|
 |
These Terms of Use (“ToU”) establish terms and conditions on which Group-IB Global Private Limited (“Group-IB” or “we”) provides you with its proprietary software product - Group-IB Authenticator
(“Authenticator app”).
The Authenticator app is a mobile application for 2-step verification relying on a biometric data check designed as an ultimate cyber-security solution. The Authenticator app can be used in conjunction with various applications and websites (“resources”) that have directly integrated it.
The key feature that distinguishes the Authenticator app from competitive solutions is Group-IB’s ability to detect via the Authenticator app a suspicious, fraudulent or any other malicious activity conducted on a user’s device and to minimize the risk of further adverse consequences for such user (leak of sensitive data, financial losses etc.) by alarming resources bound with the compromised Authenticator app account.
By using the Authenticator app, you agree to abide by these ToU, which constitute a binding agreement between you and Group-IB (“Agreement”). If you don’t accept these ToU, don’t use the Authenticator app.
In case you comply with all requirements set forth in these ToU, we grant you a limited non-exclusive, non-transferable, non-sublicensable right to use the Authenticator app worldwide for individual non-commercial purposes.
To install the Authenticator app and enjoy its best performance please ensure that your device meets technical requirements listed on the application store page from which you download the Authenticator app.
introduce into the Authenticator app any, virus, worm, “back door,” Trojan Horse, or similar harmful code;
(v) reproduce, modify, adapt or create derivative works of any part of the Authenticator app; (vi) rent, lease, distribute, sell, sublicense, transfer, or provide access to the Authenticator app to a third party; (vii) interfere with any authorization mechanism in the Authenticator app or otherwise circumvent mechanisms thereof intended to limit the use of the Authenticator app; (viii) use the Authenticator app for competitive analysis or to build competitive products.
We know that data privacy is a top issue today, and we want you to enjoy your interaction with the Authenticator app whilst knowing that we value your personal data and that we protect it.
We take data security extremely seriously and are committed to processing it responsibly and in compliance with applicable data protection laws.
We use a variety of measures to keep your personal data confidential and secure, including restricting access to your personal data on a need to know basis and ensuring appropriate technical, legal and organizational safeguards to protect your data.
If you have any requests concerning your personal data we process as well as any questions or comments regarding these ToU or Group-IB’s personal data collection and processing practices, please email us at privacy@group-ib.com.
We take every reasonable step to ensure that your personal data is only processed for the minimum period necessary in connection with: (i) the purposes set out in this section of the ToU; (ii) any additional purposes notified to you at or before the time of collection of the relevant personal data or commencement of the relevant processing; or (iii) as required or permitted by applicable law; and thereafter, for the duration of any applicable limitation period. In short, once your personal data is no longer required, we will destroy or delete it in a secure manner.
If we process your personal data in the context of your Authenticator app usage, you have a right to (i) request access (ii) ask for changes to be made or (iii) to have the data deleted if they are no longer necessary in relation to the purposes for which they were collected or any other legal ground is applicable.
Additional rights of the EU & EEA residents:
In case you are residing on the territory of the EEA, in addition to the rights set forth above you also have the following rights concerning your personal data: (i) to request a transfer of your personal data to another company; (ii) to object to the processing of your personal data in certain circumstances; (iii) to lodge a complain with a supervisory authority.
When we transfer your personal data to other countries, we take reasonable steps to ensure that applicable laws are being followed. In case your data is transferred to sub-processors located in countries in which respect there is no adequacy decision of the European Commission, we effect each such transfer only subject to certain required safeguards including but not limited to execution of a data processing agreement (DPA) incorporating Standard Contractual Clauses (SCC) adopted by the European Commission, conducting a transfer impact assessment (TIA) etc.
We process your personal data to keep your Authenticator app experience safe as detailed in the following section, to identify you and your device, to ensure the safety of using the Authenticator app, to send you notifications with you, fulfil your requests, answer your queries and provide you with communications about Group-IB and our products. We also process your personal data in order to help us comply with the law, to manage our systems and finances, to conduct investigations and to exercise other legal rights.
Thus, to process your personal data we rely on a contractual basis (our Agreement with you based on these ToU) and our legitimate interest to keep evidence of your activities for cybercrime-protection purposes.
We may process the following categories of your personal data via the Authenticator app.
1). Information that you share with us directly.
Email Address. At the start of your first session in the Authenticator app we ask you to provide us with an email address to create your Authenticator app account. We send a verification code to the email address you specify in the registration form to ensure that you have control over the email address entered.
After the email address is verified, it will serve as the identifier for your Authenticator app account that allows you to add and associate additional devices to your same Authenticator account. Unless you specifically configure your Authenticator app settings otherwise, a device on which you first create your Authenticator app account is considered your “primary device.”
We also process your email address to validate who you are if you need to recover your account or your account has been compromised, and also to notify you about your account vulnerability, e.g. suspicious logins or other unusual activity that could be related to a compromise of your Authenticator app account or one of your accounts in other resources that integrate with the Authenticator app.
Identity Information. During registration of the Authenticator app account, you may provide us your real name.
If we have detected any suspicious activities on your side or have a reasonable doubt about whether you are the rightful account holder of the Authenticator app account associated with your email address, we may ask you for a copy of your physical identification such as a passport or a national ID, drivers’ license or any similar document which we then use to confirm your claim to the account.
2.) Data we collect automatically.
