Legal

(Choose a section to read more)

Privacy Notice

For reference purposes only

LAST UPDATED: October 19, 2019

VERIFIED.ME SERVICE – PRIVACY NOTICE­­­

The Verified.Me service is an information management and sharing service provided by SecureKey Technologies Inc. (“SecureKey”, “us”, “we” or “our”). SecureKey is committed to respecting and protecting your privacy and the security of your Personal Information. This Privacy Notice explains how information about an identifiable individual (“Personal Information”) is collected, used, disclosed, stored, retained, processed and safeguarded in connection with use of the Verified.Me service and the Verified.Me mobile and web applications (collectively, the “Service”). By using the Service, you agree and consent to the collection, use, disclosure, storage, retention, processing and safeguarding of your Personal Information in accordance with this Privacy Notice.

 

About the Service

The Service allows you to authorize your selected Identity & Data Providers to share certain of your information with Relying Parties.

Activity Data means Personal Information and other information that is collected or generated by SecureKey and its authorized service providers for the purposes of operating and maintaining the Service.  Activity Data collected for these purposes includes general information about your transactions, such as the type of Relying Party with which you consented to share your User Information, as well as the type and the sensitivity level of the information you are sharing.

Identity & Data Provider (which may sometimes be referred to as a ‘connection’) means an eligible organization in Canada that participates in the Service and that generates or holds certain information about you. Examples of Identity & Data Providers include financial institutions, credit bureaus, telecommunications providers, government departments and agencies and other eligible third parties.

Relying Party means an eligible organization in Canada that participates in the Service and that asks you to provide certain of your User Information through the Service to facilitate its interactions with you, for example, to help verify your identity or eligibility for product or service offerings. Examples of potential Relying Parties include financial institutions (e.g., for online bank account applications), telecommunications service providers (e.g., for account opening and service or device eligibility), online merchants (e.g., for hotel bookings), government departments and agencies (e.g., for program eligibility) and other eligible third parties. When adding a new Identity & Data Provider as a connection, you may be asked to share certain User Information with that new Identity & Data Provider. For the purposes of that sharing of User Information, that Identity & Data Provider will be deemed to be a Relying Party.

User Information means Personal Information that is generated or held by Identity & Data Providers and that is available to be shared through the Service.

You, you or your means the person who wishes to use the Service, and whose Credentials (as defined below) have been used to register for the Service.

 

How we collect and use your information

REGISTRATION

The Service registration process requires you to select the financial institution in Canada that is participating in the Service (“Financial Institution” or “FI”) that you have an active and existing business relationship with to create your Verified.Me profile, which will form the basis of your Canadian Verified.Me account (the “Verified.Me account”). This FI will become your first Identity & Data Provider.

As part of the registration process, and prior to each use of the Service, your FI will authenticate you using your existing banking credentials that you use for authentication purposes to access services at your FI or which are otherwise required by your FI to access the Service, such as username, password, card number, biometric identifiers (including fingerprints, voice patterns and facial recognition), one-time passcode or other information (collectively, “Credentials”). Once you are initially authenticated by your FI, your FI will create and store an individualized Verified.Me account identifier for you which is distinct from your Credentials, and will register this identifier with the Service.

Neither the Service nor SecureKey has access to your Credentials.

Following your successful authentication using your Credentials during the registration process, your selected FI will provide a summary of your User Information available for you to share with Relying Parties. If any of your User Information displayed during registration is incorrect, you must discontinue the registration process and contact your FI to update your User Information in its files, to the extent required.

CONSENT TO SHARE YOUR INFORMATION

The Service allows you to authorize your selected Identity & Data Providers to share certain of your User Information with a Relying Party to facilitate your interactions with the Relying Party (or if that Relying Party is another Identity & Data Provider, to facilitate its addition as a connection) with your express consent. Although your User Information was collected by or on behalf of your FI and other Identity & Data Providers under their respective terms and privacy policies, when you authorize your User Information to be shared with a Relying Party (including a Relying Party that is another Identity & Data Provider for the purposes of adding them as a connection through the Service), it is collected, used, disclosed, stored, retained, processed and safeguarded by the Service under the terms of this Privacy Notice and, as noted above, only with your express consent. Once the information is received by the Relying Party (other than another Identity & Data Provider for the purposes of adding them as a connection), it is used, disclosed and retained in accordance with the privacy policy of the Relying Party, its agreement with you and all applicable laws.

When you share your User Information with a Relying Party that is another Identity & Data Provider for the purposes of adding them as a connection, that Identity & Data Provider is only entitled to use and handle that User Information for the purposes of attempting to match that information with information about you in the Identity & Data Provider’s system to facilitate their addition as a connection and for no other purpose.  Subject to this agreed limited use, your User Information is collected, used, disclosed, retained, stored, processed and safeguarded by the Identity & Data Provider in accordance with its privacy policy, any agreements it has with you and all applicable laws.

GENERAL

SecureKey may, but is not obligated to, monitor the Service in an effort to identify unauthorized use and to protect users and Service participants (namely, FIs and other Identity & Data Providers and Relying Parties).

Activity Data collected or generated by the Service also includes information about activities that occur with your Verified.Me account, including, for example, your registration with the Service, successful and failed logins from your electronic access device (as defined below), information about your electronic access device, such as its model, operating system, device ID and MAC address, connections established with new Identity & Data Providers, and consents to share your User Information. (For the purposes of this Privacy Notice, “electronic access device” includes your cell phone, smart phone, mobile device, desktop or personal computer, tablet or other electronic device that you may use to access the Service.) Certain details about these activities are stored and viewable in your Verified.Me mobile application activity log (which is not viewable in the web application). This activity log does not contain your Credentials or any of your User Information that you have agreed to have an Identity & Data Provider send to a Relying Party through the Service.

MOBILE PHONE NUMBER COLLECTION AND USE BY RELYING PARTY IN RELATION TO VERIFIED.ME

A Relying Party may collect and use your mobile phone number to send you a link (via text message) to engage with the Service.  The mobile phone number that you provide for this purpose is collected by the Relying Party (not by SecureKey) and is subject to the Relying Party’s privacy policy and any agreement it may have with you.

Protecting your information

All of your User Information that you authorize an Identity & Data Provider to share with a Relying Party through the Service will be protected with security mechanisms intended to prevent your User Information from being identified, accessed or misused when it is sent through the Service.

Your Activity Data is stored in protected form. Only authorized personnel will have the ability to retrieve Activity Data from the Service’s audit systems. Details of certain activities are available to you through the activity log in your Verified.Me mobile application (which is not available in the web application).

Disclosing your information

The Service allows you to authorize your selected Identity & Data Providers to share certain of your User Information with a Relying Party to facilitate your interactions with the Relying Party (or if that Relying Party is another Identity & Data Provider, to facilitate its addition as a connection) with your express consent. Because your User Information may include private or confidential Personal Information, please ensure that you understand how it will be used and further disclosed by a Relying Party before giving your consent to share any of your User Information.

SecureKey may report suspected fraudulent activity to Service participants, including the FI you selected when first registering for the Service, or other parties as permitted or required by law, and certain of your Personal Information may be included in those reports to assist with fraud prevention, detection, investigation and remediation.

In connection with providing the Service, SecureKey may transfer or provide access to your Personal Information to outside agents or service providers that perform services on our behalf (e.g., data hosting or processing services), or that otherwise collect, use, disclose, store, retain, process or safeguard information on our behalf for the purposes described in this Privacy Notice. SecureKey requires such service providers to maintain comparable protections over Personal Information shared with them.

We may also disclose Personal Information: (a) to any governmental authority where required by law, (b) in response to a court order, subpoena, discovery rule, or other lawful request, (c) as otherwise required under any applicable law, rule, or regulation, (d) in good faith, if an investigation is required (for example, as a result of a potential privacy breach or unauthorized transaction(s)), or (e) to protect or defend our rights or property or those of other persons.

If we sell our business or any part thereof that operates any portion of the Service, we may transfer Activity Data to prospective purchasers to the extent necessary to enable consideration of the transaction. We may also transfer any Personal Information in our control at the time of such a transaction to the purchaser so that the purchaser can continue to operate the Service after the transaction has been completed.

Storing and retaining your information

When you consent to the sharing of your User Information from an Identity & Data Provider to a Relying Party through the Service, your User Information is temporarily held in our networks to facilitate the successful transfer. Information is purged from the network in accordance with our record retention policies.

User Information that is made available on your electronic access device for your review before you consent to having it shared with a Relying Party by the applicable Identity & Data Provider(s) is maintained within the Identity & Data Provider’s systems, and is not stored locally on your electronic access device.

Other information that we generate or collect in order to provide the Service, such as account identifiers and other Activity Data, is only retained for as long as necessary to administer the Service.

Activity Data is stored by the Service for legal, regulatory, suspected fraudulent activity investigations and dispute resolution purposes in accordance with our record retention rules.

Personal Information that is stored by the Service is maintained on our servers, or those of our service providers, and is accessible only by our authorized employees, representatives and service providers who require access in connection with their responsibilities.

 

Suspending or closing your Verified.Me account

Authorized personnel of SecureKey or its service providers supporting the operation of the Service have the ability to suspend or delete (close) your Verified.Me account in accordance with the Verified.Me Terms and Conditions governing your use of the Service. In the event your Verified.Me account is suspended and you wish to have it re-activated, you can obtain information at https://verified.me/support/knowledge-base/. You may also wish to contact your FI’s Customer Support team to obtain additional details and required steps in order to reactivate your Verified.Me account.

You may discontinue your use of the Service at any time by closing your Verified.Me account. 

