws or regulations.