We collect information specified in this section to ensure that we deliver the most optimized version of the Authenticator app for your device and to detect suspicious and/or fraudulent activity.
Device Data. When you download and open the Authenticator app, we automatically collect information about the type of device you have downloaded the app on and your device identifier.
Location data. We collect information on your location based on your IP address, when you turn your device location service on. We process this information to check for suspicious activities.
Login history and Authenticator app account history. When you use the Authenticator app to log into a resource account, we collect and process information associated with your login activity including your IP address, what resource you logged in to, fact that you logged in, time of your session.
Results of your biometric data check. We don’t receive any biometric data from your device itself but binary information on whether you passed the check or not. All biometric data (fingerprint scan, face recognition etc.) are autonomously processed on your device.
By accepting these ToU you acknowledge and agree that Group-IB will share your personal data with resources to which accounts you connect the Authenticator app, including data on suspicious activities we detect, for the purpose of ensuring the highest cyber-security level possible and keeping you safe from potential fraudulent activities. We conclude special data processing agreements (DPA) governing mutual obligations in respect of your personal data processing with all resources.
If you do something using the Authenticator app that gets us sued, fined or results in a reputational damage for us, you agree to cover our losses as described below.
You shall indemnify, defend, and hold Group-IB, including, but not limited to, our employees, directors, shareholders, agents, affiliates and representatives harmless from and against any and all claims, costs, losses, damages, judgments, tax assessments, penalties, interest, and expenses (including without limitation reasonable attorneys’ fees) arising out of any claim, action, audit, investigation, inquiry, or other proceeding instituted by a person or entity that arises out of or relates to: (a) any actual or alleged breach of your representations, warranties, or obligations set forth in these ToU; (b) your wrongful or improper use of the Authenticator app; (c) your violation of any law, rule or regulation according to applicable law.
Here’s the part where you promise that you are who you say you are, and that you commit yourself to obey the law and our ToU.
You represent and warrant to us that: (a) you are at least eighteen (18) years of age; (b) you are eligible to register and use the Authenticator app and have the right, power, and ability to enter into and perform under these ToU; (c) any information you provide in connection with your use of the Authenticator app accurately and truthfully represents your personal identity; (d) you comply with all laws, rules, and regulations applicable; (e) you will not use the Authenticator app, directly or indirectly, for any fraudulent undertaking or in any manner so as to interfere with the operation of the Authenticator app; and (f) your use of the Authenticator app will be in compliance with these ToU.
While we do our best to bring great products and services to our customers, we provide them as-is, without warranties. We are not responsible for any applications and services that you might buy, sell, or otherwise obtain. THE AUTHENTICATOR APP IS PROVIDED “AS IS” WITHOUT REPRESENTATION OR WARRANTY, WHETHER IT IS EXPRESS, IMPLIED, OR STATUTORY. WITHOUT LIMITING THE FOREGOING, GROUP-IB SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. GROUP-IB DOES NOT WARRANT OR GUARANTEE THAT THE AUTHENTICATOR APP IS ACCURATE, RELIABLE OR CORRECT; THAT THE AUTHENTICATOR APP WILL MEET YOUR REQUIREMENTS; THAT THE AUTHENTICATOR APP WILL BE AVAILABLE AT ANY PARTICULAR TIME OR LOCATION, UNINTERRUPTED, ERROR-FREE, WITHOUT DEFECT OR SECURE; THAT ANY DEFECTS OR ERRORS WILL BE CORRECTED.
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL GROUP-IB BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA, OR OTHER INTANGIBLE LOSSES, THAT RESULT FROM THE USE OF, INABILITY TO USE, OR UNAVAILABILITY OF THE AUTHENTICATOR APP FUNCTIONALITY. IN ALL CASES, GROUP-IB WILL NOT BE LIABLE FOR ANY LOSS OR DAMAGE THAT IS NOT REASONABLY FORESEEABLE. THIS LIMITATION OF LIABILITY SECTION APPLIES WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR ANY OTHER BASIS, EVEN IF GROUP-IB HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THE FOREGOING LIMITATION OF LIABILITY WILL APPLY TO THE FULLEST EXTENT PERMITTED BY LAW IN THE APPLICABLE JURISDICTION.
Relations connected with or resulted from your use of the Authenticator app under these ToU shall be governed by the law of Singapore. Any dispute, controversy or claim arising out of or in connection with these ToU, including any question regarding existence, validity or termination of the Agreement, shall be referred to and finally resolved by arbitration administered by the Singapore International Arbitration
Centre (“SIAC”) in accordance with the Arbitration Rules of the Singapore International Arbitration Centre (“SIAC Rules”) for the time being in force, which rules are deemed to be incorporated by reference in this clause. The seat of the arbitration shall be Singapore. The Tribunal shall consist of 1 (one) arbitrator. The language to be used in the arbitral proceedings shall be English.
Notwithstanding the foregoing, Group-IB reserves the right to bring proceedings in any other arbitration or a court of law at its sole discretion.
Group-IB reserves the right to terminate the Agreement at any time. If the Agreement is terminated for any reason: (a) the license and any other rights granted under these ToU will end, (b) we may delete your information and account/email data stored on our servers, and (c) we will not be liable to you or any third party for compensation, reimbursement, or damages for any termination or suspension of the license, or for deletion of your information.
We reserve the right to make changes to these ToU from time to time if necessary.
The new version of these ToU comes into force from the moment of publication, unless otherwise provided by the latest version of the ToU.