You may close your Verified.Me account in the mobile application by following the steps listed in the ‘Delete Verified.Me Profile’ section of the Verified.Me mobile application. If you are using the Verified.Me web application, please follow the steps outlined here: How to Close your Verified.Me Account. You may also be able to close your Verified.Me account through your FI.

Closing your Verified.Me account will mean that you no longer have an active Verified.Me account, you will not be able to initiate new transactions to share your User Information with Relying Parties, sharing transactions that you previously authorized may not be completed, and you will not have access to any transaction records that summarize previous Verified.Me account activities. However, closing your Verified.Me account will not affect (1) any of your User Information held by your Identity & Data Providers or previously shared with your Relying Parties, or (2) any transaction records or other Activity Data maintained by the Service.

If you wish to use the Service in the future after closing your Verified.Me account, you will need to complete the Service registration process again and set up a new Verified.Me account. You can use your existing Credentials to open your new Verified.Me account.

Deleting the Verified.Me mobile application from your electronic access device will not close your Verified.Me account and will not affect any sharing transaction that you previously authorized. You will be able to access your Verified.Me account in the future by reinstalling the Verified.Me mobile application on your electronic access device and re-entering your then current Credentials for your FI.

Accessing and correcting your information

Your User Information resides with your applicable Identity & Data Providers and with Relying Parties with which you have chosen to share it. Although your User Information may be shared with Relying Parties (with your consent) via the Service, SecureKey is not an Identity & Data Provider, and cannot access your User Information to correct or modify it. Requests for access to your User Information, including requests to correct or modify it, must therefore be made by you directly to your Identity & Data Providers or Relying Parties.

In connection with sharing transactions, you will have an opportunity to view a summary of certain of your User Information within the Verified.Me application before you authorize your User Information to be shared with a Relying Party. The viewable User Information will be displayed within the Verified.Me application.  For mobile app Users, even when you are not engaged in a sharing transaction, you may have an opportunity to view certain of your User Information that is maintained by Identity & Data Providers that you have connected to.  The Identity & Data Providers may provide you with details on how to update or correct your User Information within the Identity & Data Provider’s files, or you may have to contact them to update or correct your User Information.

You may access your activity log information through your Verified.Me mobile application (which is not accessible in the Verified.Me web application).

You can obtain additional information on how to access or correct your Personal Information by visiting our Support Centre at https://verified.me/kb/020-how-do-i-update-personal-information-in-the-app/.

 

Notifications

Depending on the FI you select to associate your Verified.Me account with, you may receive notifications of some of your Service activities from your FI, such as registration completion and on authentication events occurring within your Verified.Me account. These notifications are intended to provide you with information on Service usage so that you may act upon notifications that you do not recognize as yours.  None of the Relying Parties or Identity & Data Providers that participate in the Service are permitted to send you unprompted emails or text messages asking for personal details through the Service.

 

Dispute resolution, questions or concerns

In the event you identify transaction(s) that you have not authorized or receive a notification from your FI regarding (or otherwise become aware of) unauthorized activity with your Verified.Me account, please contact customer support of your FI with which you associated your Verified.Me account. Upon your authorization, your FI’s customer support personnel will be able to retrieve your Verified.Me activity information and work with you to report unauthorized transactions to SecureKey and/or its service providers.

General queries or concerns on the privacy aspects of the Service may be directed to the SecureKey Privacy Officer. Contact details are provided below.

 

Third party participants

This Privacy Notice applies to the collection, use, disclosure, storage and retention of Personal Information in connection with the operation of the Service by SecureKey and its service providers, including third parties that host and operate certain components of the Service on behalf of SecureKey. This Privacy Notice does not apply to your FI or any of the Identity & Data Providers and Relying Parties that use, handle, disclose or retain your Personal Information in connection with your dealings with them that are distinct from the Service, and such parties will be governed by their own privacy policies and agreements with you when they collect, use, disclose, store, retain, process or safeguard your User Information in the ordinary course of their dealings with you outside of the Service.

Privacy Notice changes

This Privacy Notice is effective as of the date shown above and may be revised from time to time. We encourage you to review this Privacy Notice frequently to obtain the current version. Your continued use of the Service following any changes to this Privacy Notice constitutes your acceptance of any such changes.

For more information

If you require clarification about this Privacy Notice, or would like to request more information about the Service, including who to contact to request access for your Verified.Me account information, please contact our Chief Privacy Officer online at https://verified.me/privacy-request or by mail at:

SecureKey Privacy Officer

501 – 4101 Yonge Street
Toronto, Ontario M2P 1N6

Canada

Terms and Conditions

[For reference purposes only]

LAST UPDATED: October 19, 2019 

VERIFIED.ME SERVICE – TERMS AND CONDITIONS

Please carefully read this Agreement before agreeing to use the Verified.Me service (the “Service”). The Service allows you to authorize Identity & Data Providers to provide certain User Information about you to Relying Parties chosen by you. This Agreement is between you and SecureKey Technologies Inc. (“SecureKey”, “us”, “we” or “our”).

By clicking “Agree”,

  • you are agreeing to be bound by this Agreement; and
  • you are confirming either that you have reached the age of majority in the province in which you reside or that you are a minor and your parent or legal guardian has had an opportunity to review this Agreement and has consented to your use of the Service.

This Agreement takes effect on the date that you click “Agree”.

If you do not agree to this Agreement, click “Cancel” and you may not use the Service.

DEFINITIONS: 

  • Agreement”means these Verified.Me Terms and Conditions and the Verified.Me Privacy Notice, which is incorporated into this Agreement, as may be amended by SecureKey from time to time upon notice to you in accordance with section 12.
  • Credentials” means the credentials that you use for authentication purposes to access services at your Financial Institution or which are otherwise required by your Financial Institution to access the Service, such as username, password, card number, biometric identifiers (including fingerprints, voice patterns and facial recognition), one-time passcode or other information.
  • Electronic Access Device” means a cell phone, smart phone, mobile device, desktop or personal computer, tablet or other electronic device that you may use to access the Service.
  • Financial Institution” or “FI” means the financial institution in Canada with which you have a current banking relationship that has agreed to be an Identity & Data Provider and that you have chosen to act as your first Identity & Data Provider.
  • Identity & Data Provider” (which may sometimes be referred to as a ‘connection’) means an eligible organization in Canada that participates in the Service and that generates or holds User Information, including a financial institution, credit bureau, telecommunications provider, government departments and agencies and other eligible third parties.
  • Modification” has the meaning set out in section 4.
  • Personal Information” means information about an identifiable individual, including: name, email address, mobile or home phone number(s), mailing address, date of birth and certain of your account, profile or other information.
  • Released Parties” means SecureKey, your Financial Institution and all other Identity & Data Providers and Relying Parties that participate in the Service, and, as applicable, their respective affiliates, subsidiaries, divisions, suppliers and service providers, and all of their respective directors, officers, employees and agents, and “Released Party” means any one of them.
  • Relying Party” means an eligible organization in Canada that participates in the Service and that asks you to provide User Information through the Service to facilitate its interactions with you, for example, to help verify your identity or eligibility for Third Party Offerings. When adding a new Identity & Data Provider as a connection, you may be asked to share User Information with that new Identity & Data Provider; for the purposes of that sharing transaction, that Identity & Data Provider will be deemed to be a Relying Party.
  • Third Party Offerings” has the meaning set out in section 7.
  • Third Party Terms” has the meaning set out in section 7.
  • User Information” means all Personal Information and other information about you, that is generated or held by Identity & Data Providers and that is available to be shared through the Service.
  • Me Privacy Notice” means the privacy notice located at https://verified.me/privacy-notice or any successor URL.
  • you” or “your” means the person who wishes to use the Service, and whose Credentials have been used to register for the Service.

SERVICE CLAUSES:

  1. THE SERVICE

The Service is provided and operated by SecureKey. SecureKey will not charge you a fee to use the Service.

In order to register to use the Service, you will be required to select a financial institution with which you have an online banking relationship to create your Verified.Me account.

During your initial registration to use the Service and prior to each use of the Service, your Financial Institution will authenticate you using your Credentials. SecureKey has no access to your Credentials. The use of your Credentials to authenticate you is subject to and governed by the terms of your agreement with your Financial Institution.

This Financial Institution will then, for the purposes of the Service, become your first Identity & Data Provider. The Personal Information your Financial Institution has about you and which may be shown as part of the registration process will be your initial User Information for the Service. If any of your displayed initial User Information is incorrect, you must discontinue the registration process and contact your Financial Institution to update your information. After updating your information, you may attempt to register for the Service again.

After registration, (1) you will have an opportunity to add additional Identity & Data Providers as connections, and (2) additional User Information from your Identity & Data Providers, including your Financial Institution, may be added to your Verified.Me profile.

The Service allows you to authorize your selected Identity & Data Providers to share certain of your User Information with a Relying Party to facilitate your interactions with the Relying Party (or if that Relying Party is another Identity & Data Provider, to facilitate its addition as a connection  and enable your future sharing transactions). No User Information will be shared without your authorization, except to the extent such User Information may be shared with your mobile telecommunications provider or its authorized agent for the purposes of (1) verifying your mobile number associated with your Electronic Access Device, if any, or (2) completing certain security assessments associated with your Electronic Access Device.

Except (1) in connection with a specific transaction where you expressly agree, (2) where the identity of the Identity & Data Provider or Relying Party is evident due to the nature of the transaction, the User Information that you agree to share or the then current participants in the Service, (3) as required by law, or (4) if an investigation is required (for example, as a result of an actual (or suspected) unauthorized transaction):

  • an Identity & Data Provider will not know which Relying Party receives your User Information,
  • a Relying Party will not know which Identity & Data Provider(s) provide your User Information, and
  • SecureKey will not have access to your User Information for any particular transaction.

