The Supplier Data used to provide this Dataset is provided by GBG’s Supplier, Trinsic Technologies, Inc. GBG is obliged under the terms of its agreement with its Supplier to ensure that all End Users agree to comply with the following licensing provisions:

1. DEFINITIONS
1.1. In these Additional Terms, the following definitions shall apply, in addition to the definitions set out in the Agreement:

“End User Data” means any data, including where relevant any personal data, relating to an End User that is (a) provided by the Data Subject to End User, or (b) collected, accessed, or otherwise obtained by GBG on behalf of an End User and processed solely in accordance with the terms of the Agreement.

2 USE OF THE DATASET
2.1. End User shall not:

(a) reproduce, display, download, modify, create derivative works of or redistribute the Services;

(b) attempt to reverse engineer, decompile, disassemble or access the source code for the Services or any component thereof;

(c) execute unauthorized automated tests or load balancing against the Supplier Data, Dataset or Services;

(d) introduce to the Services any unauthorized data, malware, viruses, Trojan horses, spyware, worms, or other malicious or harmful code, or any data that infringes, misappropriates, or otherwise violates the intellectual property rights or other rights of any third party;

(e) use the Supplier Data or any component thereof, in the operation of a service bureau to support or process any content, data, or information of any party other than End User;

(f) sell, transfer, sublicense, assign, or otherwise permit any party, other than the then-currently Authorised Users, to access the Supplier Data and/or Services;

(g) access or use the Supplier Data and/or Services to deliberately create a competing product or service; or

(h) use the Supplier Data and/or Services for any purpose that is unlawful, harassing, abusive, tortious, threatening, harmful, invasive of privacy, vulgar, defamatory, false, intentionally misleading, trade libelous, pornographic, obscene, patently offensive, promotes racism, bigotry, hatred, or physical harm of any kind, or is otherwise objectionable.

2.2. End User acknowledges and agrees that GBG may immediately suspend End User’s access and use of the Supplier Data if GBG has reasonable evidence that cause it, in good faith, to believe the End User has violated clause 2.1 above. GBG will cooperate and work with the End User to restore access in a timely manner once any suspected breach has been cured, unless such breach gives rise for GBG to terminate pursuant to the terms of the Agreement.

2.3. The Supplier Data is subject to rules (the “MitID Rules”) created through the partnership established between the Danish Agency for Digitisation (Digitaliseringsstyrelsen) and FR1 A/S (the “MitID Partnership”). The MitID Rules are determined by, and may be changed by, the MitID Partnership, and shall be in effect between Danish Agency for Digital Government (the “ID Provider”), the Supplier, GBG and the End User. The current MitID Rules can be found on the MitID website. The End User must ensure that the MitID Rules are available to the Data Subjects.

2.4. Where applicable, when using the Supplier Data, the End User shall observe and comply with the following requirements:

1. End User’s implementation shall not deviate from the MitID UX Scheme requirements available at this link: https://www.signaturgruppen.dk/application/files/4917/1835/4565/UX_scheme_-_extracted.pdf;
2. End User may not use any other visual identity for authentication via the Supplier Data;
3. End User must implement the Supplier Data in such a way that allows an End User to validate the MitID domain (*.mitid.dk) in the address field in the browser whenever possible;
4. If End User implements the Supplier Data in a mobile application, its primary website must publish instructions to download the correct application from a widely-recognized application distribution marketplace (e.g. Google Play Store or iOS App Store).

The MitID UX Scheme may be changed wholly or partly at any time by the MitID Partnership. The End User must ensure compliance with any changes within thirty (30) days of such change being posted to the MitID website.

2.5. If End User requests a CPR-number from a Data Subject, the End User shall directly inform the Data Subject that the CPR information is requested.

2.6. A MitID authentication is valid for the time specified in the authentication tokens issued, which is determined by the MitID Rules. An authentication may not be construed as a MitID authentication unless an active authentication token exists. End User acknowledges and agrees that neither GBG nor the Supplier or ID Provider, are in any way liable for the security, assurance level, or any other conditions related to reliance on a derived identity based on an expired MitID authentication.

2.7. End User must not charge the Data Subjects an authentication fee to authenticate through the Supplier Data.

2.8. Notwithstanding clause 2.2 of these Additional Terms or the suspension process outlined in the Agreement, GBG, the Supplier, the ID Provider or the ID Provider’s sub-processor may immediately suspend or block End User’s access to the Supplier Data if (i) the End User fails to comply with clauses 2.3-2.8 of these Additional Terms or the MitID Rules, (ii) if the End User’s actions constitute a security risk to the Supplier Data, (iii) if the End User behaves in a way intended to influence a data subject to have a negative perception of the Supplier Data or (iv) due to material security-related reasons.

3. INFORMATION REQUESTS

3.1. GBG and/or the Supplier may receive requests, or be contractually required by government entities, regulatory authorities, or the ID Provider, to provide or obtain information about End User and/or Data Subjects as a condition of the use of the Services. The End User authorizes GBG and its Supplier to provide End User Data to such authorities (or their designated representatives) in response to such requests and, if the requested information is not already in GBG’s or its Supplier’s possession, End User will promptly provide all necessary information to GBG for this purpose.

4. USE OF ID PROVIDER MARKS

4.1. End User is granted a limited, non-exclusive, royalty-free license to use the marks of the ID Provider, subject to any communicated limitations, conditions, usage guidelines, or approval procedures, for the purpose of: (i) indicating to actual and prospective customers that End User is authorized to make available the Supplier Data, (ii) identifying the ID Provider as an offered verification method within End User’s services. End User acknowledges that the right to use the ID Provider’s mark is not guaranteed and that any licence to use an ID Provider mark granted hereunder may be revoked at any time at the sole discretion of GBG, the Supplier or ID Provider. End User agrees not to alter, obscure, or misuse ID Provider marks or use them in a way that could cause confusion, diminish their distinctiveness, or imply that End User is an exclusive provider or partner of the ID Provider.

5. SERVICE LEVELS

5.1. The End User acknowledges and accepts that any downtime or performance degradation caused by the ID Provider is beyond GBG's reasonable control and shall be considered an exception to the availability of the Services.

6. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS

6.1 End User shall inform the Data Subject that their data shall be transferred to the Supplier in the United States as part of this Service.