English

 

BROKER ID TERMS & CONDITIONS

 

These Regulations define the terms and conditions of using the Broker ID service provided electronically by the Administrator to Users, enabling the verification of the Identified Person's personal data (natural person) by means of external ICT systems, electronic identification means or trust services. Using Broker ID is possible on the terms set out in the Regulations.

Definitions

The terms used in the Regulations shall have the following mean:

  1. Administrator - Autenti sp. z o.o. with its registered seat in Poznań at ul. Św. Marcin 29/8, 61-806 Poznań, entered into the register of entrepreneurs kept by the District Court for Poznań Nowe Miasto i Wilda in Poznań, VIII Commercial Division of the National Court Register, under the following number KRS 0000436998, NIP 783-169-32-51 
  2. Broker ID  - a service provided in the Software as a Service model (the so-called SaaS) by the Administrator, on the terms specified in the Regulations, consisting in enabling the User to use the provided ID Method in order to confirm specific personal data by the Identified Person or to obtain information about the Identified Person.
  3. ID method - the method of confirming personal data or obtaining information about the Identified Person shared by the Administrator as part of the Broker ID provided by indicated entities, on the terms separately specified for a given ID Method.
  4. Autenti platform - an IT tool under which the service is provided electronically by the Administrator, available on the website available under the name "Autenti", in accordance with the Regulations of the Autenti Platform.
  5. Regulations - these Broker ID Regulations.
  6. Autenti Platform Regulations - regulations for the provision of electronic services, regulating the use of the Autenti Platform, the content of which is available on the website at https://autenti.com/regulaminy .
  7. User - a natural person, a legal person or an organizational unit without legal personality, having an Account on the Autenti Platform, which placed an order for the provision of Broker ID, indicating the personal data of the Identified Person to be verified based on the selected ID Methods, and such an order was accepted by the Administrator.
  8. Identified Person - a natural person, indicated by the User, for whom the data verification service under the Broker ID is performed.
  9. eIDAS – Regulation of the European Parliament and the Council  (EU) NO 910/2014 of 23 July 2014 on electronic identification and trust services with reference to the electronic transactions on internal market and repealing the directive  1999/93/EC.

Terms of use for Broker ID

  1. The User may submit an application for access to the Broker ID by filling in the appropriate electronic form, available as part of the Account on the Autenti Platform, to which a functional package has been assigned containing the rights to use the Broker ID or on the basis of a separate agreement with the Administrator.
  2. The Administrator may make access to the Broker ID dependent on the User's confirmation of its credibility in the manner indicated by the Administrator.
  3. In order to use the Broker ID, the User should indicate the scope of information (personal data) of the Identified Person for confirmation and specify the ID Method or the ID Method on the basis of which their confirmation should be made by the Identified Person. The Administrator by means of the e-mail address (e-mail) indicated by the User, telephone number (SMS), link or other contact provided by the Administrator asks the Identified Person  to grant his/her consent to the verification or confirmation of the User's personal data based on the indicated ID Method. If the User has chosen more than one Identified ID Method, they may choose the ID Method by means of which they will verify or confirm their personal data.
  4. The Broker ID may not be used by Users for purposes that:
    1. violate or may violate generally applicable law and the rights of third parties,
    2. violate or may violate good manners,
    3. may lead to misleading the Identified Persons or making decisions unfavourable for them,
    4. they are malicious, harmful or invade privacy.
  5. The Administrator has the right to deny access to the Broker ID to Users who, in the Administrator's opinion, do not provide due warranty of fair conduct in accordance with the provisions of the Regulations, the Regulations of the Autenti Platform or otherwise violate the interests of the Administrator, Users, Identified Persons or other third parties.
  6. The Identified Person is obliged to provide true and not misleading personal data, up-to-date documents and submit true statements aimed at confirming complete and current personal data that are subject to verification or confirmation.
  7. ID Broker is a paid service for the User. The User undertakes to pay the Administrator remuneration for the use of Broker ID in accordance with the Price List published by the Administrator on the website https: ///broker.id/en-pricelist unless otherwise agreed in a separate agreement. 