Certain aspects of the Service may differ depending on whether you use the Verified.Me mobile app or the Verified.Me web application.  Certain features or functionality may also be limited or not available in the web application.  For example, your list of connections and activity log will not be accessible via the web application.

If you subsequently use the Verified.Me mobile app after registering for or using the Service via the web application, your profile information, including any of your connections and activity log, will be accessible to you in the Verified.Me mobile app. 

If you register for or use the Service using the Verified.Me mobile app, and subsequently try to use the web application, you will be redirected to the mobile app and will not be able to complete transactions using the web application.

  1. YOUR RESPONSIBILITY FOR USE OF YOUR ELECTRONIC ACCESS DEVICE, YOUR CREDENTIALS AND THE ACCURACY OF YOUR USER INFORMATION

Your obligation to protect your Electronic Access Device, your Credentials, and the other information that you use to access and use your Electronic Access Device may be governed by your agreement with your Financial Institution. You will not be able to access the Service if your Financial Institution suspends or revokes your Credentials. If you suspect unauthorized use of your Credentials to access the Service, you should immediately notify your Financial Institution. Once the Service has been accessed using your Credentials, you are responsible for any instruction or consent given regarding your User Information, including any sharing transaction where your User Information has been provided to a Relying Party or another Identity & Data Provider. You must close the browser session of the Verified.Me web application upon completion of a Verified.Me transaction.

You will have an opportunity to review certain of your User Information maintained by the applicable Identity & Data Provider(s) that the Relying Party has requested be shared before you agree to share information with that Relying Party. You are responsible for ensuring that any such User Information is accurate and up to date. You are also responsible for ensuring the accuracy of your User Information in the systems of the applicable Identity & Data Provider(s) before you share it. If any User Information is inaccurate, you agree to notify the Identity & Data Provider that maintains such User Information before you agree to share that User Information through the Service. In addition, you agree that you will not knowingly use the Service to share any inaccurate User Information.

  1. PERSONAL INFORMATION

When you agree to share User Information from your Identity & Data Provider(s) with a Relying Party through the Service, you are providing express consent to share all Personal Information that is included in such User Information. Although your User Information was originally collected by or on behalf of your Identity & Data Provider(s) under their respective terms and privacy policies, when you authorize your User Information to be shared with a Relying Party through the Service, you consent to the handling of all User Information shared through the Service (including all Personal Information) in accordance with this Agreement, including, for greater certainty, the Verified.Me Privacy Notice.

For more information about the collection, use and disclosure of your Personal Information as part of the Service, please see the Verified.Me Privacy Notice.

Once your User Information has been sent to a Relying Party through the Service with your consent (other than to another Identity & Data Provider for the purposes of adding them as a connection), it is handled in accordance with the Relying Party’s privacy policy, its agreements with you, and all applicable laws. 

When you share your User Information with a Relying Party that is another Identity & Data Provider for the purposes of adding them as a connection, that Identity & Data Provider is only entitled to use and handle that User Information for the purposes of attempting to match that information with information about you in its or its service provider’s  systems or records to facilitate their addition as a connection and for no other purpose.  Subject to this agreed limited use, your User Information is collected, used, disclosed and retained by the Identity & Data Provider in accordance with its privacy policy, any agreements it has with you and all applicable laws.

Neither SecureKey, nor any Identity & Data Provider is responsible or liable for any use or disclosure by any Relying Party of User Information provided to that Relying Party through the Service.

  1. MODIFICATION OF SERVICE OR TERMINATION OF SERVICE BY US

Modification

We reserve the right at any time to modify the Service, including the addition, modification or removal of Service features or functionality (collectively, a “Modification”). Information on Modifications will be made available at https://verified.me and/or through the Verified.Me application. All Modifications will be subject to this Agreement. Subject to section 12, if applicable, your continued use of the Service after implementation of a Modification will mean that you agree to that Modification and its applicability to you.

Suspension or Termination

We reserve the right to interrupt, restrict or limit your use of the Service (or any part thereof), or to temporarily or permanently suspend, discontinue or terminate the Service or your participation in it, at any time.

  1. DISCONTINUING THE USE OF THE SERVICE BY YOU

You may discontinue your use of the Service at any time by closing your Verified.Me account.

You can close your Verified.Me account in the mobile application by following the steps listed in the ‘Delete Verified.Me Account’ section of the Verified.Me mobile application. If you are using the Verified.Me web application, please follow the steps outlined here: How to Close your Verified.Me Account. You may also be able to close your Verified.Me account through your Financial Institution.

Closing your Verified.Me account will mean that you no longer have an active Verified.Me account, you will not be able to initiate new transactions to share User Information with Relying Parties, sharing transactions that you previously authorized may not be completed, and you will not have access to any transaction records that summarize previous Verified.Me account activities. However, closing your Verified.Me account will not affect (1) any of the User Information held by your Identity & Data Providers or shared with your Relying Parties, or (2) any transaction records maintained by the Service.

If you wish to use the Service in the future after closing your Verified.Me account, you will need to complete the Service registration process again and set up a new Verified.Me account. You can use your existing Credentials to open your new Verified.Me account.

Deleting the Service’s mobile application from your Electronic Access Device will not close your Verified.Me account and will not affect any sharing transaction that you previously authorized. You will be able to access your Verified.Me account in the future by reinstalling the Verified.Me mobile application on your Electronic Access Device and re-entering your Credentials for your Financial Institution.

  1. INTELLECTUAL PROPERTY OWNERSHIP, RESERVATION OF RIGHTS

The Service is the intellectual property of SecureKey and its suppliers and licensors, and is protected by law, including the intellectual property laws of Canada, the United States and other countries, and by international treaty provisions. Except as expressly stated in this Agreement, this Agreement does not grant you any ownership rights in or to the intellectual property in the Service. All rights in the Service not expressly granted are reserved by SecureKey and its suppliers and licensors.

  1. THIRD PARTY OFFERINGS

The Service is designed to facilitate your interaction with various online services, websites and applications offered by Relying Parties (or, in certain instances, one of your Identity & Data Providers), including your access to or purchase of any products, services or information from them (“Third Party Offerings”). Third Party Offerings are provided by the applicable third party, and are not provided as part of the Service.

Your access to and use of any Third Party Offering, is governed by the terms and conditions respecting such Third Party Offering found on or through the applicable website, application or elsewhere (“Third Party Terms”). This Agreement does not change any Third Party Terms. You are solely responsible for fulfilling any commitments you make to the third party making the Third Party Offering available to you.

No Released Party endorses or makes any representations, warranties or guarantees with respect to any Third Party Offering, or is liable to you in any way with respect to any Third Party Offering (except if it is also the provider of the Third Party Offering, in which case the Third Party Terms apply to such Third Party Offering).

 

LIMITATIONS AND WARRANTIES CLAUSES:

  1. No Warranties or Conditions

You agree that your use of and access to the Service is at your sole risk. The Service is provided on an “as is” and an “as available” basis.

No Released Party warrants the performance or results you may obtain by using the Service or that the Service will be error-free or uninterrupted, except to the extent any warranty, condition, representation or term cannot or may not be excluded or limited by law applicable to you in your jurisdiction.

Without limiting the foregoing, no Released Party makes any representations, warranties or conditions (express, implied or collateral whether by statute, common law, custom, course of dealing, usage of trade or otherwise) as to the Service including non-infringement of third party rights, merchantability, title, integration, security, accessibility, availability, accuracy, reliability, quiet enjoyment, satisfactory quality, or fitness for any particular or general purpose.

  1. Limitation of Liability

If you are a consumer within the meaning of applicable provincial or territorial consumer protection legislation, this section does not limit any legal rights that such legislation does not allow you as a consumer to waive. In particular, the limitation of SecureKey’s liability for the consequences of its acts will not apply if (1) the Consumer Protection Act (Quebec) applies to this Agreement, and (2) you are a consumer within the meaning of that Act and you reside or are domiciled in the Province of Quebec. The liability of each Released Party will be limited to the fullest extent permitted by applicable law.

SecureKey is not charging you for the Service based, in part, on the allocation of liability between you and each Released Party as set out in this section.

No Released Party will be responsible for lost profits, revenues, business or data; loss of privacy; damage to reputation; indirect, incidental, special, consequential, exemplary or punitive or other similar damages; or, to the extent permitted by law, direct losses or damages; in each case, relating to, arising out of, or in any way in connection with this Agreement or your use of or inability to use the Service, regardless of the cause of action (for example, contract, tort or otherwise), even if any Released Party has been advised of the possibility of such damages.

This Agreement sets forth the entire liability of the Released Parties and your exclusive remedy with respect to the Service and its use.

 

GENERAL CLAUSES:

  1. Assignment

You may not assign this Agreement. We may assign this Agreement to any successor provider of the Service by providing notice to you.

  1. Entire Agreement

This Agreement represents the entire agreement between you and us concerning the Service.

  1. Amendment and Termination of the Agreement

Amendment

We reserve the right at any time to amend this Agreement by notifying you of such amendment at https://verified.me/terms-conditionsand/or through the Verified.Me Service when you next use it. Your continued use of the Service after being notified of an amendment will mean that you agree to the new form of this Agreement, as amended.

If you do not agree to an amendment, you must close your Verified.Me account as contemplated in section 5. You may not amend this Agreement


Termination

You may terminate this Agreement at any time for any reason by closing your Verified.Me account as contemplated in section 5.

This Agreement will terminate immediately without notice from us if you fail to comply with any provision of this Agreement, if we permanently terminate the Service or your participation in the Service or if your Verified.Me account is permanently closed for any reason.

Upon the termination of this Agreement, you will no longer be able to access the Service.

  1. Governing Law and Jurisdiction

If you reside or are domiciled in the Province of Quebec, this Agreement is governed by the laws of the Province of Quebec, and any dispute relating to this Agreement will be subject to the exclusive jurisdiction of the Courts of the Province of Quebec.

Otherwise, you agree that this Agreement is governed by the laws of the Province of Ontario, and that any dispute relating to this Agreement will be subject to the exclusive jurisdiction of the Courts of the Province of Ontario, in the City of Toronto.

  1. Additional Provisions

If any part of this Agreement is found to be void or invalid and unenforceable, it will not affect the validity of the remaining provisions of this Agreement, which will remain valid and enforceable according to its terms. The failure to enforce any term of this Agreement on one occasion will not prevent enforcement on any other occasion or the enforcement of any other term. Headings and captions will not be considered included for purposes of interpretation or application hereof, but are for convenience only.

Unless otherwise required by applicable law (1) you agree that you may not bring a legal action, regardless of form, for any claim arising out of or related to this Agreement more than two years after the cause of action arose, and (2) upon the expiration of such time limit, any such claim and all respective rights related to the claim lapse.

Except as expressly stated in this Agreement, there are no third party beneficiaries to this Agreement. The parties expressly acknowledge and agree that the Released Parties are third party beneficiaries of this Agreement, and it is agreed that we are acting as agent and trustee for them in respect of their rights under this Agreement.

  1. Survival

Sections 2, 3, 5, 6, 8, 9, 10, 11, 13, 14 and this section 15, and such other provisions that by their nature should survive termination will survive the termination of this Agreement for any reason.

  1. Contact Information

If you have any questions, suggestions or feedback (collectively, “feedback”) about the Service or this Agreement, please submit such feedback to feedback@verified.me.  By submitting feedback to us, you agree that we may use such feedback for any purpose related to the Service without any obligation to compensate you.

  1. Copies of These Terms

A copy of this Agreement will be available through our mobile application and on our website at https://verified.me/terms-conditions. If you wish to retain a copy of this Agreement, you may print it from our website, email it to yourself through the mobile application, or download or print it from the web application.

Trademark

©SecureKey Technologies Inc. All rights reserved. The images and logos used in the Verified.Me services may be protected under applicable copyrights, trademark and other intellectual property laws and regulations, and may be owned or otherwise licensed by SecureKey or other network participants.

Additional Participant Terms

Equifax Legal Information

Equifax Canada Co. (“Equifax”) is a registered Canadian credit bureau that maintains your Canadian consumer credit file. Your Canadian consumer credit file has, with your consent, been made available to you by Equifax through the Verified.Me service provided by SecureKey to provide you with your educational Equifax consumer credit report. The Equifax consumer credit report provided here is current as of the date indicated on your report. For a full copy of your up to date Equifax credit file, please contact Equifax directly.

The Equifax Risk Score [or Equifax credit score] is based on Equifax’s proprietary model and may not be the same score used by third parties to assess your creditworthiness. The provision of this score to you is intended for your own educational use. Third parties will take into consideration other information in addition to a credit score when evaluating your creditworthiness.

Equifax* is a trademark of Equifax used under license.

Government Sign-in by Verified.Me EULA and Privacy Notice

Terms and Conditions

CREDENTIAL BROKERAGE SERVICE END USER AGREEMENT

PLEASE CAREFULLY READ THE FOLLOWING AGREEMENT BEFORE AGREEING TO USE THIS CREDENTIAL BROKERAGE SERVICE (THE “SERVICE”). THE SERVICE ALLOWS YOU TO AUTHENTICATE YOUR CREDENTIALS (AS DEFINED BELOW) FOR USE AT THIS WEBSITE AND CERTAIN OTHER WEBSITES OPERATED BY THE GOVERNMENT OF CANADA. THIS AGREEMENT IS BETWEEN YOU AND SECUREKEY TECHNOLOGIES INC., WHO IS THE OPERATOR OF THE SERVICE, AND APPLIES TO YOUR USE OF THE SERVICE. BY USING THE SERVICE YOU ARE AGREEING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THIS AGREEMENT, YOU MAY NOT USE THE SERVICE.

DEFINITIONS:

  • “Agreement”means this Credential Brokerage Service End User Agreement, as may be amended by SecureKey from time to time upon notice to you in accordance with section 11 hereof.
  • “Credential Service Provider”means the financial institution, or other service provider, that provides to you the Credentials you use to access the Service.
  • “Credentials”means the authentication credentials, such as username, password, and/or card number or other information, of your Credential Service Provider that you use in connection with the Service.
  • “Government Websites”means the websites operated by or on behalf of the Government of Canada with which the Service may be used.
  • “Modification”has the meaning given to it in section 4 hereof.
  • “Personal Information”means all information about you, including without limitation, information such as your name, your email address, your home phone number, or your mailing address or any other information that can be used to identify you.
  • “Released Parties”means SecureKey, the Government of Canada, the financial institutions and other Credential Service Providers with which you use the Service, and, as applicable, their respective parent companies, affiliates, subsidiaries, divisions, suppliers and service providers, and all of their respective directors, officers, employees and agents.
  • “SecureKey”“us”“we”or “our” have the meanings given to them in section 1 hereof.
  • “SecureKey System”means the SecureKey online authentication system used to operate the Service. The SecureKey System does not include the Third Party Offerings.
  • “Service”has the meaning provided in the initial paragraph above. For clarity, the Service consists solely of the service of facilitating the use of your Credentials to provide access to certain Government Websites, including the authentication of your Credentials for this purpose by your Credential Service Provider, and does not include any other services, whether provided by us, by the Government of Canada, by the Credential Service Provider or by other Third Party Offerings. In particular, the Service does not include any services provided to you by the Government Websites you access using the Service, or any other service, including financial or banking services provided to you by your Credential Service Provider.
  • “Third Party Offerings”has the meaning given to it in section 6 hereof.
  • “You”or “Your” means the person who wishes to use the Service and has Credentials with a Credential Service Provider.

CLAUSES

  1. The Service

The Service is provided by SecureKey Technologies Inc. (referred to herein as “SecureKey”“us”“we” or “our”). The Service allows you to authenticate your credentials at certain Government Websites by using your Credentials. For the purposes of this Agreement, unless explicitly stated otherwise, any new features or services that augment or enhance the Service in the future shall be considered part of the Service and subject to this Agreement.

  1. Your Responsibility for use of Your Credentials

You are responsible for any use of the Service made with your Credentials. You should safeguard your Credentials and should not allow any other person to use them. If you suspect unauthorized access to your Credentials, you should immediately notify your Credential Service Provider. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Personal Information

SecureKey does not collect any Personal Information from you in the operation of the Service. Any Personal Information collected from you when you access the Government Websites using the Service is collected by the Government of Canada, and is subject to the privacy policy of the Government of Canada and all applicable laws. Any Personal Information collected from you when you access websites operated by or on behalf of your Credential Service Provider with which the Service may be used is collected by your Credential Service Provider, and is subject to the privacy policy of your Credential Service Provider and all applicable laws.

  1. Modification of Service or Termination of Service or this Agreement by Us

We reserve the right at any time to interrupt, restrict, modify or discontinue, temporarily or permanently, the Service, add or subtract Service features or limit usage of the Service (or any part thereof) (collectively, a “Modification”) with or without notice to you, provided that if we permanently cease providing the Service we will post a notice on this website to that effect. Your continued use of the Service after any Modification will mean that you agree to such Modification and its applicability to you.

We reserve the right to terminate your participation in the Service at any time. We may terminate this Agreement at any time for any reason. Your rights under this Agreement will terminate immediately without notice from us: (i) if you fail to comply with any term(s) of this Agreement; or (ii) if we terminate this Agreement. Upon the termination of this Agreement, you agree to immediately cease using the Service.

You agree that the Released Parties will not be liable to you for any Modification or termination of any part or all of the Service or your participation in the Service.

  1. Intellectual Property Ownership, Reservation of Rights

The Service and the SecureKey System are the intellectual property of SecureKey and its suppliers, and are protected by law, including, without limitation, the copyright laws of Canada, the United States and other countries, and by international treaty provisions. Except as expressly stated herein, this Agreement does not grant you any intellectual property rights in the Service or the SecureKey System. All rights therein not expressly granted are reserved by SecureKey and its suppliers. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Third Party Offerings

The Service is designed to interoperate with various online services, websites and applications (“Third Party Offerings”). These Third Party Offerings include, but are not limited to, Government Websites and websites operated by your Credential Service Provider. Your access to and use of any Third Party Offering, including your access to or purchase of any products, services or information, is governed by the provider’s terms and conditions respecting such offerings. This Agreement does not amend or modify any such terms and conditions. You are solely responsible for fulfilling any financial commitments you make to such providers. Third Party Offerings are not provided by SecureKey and SecureKey does not endorse or make any representations, warranties or guarantees of any kind with respect to Third Party Offerings, and is not liable to you in any way with respect to Third Party Offerings.

LIMITATIONS

  1. No Warranties

THE RELEASED PARTIES SPECIFICALLY DISCLAIM ANY RESPONSIBILITY AND ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, AS TO THE OPERATION OF THE SERVICE. YOU AGREE THAT YOUR USE OF AND ACCESS TO THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND AN “AS AVAILABLE” BASIS. THE RELEASED PARTIES DO NOT WARRANT THE PERFORMANCE OR RESULTS YOU MAY OBTAIN BY USING THE SERVICE EXCEPT TO THE EXTENT ANY WARRANTY, CONDITION, REPRESENTATION OR TERM CANNOT OR MAY NOT BE EXCLUDED OR LIMITED BY LAW APPLICABLE TO YOU IN YOUR JURISDICTION. THE RELEASED PARTIES MAKE NO REPRESENTATIONS, WARRANTIES, CONDITIONS, OR TERMS (EXPRESS OR IMPLIED WHETHER BY STATUTE, COMMON LAW, CUSTOM, USAGE OR OTHERWISE) AS TO THE SERVICE INCLUDING WITHOUT LIMITATION NONINFRINGEMENT OF THIRD PARTY RIGHTS, MERCHANTABILITY, INTEGRATION, SATISFACTORY QUALITY, OR FITNESS FOR ANY PARTICULAR PURPOSE.