The functionality of confirming personal data

  1. As part of Broker ID, the Administrator may make the use of ID Methods available, in particular:
    a) Video ID (video identification) - verification of personal data based on the identity document (Video ID) presented by the Identified Person at the time of identification by visual connection,
    b) Bank Connect (bank identification) - confirmation of personal data based on information from the electronic banking service after authentication in the electronic banking system (Bank Connect),
    c) Bank ID (bank identification) - confirmation of personal data using means for authentication in the bank's ICT system in the European Union (AISP-EU Bank),
    d) Bank Open (bank identification) - confirmation of personal data using means for authentication in the open banking ICT system (Bank OPEN),
    e) OTP code - confirmation of having a telephone number using a one-time SMS codeBank ID Payment card (bank identification using a payment card) - confirmation of personal data using bank means based on payment card authentication (Bank CC),
    f) Bank ID (bank transfer) - confirmation of personal data using the proof of electronic payment (MT Bank),
    g) QES ID (qualified electronic signature) - confirmation of personal data based on a qualified electronic signature certificate in accordance with eIDAS,
    h) AML ID - confirmation of personal data by the entity that verified the identity of the Identified Person by an internal procedure consistent with the obligations set out in the law established on the basis of Directive 2005/60 / EC of the European Parliament and of the Council of October 26, 2005 on preventing the use of the financial system for the purpose of money laundering and terrorist financing and executive acts.
    i) OTP code - confirmation of having a telephone number using a one-time SMS code.
  2. When providing Broker ID, the Administrator may use, in particular, the services of trust service providers, issuers of electronic identification means, telecommunications or ICT service operators, banks or payment institutions, in order to provide a specific ID Method. In such cases, the provision of Broker ID or some of its functionalities may be based on the principles set out in separate regulations of such services. In this case, the User and the Identified Person will be informed about the content of these rules before using the given ID Method.
  3. The User acknowledges that the ID Methods  available under Broker ID may be a source of personal data with a different level of reliability, depending on the selected ID Method, and the User should familiarize himself with the functionality and legal aspects of individual ID Methods and individually weigh whether the level of accuracy of a given ID Method is adequate for the purposes that it intends to achieve by confirming the Customer's personal data, in particular the process of submitting or receiving a declaration of intent.
    a) OTP code - confirmation of having a telephone number using a one-time SMS code.
    b) Bank ID Payment card (bank identification using a payment card) - confirmation of personal data using bank means based on payment card authentication (Bank CC),
    c) Bank ID (bank transfer) - confirmation of personal data using the proof of electronic payment (MT Bank)
    d) QES ID (qualified electronic signature) - confirmation of personal data based on a qualified electronic signature certificate in accordance with eIDAS;
    e) AML ID - confirmation of personal data by the entity that verified the identity of the Identified Person by an internal procedure consistent with the obligations set out in the law established on the basis of Directive 2005/60 / EC of the European Parliament and of the Council of October 26, 2005 on preventing the use of the financial system for the purpose of money laundering and terrorist financing and executive acts.
  4. When providing Broker ID, the Administrator may use, in particular, the services of trust service providers, issuers of electronic identification means, telecommunications or ICT service operators, banks or payment institutions, in order to provide a specific ID Method. In such cases, the provision of Broker ID or some of its functionalities may be based on the principles set out in separate regulations of such services. In this case, the User and the Identified Person will be informed about the content of these rules before using the given ID Method.
  5. The User acknowledges that the ID Methods  available under Broker ID may be a source of personal data with a different level of reliability, depending on the selected ID Method, and the User should familiarize himself with the functionality and legal aspects of individual ID Methods and individually weigh whether the level of accuracy of a given ID Method is adequate for the purposes that it intends to achieve by confirming the Customer's personal data, in particular the process of submitting or receiving a declaration of intent.