  1. Limitation of Liability

IN NO EVENT SHALL THE RELEASED PARTIES BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DAMAGES, CLAIMS OR COSTS WHATSOEVER, INCLUDING SPECIAL, INDIRECT, CONSEQUENTIAL OR PUNITIVE LOSS ARISING OUT OF THIS AGREEMENT OR YOUR USE OF THE SECUREKEY SYSTEM OR SERVICE, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF BUSINESS OR GOODWILL, LOSS OF USE (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE) OR ANY CLAIM BY ANY THIRD PARTY. THE RELEASED PARTIES SHALL NOT BE LIABLE IF THE SERVICE CANNOT BE PROVIDED (OR ANY PART THEREOF) OR FOR ANY FAILURE TO PERFORM ANY OBLIGATIONS CONTAINED IN THIS AGREEMENT DUE TO, DIRECTLY OR INDIRECTLY, THE FAILURE OF ANY EQUIPMENT OR ANY INDUSTRIAL DISPUTE, WAR, FLOOD, EXPLOSION, ACT OF GOD OR ANY OTHER EVENT BEYOND OUR CONTROL.

IN ADDITION, NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, ALTHOUGH WE WILL TAKE REASONABLE PRECAUTIONS TO PROTECT THE SERVICE AND AVOID DELETION, CORRUPTION OR UNAUTHORIZED MODIFICATION OR ACCESS OF OR TO THE SERVICE, AND TO PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED, NO REPRESENTATION OR WARRANTY OR CONDITION OF FITNESS OR MERCHANTABILITY SHALL BE CONSTRUED UNDER THIS AGREEMENT. THE RELEASED PARTIES SPECIFICALLY DISCLAIM ALL LIABILITY WHATSOEVER WITH RESPECT TO ANY FAILURE TO PROTECT THE SERVICE OR PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED. THE PROVISIONS OF SECTIONS 7 AND 8 OF THIS AGREEMENT SHALL SURVIVE THE TERMINATION OR EXPIRATION OF THIS AGREEMENT, FOR ANY REASON.

  1. Indemnity

You agree to indemnify and hold harmless the Released Parties from any loss, liability, claim, or demand, including reasonable legal fees, made by any third party due to or arising out of your use of the Service or any use of your Credentials with the Service by any other person, in violation of this Agreement and/or arising from a breach of this Agreement and/or any breach of your representations and warranties set forth herein. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Assignment

You may not assign this Agreement.

  1. Entire Agreement

This Agreement represents the entire agreement between you and us concerning the Service for accessing Government Websites (you and we may enter into other agreements for credential brokering services for other purposes). You may not amend this Agreement. We may amend this Agreement on notice to you. This Agreement is in addition to any agreement between you and the Credential Service Provider. If any part of this Agreement is found invalid, the balance of the Agreement remains enforceable.

  1. Governing Law and Jurisdiction

This Agreement is governed by and subject to the laws of the Province of Ontario, and any dispute under or in relation to this Agreement shall be subject to the exclusive jurisdiction of the Courts of the Province of Ontario, in the City of Toronto.

  1. Additional Provisions

The Service is void where prohibited by law. If any part of this Agreement is found void and unenforceable, it will not affect the validity of the balance of the Agreement, which shall remain valid and enforceable according to its terms. The failure to enforce any term of this Agreement on one occasion shall not prevent enforcement on any other occasion or the enforcement of any other term. Headings and captions shall not be considered included for purposes of interpretation or application hereof, but are for convenience only.

  1. Contact Information

If you have any questions about this Agreement including the Service, please visit www.securekey.com.

Privacy Notice

Government Sign-in by Verified.Me (the “SecureKey Service”) is a service designed to allow the end user to authenticate themselves on certain websites of the Government of Canada (the “Relying Parties”), using credentials they have been provided by their financial institution or other Sign-In Partners. The SecureKey Service is managed by SecureKey Technologies Inc. (“SecureKey”, “us”, or “we”).

SecureKey is committed to respecting and valuing your privacy and security. The information below in this Privacy Notice constitutes a summary of the privacy practices that apply to your use of the SecureKey Service. By using the SecureKey Service, you agree and consent to our use of information in accordance with this Privacy Notice.

If you do not wish to use the SecureKey Service, the Relying Parties’ online services do allow you to use alternative government credentials, as well as provide options to access such services by phone, fax, mail, or in person. For further details, contact the Relying Party.

The End User Information We Collect

We do not collect or use your personally identifying information in the operation of the SecureKey Service. This is achieved through the use of anonymous authentication requests and anonymous identifiers in the authentication responses. The personal information you provide to your Sign-In Partner is not collected by us, it is provided by you to your Sign-In Partner pursuant to their privacy policy, and is not provided by them to us. In addition, the personal information you provide to the Relying Parties to use their services is not provided to us.

In addition to the anonymous identifiers, the following information relating to end users is generated and used in the operation of the SecureKey Service (“End User Information”):

  • An anonymous session identifier (contained in a session cookie);
  • The end user’s language preference (contained in a session cookie);
  • The end user’s Internet Protocol (IP) address.

Details as to how we use this information are listed below.

How We Use End User Information

We use your End User information to provide you with the SecureKey Service. This includes providing this information to the Sign-In Partners and the Relying Parties to the extent required to provide you with the service.

The SecureKey Service uses session cookies. Session cookies are only active for the duration of the session, and contain a session identifier, but no personally identifiable information. The session cookie will be automatically deleted by your browser when the cookie expires. If you want to use the SecureKey Service, your browser must accept cookies.

The SecureKey Service monitors network traffic to identify unauthorized authentication requests or otherwise protect the SecureKey Service from damage (for example from virus attacks). This includes identifying the IP address of the computer that has contacted our web sites, the date and time of the visit and information about the request made. SecureKey will not use this Information for marketing purposes.

Our Disclosure of End User Information

We only disclose End User Information to Sign-In Partners and Relying Parties, and only in connection with the ordinary operation of the SecureKey Service. In addition, if we cease to act as the manager of the SecureKey Service, the Relying Parties have the right to receive from us or to cause us to deliver to a replacement service manager the End User Information of their end users, so that end users can continue to receive services.

We may disclose End User Information (a) to any governmental authority as part of an investigation to determine our compliance with any applicable law, rule, or regulation (including privacy laws, rules, and regulations), (b) in response to a court order, subpoena, discovery request, or other lawful judicial or administrative proceeding, (c) as otherwise required under any applicable law, rule, or regulation, and (d) in good faith, to protect or defend our rights or property or those of other persons.

Finally, if we sell our business or the part thereof that operates the SecureKey Service, we will transfer to the purchaser our copy of the End User Information, so that the purchaser can continue to operate the service.

If you require clarification about this statement, please contact our Privacy Office by email at cpo@securekey.com, by phone at 416-477-5625, or in writing to SecureKey Privacy Office, 4101 Yonge Street, Suite 501, Toronto, ON M2P 2E3. SecureKey’s general Privacy Policy can be obtained by visiting SecureKey’s website (www.securekey.com).

For more information on privacy issues and PIPEDA in general, please consult the Department of Justice / PIPEDA website, or call 1-800-O-Canada (1-800-622-6232).

Each Relying Party and Credential Service Provider has their own Privacy Policy. For more information please refer to the specific RP or CSP website.

Government Sign-in by Verified.Me EULA and Privacy Notice for EPQ

CREDENTIAL BROKERAGE SERVICE END USER AGREEMENT

PLEASE CAREFULLY READ THE FOLLOWING AGREEMENT BEFORE AGREEING TO USE THIS CREDENTIAL BROKERAGE SERVICE (THE “SERVICE”). THE SERVICE ALLOWS YOU TO AUTHENTICATE YOUR CREDENTIALS (AS DEFINED BELOW) FOR USE AT THE WEBSITE OPERATED BY REVENU QUÉBEC. THIS AGREEMENT IS BETWEEN YOU AND SECUREKEY TECHNOLOGIES INC., WHO IS THE OPERATOR OF THE SERVICE, AND APPLIES TO YOUR USE OF THE SERVICE. BY USING THE SERVICE YOU ARE AGREEING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THIS AGREEMENT, YOU MAY NOT USE THE SERVICE.

DEFINITIONS

  • “Agreement” means this Credential Brokerage Service End User Agreement, as may be amended by SecureKey from time to time upon notice to you in accordance with section 11 hereof.
  • “Credential Service Provider” means the financial institution, or other service provider, that provides to you the Credentials you use to access the Service.
  • “Credentials” means the authentication credentials, such as username, password, and/or card number or other information, of your Credential Service Provider that you use in connection with the Service.
  • “Modification” has the meaning given to it in section 4 hereof.
  • “Personal Information” means all information about you, including without limitation, information such as your name, your email address, your home phone number, or your mailing address or any other information that can be used to identify you.
  • “Released Parties” means SecureKey, Revenu Québec, the financial institutions and other Credential Service Providers with which you use the Service, and, as applicable, their respective parent companies, affiliates, subsidiaries, divisions, suppliers and service providers, and all of their respective directors, officers, employees and agents.
  • “Revenu Québec Website” means the website operated by or on behalf of Revenu Québec with which the Service may be used.
  • “SecureKey”, “us”, “we” or “our” have the meanings given to them in section 1 hereof.
  • “SecureKey System” means the SecureKey online authentication system used to operate the Service. The SecureKey System does not include the Third Party Offerings.
  • “Service” has the meaning provided in the initial paragraph above. For clarity, the Service consists solely of the service of facilitating the use of your Credentials to provide access to the Revenu Québec Website, including the authentication of your Credentials for this purpose by your Credential Service Provider, and does not include any other services, whether provided by us, by Revenu Québec, by the Credential Service Provider or by other Third Party Offerings. In particular, the Service does not include any services provided to you by the Revenu Québec Website to which you access using the Service, or any other service, including financial or banking services provided to you by your Credential Service Provider.
  • “Third Party Offerings” has the meaning given to it in section 6 hereof.
  • “You” or “Your” means the person who wishes to use the Service and has Credentials with a Credential Service Provider.

CLAUSES

  1. The Service

The Service is provided by SecureKey Technologies Inc. (referred to herein as “SecureKey”, “us”, “we” or“our”). The Service allows you to authenticate your credentials at the Revenu Québec Website by using your Credentials. For the purposes of this Agreement, unless explicitly stated otherwise, any new features or services that augment or enhance the Service in the future shall be considered part of the Service and subject to this Agreement.

  1. Your Responsibility for use of Your Credentials

You are responsible for any use of the Service made with your Credentials. You should safeguard your Credentials and should not allow any other person to use them. If you suspect unauthorized access to your Credentials, you should immediately notify your Credential Service Provider. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Personal Information

Except for the IP address of the computer that communicates with our Websites, SecureKey does not collect any other Personal Information from you in the operation of the Service. Any Personal Information collected from you when you access the Revenu QuébecWebsite using the Service is collected by Revenu Québec, and is subject without limitation to the provisions of the Tax Administration Act (CQLR, c. A-6.002) and of the Act respecting Access to documents held by public bodies and the Protection of personal information (CQLR, c. A-2.1). Any Personal Information collected from you when you access websites operated by or on behalf of your Credential Service Provider with which the Service may be used is collected by your Credential Service Provider, and is subject to the privacy policy of your Credential Service Provider and all applicable laws.

  1. Modification of Service or Termination of Service or this Agreement by Us

We reserve the right at any time to interrupt, restrict, modify or discontinue, temporarily or permanently, the Service, add or subtract Service features or limit usage of the Service (or any part thereof) (collectively, a “Modification”) with or without notice to you, provided that if we permanently cease providing the Service we will post a notice on this website to that effect. Your continued use of the Service after any Modification will mean that you agree to such Modification and its applicability to you.

We reserve the right to terminate your participation in the Service at any time. We may terminate this Agreement at any time for any reason with reasonable notice or immediately for a serious reason. Your rights under this Agreement will terminate immediately without notice from us: (i) if you fail to comply with any term(s) of this Agreement; or (ii) if we terminate this Agreement. Upon the termination of this Agreement, you agree to immediately cease using the Service.

You agree that the Released Parties will not be liable to you for any Modification or termination of any part or all of the Service or your participation in the Service.

If you are a consumer within the meaning of the Consumer Protection Act (CQLR, c. P-40.1), we will send you prior notice of 30 days of the modification of or termination of your participation in the Service. You may refuse the modification by notifying us within 30 days after such modification comes into force.

  1. Intellectual Property Ownership, Reservation of Rights

The Service and the SecureKey System are the intellectual property of SecureKey and its suppliers, and are protected by law, including, without limitation, the copyright laws of Canada, the United States and other countries, and by international treaty provisions. Except as expressly stated herein, this Agreement does not grant you any intellectual property rights in the Service or the SecureKey System. All rights therein not expressly granted are reserved by SecureKey and its suppliers. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Third Party Offerings

The Service is designed to interoperate with various online services, websites and applications (“Third Party Offerings”). These Third Party Offerings include, but are not limited to, Government Websites and websites operated by your Credential Service Provider. Your access to and use of any Third Party Offering, including your access to or purchase of any products, services or information, are governed by the provider’s terms and conditions respecting such offerings. This Agreement does not amend or modify any such terms and conditions. You are solely responsible for fulfilling any financial commitments you make to such providers. Third Party Offerings are not provided by SecureKey and SecureKey does not endorse or make any representations, warranties or guarantees of any kind with respect to Third Party Offerings, and is not liable to you in any way with respect to Third Party Offerings.

LIMITATIONS

  1. No Warranties

THE RELEASED PARTIES SPECIFICALLY DISCLAIM ANY RESPONSIBILITY AND ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, AS TO THE OPERATION OF THE SERVICE. YOU AGREE THAT YOUR USE OF AND ACCESS TO THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND AN “AS AVAILABLE” BASIS. THE RELEASED PARTIES MAKE NO REPRESENTATION OR CONDITION AND DO NOT WARRANT THE PERFORMANCE OR RESULTS YOU MAY OBTAIN BY USING THE SERVICE EXCEPT TO THE EXTENT ANY WARRANTY, CONDITION, REPRESENTATION OR TERM CANNOT OR MAY NOT BE EXCLUDED OR LIMITED BY LAW APPLICABLE TO YOU IN YOUR JURISDICTION. THE RELEASED PARTIES MAKE NO REPRESENTATIONS, WARRANTIES, CONDITIONS, OR TERMS (EXPRESS OR IMPLIED WHETHER BY STATUTE, CUSTOM, USAGE OR OTHERWISE) AS TO THE SERVICE INCLUDING WITHOUT LIMITATION NON-INFRINGEMENTOF THIRD PARTY RIGHTS, MERCHANTABILITY, INTEGRATION, SATISFACTORY QUALITY, OR FITNESS FOR ANY PARTICULAR PURPOSE.

  1. Limitation of Liability

IN NO EVENT SHALL THE RELEASED PARTIES BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DAMAGES, CLAIMS OR COSTS WHATSOEVER, INCLUDING SPECIAL, INDIRECT, CONSEQUENTIAL OR PUNITIVE DAMAGES ARISING OUT OF THIS AGREEMENT OR YOUR USE OF THE SECUREKEY SYSTEM OR SERVICE, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF BUSINESS OR GOODWILL OR REPUTATION, LOSS OF USE (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE) OR ANY CLAIM BY ANY THIRD PARTY. THE RELEASED PARTIES SHALL NOT BE LIABLE IF THE SERVICE CANNOT BE PROVIDED (OR ANY PART THEREOF) OR FOR ANY FAILURE TO PERFORM ANY OBLIGATIONS CONTAINED IN THIS AGREEMENT DUE TO, DIRECTLY OR INDIRECTLY, THE FAILURE OF ANY EQUIPMENT OR ANY INDUSTRIAL DISPUTE, WAR, FLOOD, EXPLOSION, ACT OF GOD OR ANY OTHER EVENT BEYOND THEIR CONTROL.

IN ADDITION, NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, ALTHOUGH WE WILL TAKE REASONABLE PRECAUTIONS TO PROTECT THE SERVICE AND AVOID DELETION, CORRUPTION OR UNAUTHORIZED MODIFICATION OR ACCESS OF OR TO THE SERVICE, AND TO PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED, NO REPRESENTATION OR WARRANTY OR CONDITION OF FITNESS OR MERCHANTABILITY SHALL BE CONSTRUED UNDER THIS AGREEMENT. THE RELEASED PARTIES SPECIFICALLY DISCLAIM ALL LIABILITY WHATSOEVER WITH RESPECT TO ANY FAILURE TO PROTECT THE SERVICE OR PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED. THE PROVISIONS OF SECTIONS 7 AND 8 OF THIS AGREEMENT SHALL SURVIVE THE TERMINATION OR EXPIRATION OF THIS AGREEMENT, FOR ANY REASON.

THIS LIMITATIONS OF LIABILITY IN THE FIRST AND SECOND PARAGRAPHS ABOVE DO NOT APPLY TO MATERIAL INJURYCAUSED THROUGH INTENTIONAL OR GROSS FAULT.

IN ADDITION, THIS LIMITATION OF LIABILITY DOES NOT APPLY TO YOU IF YOU ARE A CONSUMER UNDER QUEBEC’S CONSUMER PROTECTION ACT.

  1. Indemnity

You agree to indemnify and hold harmless the Released Parties from any loss, liability, claim, or demand, including reasonable legal fees, made by any third party due to or arising out of your use of the Service or any use of your Credentials with the Service by any other person, in violation of Section 2 of this Agreement and/or arising from a breach of Section 2 of this Agreement and/or any breach of your representations and warranties set forth herein. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Assignment

You may not assign this Agreement.

  1. Entire Agreement

This Agreement represents the entire agreement between you and us concerning the Service for accessing the Revenu QuébecWebsite (you and we may enter into other agreements for credential brokering services for other purposes). You may not amend this Agreement. We may amend this Agreement on notice to you. This Agreement is in addition to any agreement between you and the Credential Service Provider. If any part of this Agreement is found invalid, the balance of the Agreement remains enforceable.

  1. Governing Law and Jurisdiction

This Agreement is governed by and subject to the laws of the Province of Québec, and the federal laws applicable therein, and any dispute under or in relation to this Agreement shall be subject to the exclusive jurisdiction of the courts of the Province of Québec.

  1. Additional Provisions

The Service is void where prohibited by law. If any part of this Agreement is found void and unenforceable, it will not affect the validity of the balance of the Agreement, which shall remain valid and enforceable according to its terms. The failure to enforce any term of this Agreement on one occasion shall not prevent enforcement on any other occasion or the enforcement of any other term. Headings and captions shall not be considered included for purposes of interpretation or application hereof, but are for convenience only.

  1. Contact Information

If you have any questions about this Agreement including the Service, please visit www.securekey.com.

 

Privacy Notice

Government Sign-in by Verified.Me (the “SecureKey Service”) is a service designed to allow the end user to authenticate themselves on the Website of Revenu Quebec (the “Relying Party”), using credentials they have been provided by their financial institution or other supplier (a “Sign-In Partner”). The SecureKey Service is managed by SecureKey Technologies Inc. (“SecureKey”, “us”, or “we”).

SecureKey is committed to respecting and valuing your privacy and security. The information below in this Privacy Notice constitutes a summary of the privacy practices that apply to your use of the SecureKey Service. By using the SecureKey Service, you agree and consent to our use of information in accordance with this Privacy Notice.

If you do not wish to use the SecureKey Service, the Relying Party’s online services do allow you to use alternative government credentials, as well as provide options to access such services. For further details, contact the Relying Party.

The End User Information We Collect

Except for the IP address of the compute that communicates with our Websites, we do not collect or use your personally identifying information in the operation of the SecureKey Service. This is achieved through the use of anonymous authentication requests and anonymous identifiers in the authentication responses. The personal information you provide to your Sign-In Partner is not collected by us, it is provided by you to your Sign-In Partner pursuant to their privacy policy, and is not provided by them to us. In addition, the personal information you provide to the Relying Party to use its services is not provided to us.

In addition to the anonymous identifiers, the following information relating to end users is generated and used in the operation of the SecureKey Service (“End User Information”):

  • An anonymous session identifier (contained in a session cookie);
  • The end user’s language preference (contained in a session cookie);
  • The end user’s Internet Protocol (IP) address.

Details as to how we use this information are listed below.

How We Use End User Information

We use your End User information to provide you with the the SecureKey Service. This includes providing this information to the Sign-In Partners and the Relying Party to the extent required to provide you with the service.

The SecureKey Service uses session cookies. Session cookies are only active for the duration of the session, and contain a session identifier, but no personally identifiable information. The session cookie will be automatically deleted by your browser when the cookie expires. If you want to use the SecureKey Service, your browser must accept cookies.

The SecureKey Service monitors network traffic to identify unauthorized authentication requests or otherwise protect the SecureKey Service from damage (for example from virus attacks). This includes identifying the IP address of the computer that has contacted our web sites, the date and time of the visit and information about the request made. SecureKey will not use this Information for marketing purposes.

Our Disclosure of End User Information

We only disclose End User Information to Sign-In Partners and Relying Party, and only in connection with the ordinary operation of the SecureKey Service. In addition, if we cease to act as the manager of the SecureKey Service, the Relying Party has the right to receive from us or to cause us to deliver to a replacement service manager the End User Information of their end users, so that end users can continue to receive services.

We may disclose End User Information as permitted under the Act respecting the protection of personal information in the private sector (RSQ, c. P-39.1).

Finally, if we sell our business or the part thereof that operates the SecureKey Service, we will transfer to the purchaser our copy of the End User Information, so that the purchaser can continue to operate the service.

If you require clarification about this statement, please contact our Privacy Office by email at cpo@securekey.com, by phone at 416-477-5625, or in writing to SecureKey Privacy Office, 4101 Yonge Street, Suite 501, Toronto, ON M2P 2E3. SecureKey’s general Privacy Policy can be obtained by visiting SecureKey’s website (www.securekey.com).

For more information on privacy issues in general, please consult the Website of the Commission d’accès à l’information at http://www.cai.gouv.qc.ca/, or call 418 528-7741 or 514 873-4196.

The Relying Party and each Credential Service Provider has their own Privacy Policy. For more information please refer to the specific RP or CSP website.

Government Sign-in by Verified.Me EULA and Privacy Notice for Revenu Quebec

CREDENTIAL BROKERAGE SERVICE END USER AGREEMENT

PLEASE CAREFULLY READ THE FOLLOWING AGREEMENT BEFORE AGREEING TO USE THIS CREDENTIAL BROKERAGE SERVICE (THE “SERVICE”). THE SERVICE ALLOWS YOU TO AUTHENTICATE YOUR CREDENTIALS (AS DEFINED BELOW) FOR USE AT THE WEBSITE OPERATED BY REVENU QUÉBEC. THIS AGREEMENT IS BETWEEN YOU AND SECUREKEY TECHNOLOGIES (QUEBEC) INC., WHO IS THE OPERATOR OF THE SERVICE, AND APPLIES TO YOUR USE OF THE SERVICE. BY USING THE SERVICE YOU ARE AGREEING TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT AGREE TO THIS AGREEMENT, YOU MAY NOT USE THE SERVICE.

DEFINITIONS

  • “Agreement” means this Credential Brokerage Service End User Agreement, as may be amended by SecureKey from time to time upon notice to you in accordance with section 11 hereof.
  • “Credential Service Provider” means the financial institution, or other service provider, that provides to you the Credentials you use to access the Service.
  • “Credentials” means the authentication credentials, such as username, password, and/or card number or other information, of your Credential Service Provider that you use in connection with the Service.
  • “Modification” has the meaning given to it in section 4 hereof.
  • “Personal Information” means all information about you, including without limitation, information such as your name, your email address, your home phone number, or your mailing address or any other information that can be used to identify you.
  • “Released Parties” means SecureKey, Revenu Québec, the financial institutions and other Credential Service Providers with which you use the Service, and, as applicable, their respective parent companies, affiliates, subsidiaries, divisions, suppliers and service providers, and all of their respective directors, officers, employees and agents.
  • “Revenu Québec Website” means the website operated by or on behalf of Revenu Québec with which the Service may be used.
  • “SecureKey”, “us”, “we” or “our” have the meanings given to them in section 1 hereof.
  • “SecureKey System” means the SecureKey online authentication system used to operate the Service. The SecureKey System does not include the Third Party Offerings.
  • “Service” has the meaning provided in the initial paragraph above. For clarity, the Service consists solely of the service of facilitating the use of your Credentials to provide access to the Revenu Québec Website, including the authentication of your Credentials for this purpose by your Credential Service Provider, and does not include any other services, whether provided by us, by Revenu Québec, by the Credential Service Provider or by other Third Party Offerings. In particular, the Service does not include any services provided to you by the Revenu Québec Website to which you access using the Service, or any other service, including financial or banking services provided to you by your Credential Service Provider.
  • “Third Party Offerings” has the meaning given to it in section 6 hereof.
  • “You” or “Your” means the person who wishes to use the Service and has Credentials with a Credential Service Provider.

CLAUSES

  1. The Service

The Service is provided by SecureKey Technologies (Quebec) Inc. (referred to herein as “SecureKey”, “us”, “we” or“our”). The Service allows you to authenticate your credentials at the Revenu Québec Website by using your Credentials. For the purposes of this Agreement, unless explicitly stated otherwise, any new features or services that augment or enhance the Service in the future shall be considered part of the Service and subject to this Agreement.

  1. Your Responsibility for use of Your Credentials

You are responsible for any use of the Service made with your Credentials. You should safeguard your Credentials and should not allow any other person to use them. If you suspect unauthorized access to your Credentials, you should immediately notify your Credential Service Provider. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Personal Information

Except for the IP address of the computer that communicates with our Websites, SecureKey does not collect any other Personal Information from you in the operation of the Service. Any Personal Information collected from you when you access the Revenu QuébecWebsite using the Service is collected by Revenu Québec, and is subject without limitation to the provisions of the Tax Administration Act (CQLR, c. A-6.002) and of the Act respecting Access to documents held by public bodies and the Protection of personal information (CQLR, c. A-2.1). Any Personal Information collected from you when you access websites operated by or on behalf of your Credential Service Provider with which the Service may be used is collected by your Credential Service Provider, and is subject to the privacy policy of your Credential Service Provider and all applicable laws.

  1. Modification of Service or Termination of Service or this Agreement by Us

We reserve the right at any time to interrupt, restrict, modify or discontinue, temporarily or permanently, the Service, add or subtract Service features or limit usage of the Service (or any part thereof) (collectively, a “Modification”) with or without notice to you, provided that if we permanently cease providing the Service we will post a notice on this website to that effect. Your continued use of the Service after any Modification will mean that you agree to such Modification and its applicability to you.

We reserve the right to terminate your participation in the Service at any time. We may terminate this Agreement at any time for any reason with reasonable notice or immediately for a serious reason. Your rights under this Agreement will terminate immediately without notice from us: (i) if you fail to comply with any term(s) of this Agreement; or (ii) if we terminate this Agreement. Upon the termination of this Agreement, you agree to immediately cease using the Service.

You agree that the Released Parties will not be liable to you for any Modification or termination of any part or all of the Service or your participation in the Service.

If you are a consumer within the meaning of the Consumer Protection Act (CQLR, c. P-40.1), we will send you prior notice of 30 days of the modification of or termination of your participation in the Service. You may refuse the modification by notifying us within 30 days after such modification comes into force.

  1. Intellectual Property Ownership, Reservation of Rights

The Service and the SecureKey System are the intellectual property of SecureKey and its suppliers, and are protected by law, including, without limitation, the copyright laws of Canada, the United States and other countries, and by international treaty provisions. Except as expressly stated herein, this Agreement does not grant you any intellectual property rights in the Service or the SecureKey System. All rights therein not expressly granted are reserved by SecureKey and its suppliers. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Third Party Offerings

The Service is designed to interoperate with various online services, websites and applications (“Third Party Offerings”). These Third Party Offerings include, but are not limited to, Government Websites and websites operated by your Credential Service Provider. Your access to and use of any Third Party Offering, including your access to or purchase of any products, services or information, are governed by the provider’s terms and conditions respecting such offerings. This Agreement does not amend or modify any such terms and conditions. You are solely responsible for fulfilling any financial commitments you make to such providers. Third Party Offerings are not provided by SecureKey and SecureKey does not endorse or make any representations, warranties or guarantees of any kind with respect to Third Party Offerings, and is not liable to you in any way with respect to Third Party Offerings.

LIMITATIONS

  1. No Warranties

THE RELEASED PARTIES SPECIFICALLY DISCLAIM ANY RESPONSIBILITY AND ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, AS TO THE OPERATION OF THE SERVICE. YOU AGREE THAT YOUR USE OF AND ACCESS TO THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND AN “AS AVAILABLE” BASIS. THE RELEASED PARTIES MAKE NO REPRESENTATION OR CONDITION AND DO NOT WARRANT THE PERFORMANCE OR RESULTS YOU MAY OBTAIN BY USING THE SERVICE EXCEPT TO THE EXTENT ANY WARRANTY, CONDITION, REPRESENTATION OR TERM CANNOT OR MAY NOT BE EXCLUDED OR LIMITED BY LAW APPLICABLE TO YOU IN YOUR JURISDICTION. THE RELEASED PARTIES MAKE NO REPRESENTATIONS, WARRANTIES, CONDITIONS, OR TERMS (EXPRESS OR IMPLIED WHETHER BY STATUTE, CUSTOM, USAGE OR OTHERWISE) AS TO THE SERVICE INCLUDING WITHOUT LIMITATION NON-INFRINGEMENTOF THIRD PARTY RIGHTS, MERCHANTABILITY, INTEGRATION, SATISFACTORY QUALITY, OR FITNESS FOR ANY PARTICULAR PURPOSE.

  1. Limitation of Liability

IN NO EVENT SHALL THE RELEASED PARTIES BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DAMAGES, CLAIMS OR COSTS WHATSOEVER, INCLUDING SPECIAL, INDIRECT, CONSEQUENTIAL OR PUNITIVE DAMAGES ARISING OUT OF THIS AGREEMENT OR YOUR USE OF THE SECUREKEY SYSTEM OR SERVICE, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF BUSINESS OR GOODWILL OR REPUTATION, LOSS OF USE (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE) OR ANY CLAIM BY ANY THIRD PARTY. THE RELEASED PARTIES SHALL NOT BE LIABLE IF THE SERVICE CANNOT BE PROVIDED (OR ANY PART THEREOF) OR FOR ANY FAILURE TO PERFORM ANY OBLIGATIONS CONTAINED IN THIS AGREEMENT DUE TO, DIRECTLY OR INDIRECTLY, THE FAILURE OF ANY EQUIPMENT OR ANY INDUSTRIAL DISPUTE, WAR, FLOOD, EXPLOSION, ACT OF GOD OR ANY OTHER EVENT BEYOND THEIR CONTROL.

IN ADDITION, NOTWITHSTANDING ANYTHING TO THE CONTRARY HEREIN, ALTHOUGH WE WILL TAKE REASONABLE PRECAUTIONS TO PROTECT THE SERVICE AND AVOID DELETION, CORRUPTION OR UNAUTHORIZED MODIFICATION OR ACCESS OF OR TO THE SERVICE, AND TO PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED, NO REPRESENTATION OR WARRANTY OR CONDITION OF FITNESS OR MERCHANTABILITY SHALL BE CONSTRUED UNDER THIS AGREEMENT. THE RELEASED PARTIES SPECIFICALLY DISCLAIM ALL LIABILITY WHATSOEVER WITH RESPECT TO ANY FAILURE TO PROTECT THE SERVICE OR PROVIDE THE SERVICE ERROR-FREE OR UNINTERRUPTED. THE PROVISIONS OF SECTIONS 7 AND 8 OF THIS AGREEMENT SHALL SURVIVE THE TERMINATION OR EXPIRATION OF THIS AGREEMENT, FOR ANY REASON.

THIS LIMITATIONS OF LIABILITY IN THE FIRST AND SECOND PARAGRAPHS ABOVE DO NOT APPLY TO MATERIAL INJURYCAUSED THROUGH INTENTIONAL OR GROSS FAULT.

IN ADDITION, THIS LIMITATION OF LIABILITY DOES NOT APPLY TO YOU IF YOU ARE A CONSUMER UNDER QUEBEC’S CONSUMER PROTECTION ACT.

  1. Indemnity

You agree to indemnify and hold harmless the Released Parties from any loss, liability, claim, or demand, including reasonable legal fees, made by any third party due to or arising out of your use of the Service or any use of your Credentials with the Service by any other person, in violation of Section 2 of this Agreement and/or arising from a breach of Section 2 of this Agreement and/or any breach of your representations and warranties set forth herein. This Section shall survive the termination or expiration of this Agreement for any reason.

  1. Assignment

You may not assign this Agreement.

  1. Entire Agreement

This Agreement represents the entire agreement between you and us concerning the Service for accessing the Revenu QuébecWebsite (you and we may enter into other agreements for credential brokering services for other purposes). You may not amend this Agreement. We may amend this Agreement on notice to you. This Agreement is in addition to any agreement between you and the Credential Service Provider. If any part of this Agreement is found invalid, the balance of the Agreement remains enforceable.

  1. Governing Law and Jurisdiction

This Agreement is governed by and subject to the laws of the Province of Québec, and the federal laws applicable therein, and any dispute under or in relation to this Agreement shall be subject to the exclusive jurisdiction of the courts of the Province of Québec.

  1. Additional Provisions

The Service is void where prohibited by law. If any part of this Agreement is found void and unenforceable, it will not affect the validity of the balance of the Agreement, which shall remain valid and enforceable according to its terms. The failure to enforce any term of this Agreement on one occasion shall not prevent enforcement on any other occasion or the enforcement of any other term. Headings and captions shall not be considered included for purposes of interpretation or application hereof, but are for convenience only.

  1. Contact Information

If you have any questions about this Agreement including the Service, please visit www.securekey.com.

 

Privacy Notice

Government Sign-in by Verified.Me (the “SecureKey Service”) is a service designed to allow the end user to authenticate themselves on the Website of Revenu Quebec (the “Relying Party”), using credentials they have been provided by their financial institution or other supplier (a “Sign-In Partner”). The SecureKey Service is managed by SecureKey Technologies (Quebec) Inc. (“SecureKey”, “us”, or “we”).

SecureKey is committed to respecting and valuing your privacy and security. The information below in this Privacy Notice constitutes a summary of the privacy practices that apply to your use of the SecureKey Service. By using the SecureKey Service, you agree and consent to our use of information in accordance with this Privacy Notice.

If you do not wish to use the SecureKey Service, the Relying Party’s online services do allow you to use alternative government credentials, as well as provide options to access such services. For further details, contact the Relying Party.

The End User Information We Collect

Except for the IP address of the compute that communicates with our Websites, we do not collect or use your personally identifying information in the operation of the SecureKey Service. This is achieved through the use of anonymous authentication requests and anonymous identifiers in the authentication responses. The personal information you provide to your Sign-In Partner is not collected by us, it is provided by you to your Sign-In Partner pursuant to their privacy policy, and is not provided by them to us. In addition, the personal information you provide to the Relying Party to use its services is not provided to us.

In addition to the anonymous identifiers, the following information relating to end users is generated and used in the operation of the SecureKey Service (“End User Information”):

  • An anonymous session identifier (contained in a session cookie);
  • The end user’s language preference (contained in a session cookie);
  • The end user’s Internet Protocol (IP) address.

Details as to how we use this information are listed below.

How We Use End User Information

We use your End User information to provide you with the the SecureKey Service. This includes providing this information to the Sign-In Partners and the Relying Party to the extent required to provide you with the service.

The SecureKey Service uses session cookies. Session cookies are only active for the duration of the session, and contain a session identifier, but no personally identifiable information. The session cookie will be automatically deleted by your browser when the cookie expires. If you want to use the SecureKey Service, your browser must accept cookies.

The SecureKey Service monitors network traffic to identify unauthorized authentication requests or otherwise protect the SecureKey Service from damage (for example from virus attacks). This includes identifying the IP address of the computer that has contacted our web sites, the date and time of the visit and information about the request made. SecureKey will not use this Information for marketing purposes.

Our Disclosure of End User Information

We only disclose End User Information to Sign-In Partners and Relying Party, and only in connection with the ordinary operation of the SecureKey Service. In addition, if we cease to act as the manager of the SecureKey Service, the Relying Party has the right to receive from us or to cause us to deliver to a replacement service manager the End User Information of their end users, so that end users can continue to receive services.

We may disclose End User Information as permitted under the Act respecting the protection of personal information in the private sector (RSQ, c. P-39.1).

Finally, if we sell our business or the part thereof that operates the SecureKey Service, we will transfer to the purchaser our copy of the End User Information, so that the purchaser can continue to operate the service.

If you require clarification about this statement, please contact our Privacy Office by email at cpo@securekey.com, by phone at 416-477-5625, or in writing to SecureKey Privacy Office, 4101 Yonge Street, Suite 501, Toronto, ON M2P 2E3. SecureKey’s general Privacy Policy can be obtained by visiting SecureKey’s website (www.securekey.com).

For more information on privacy issues in general, please consult the Website of the Commission d’accès à l’information at http://www.cai.gouv.qc.ca/, or call 418 528-7741 or 514 873-4196.

The Relying Party and each Credential Service Provider has their own Privacy Policy. For more information please refer to the specific RP or CSP website.

 

Need Technical Support? We're available 24/7 by phone. For Verified.Me call: 1-844-778-5409

For Government Sign-In by Verified.Me call: 1-855-433-5397

TTY Service: 1-855-224-1714

Call Centre        Law        Insurance        Gaming        Education