Liability for the use of Broker ID

  1. Users who have gained access to Broker ID are liable for its use, in particular for purposes contrary to applicable law, good practice and these Regulations. The User's liability also extends to the actions of persons to whom the data allowing access to the Broker ID have been provided by the User, also through their inappropriate protection.
  2. The Administrator is liable for the compliance of the information provided to the User with the result of the confirmation or verification made with the selected ID Method. The Administrator is not liable for the completeness, effectiveness and correctness of the implementation of the ID Method on the basis of which (or which) the User ordered the confirmation of personal data or obtaining information about the Identified Person. 
  3. The Administrator is not liable for: (a) the actions and omissions of the Identified person, whose personal data is the subject of verification or confirmation, (b) software, applications, systems and other functionalities that are not the operator, and which are used by the User when using Broker ID, ( c) lost profits, (d) operation of ID Methods, in particular the change, exclusion or limitation of certain ID Methods by their suppliers.
  4. The User is fully liable for his actions and omissions leading to the violation of generally applicable law, the rights of third parties or the Regulations, in particular, the User is obliged to repair the damage resulting from this action, caused by the Identified Persons, ID Method suppliers or the Administrator.
  5. The User undertakes to provide the Identified Persons with reliable information regarding the purposes of using Broker ID and the confirmed personal data obtained in this way in accordance with the generally applicable provisions of law on the protection of personal data.
  6. In justified cases related to errors or technical problems, in particular with regard to the security of the Autenti Platform, the Administrator reserves the right to temporarily or permanently block access to the Broker ID.
  7. In the event of any irregularities related to the provision of Broker ID by the Administrator, the User or an Identified Person may submit a complaint on the terms specified in the Regulations of the Autenti Platform.

Personal data processing


  1. The administrator of personal data under the Broker ID is the Administrator. Contact with the Administrator or the Personal Data Protection Inspector appointed by the Administrator is possible via: electronic form available on the website: https://autenti.com/kontakt/ ; or at the e-mail address: iod@autenti.com
  2. The Administrator processes Users' personal data on the terms set out in the Privacy Policy referred to in Chapter VI. it. 4.
  3. Personal data is processed by the Administrator in accordance with the provisions on the protection of personal data, including in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on free movement such data and repealing Directive 95/46 / EC ("GDPR").
  4. The personal data of the Identified Person may be obtained from the User or directly from the Identified Person, depending on the method of confirming this data on the basis of the User and Identified Person ID Methods selected by the User. 
  5. By providing the Administrator with the personal data of the Identified Person, the User declares that he is entitled to transfer it and confirm (verify) them and that the obtained or confirmed personal data will be used only for the purposes and in a manner consistent with the provisions of applicable law. 
  6. The Administrator becomes the administrator of personal data for the personal data of the Identified Person to the extent to which the Identified Person used the Broker ID to confirm his/her personal data.
  7. Providing personal data by the Identified Person is voluntary, however,  failure to consent to the confirmation of personal data or failure to provide the requested personal data under Broker ID will result in the inability to perform the personal data or identity verification requested by the User.
  8. The withdrawal of the consent to the processing of data does not affect the lawfulness of the processing carried out on the basis of the consent before its withdrawal.
  9. Verification of personal data or identity under Broker ID may involve automatic decision making, including profiling against the Identified Person.
  10. The data collected by the Administrator include such personal data as: name and surname, IP address, e-mail address, telephone number, date of birth, PESEL number, identity document number and/or other data required to carry out verification using the ID method selected by the User. The selected ID Methods may also include images or videos of the Identity's ID or face.
  11. The data is processed for the purpose of:
    a) performance of the contract concluded on the basis of the Regulations or a separate contract (art. 6 it. 1 let. b of GDPR),
    b) fulfilment of the Administrator's legal obligation (art. 6 it. 1 let. c and it. 3 of GDPR),
    c) implementation of the legitimate interest of the Administrator, i.e. pursuing or securing any claims or other requests of third parties, including public authorities (art. 6 it. 1let. f of GDPR).
  12. The obtained personal data or anonymised information may be provided by the Administrator:
    a) to the User by providing the verification results. The User will receive only such data, the provision of which is necessary for the performance of the contract between the Administrator and the User, based on the User's request. The Administrator is not responsible for the unlawful processing of personal data by the User.
    b) suppliers who participate in the provision of Broker ID. They may process personal data or anonymised information in order to enable the Administrator to achieve the goals resulting from the Regulations,
    c) to other third parties if it has reason to believe it is necessary; to comply with applicable law or an order or subpoena or other legal process; to investigate, prevent or act on illegal activities; suspected fraud, breach of the terms of the Regulations or situations related to threats to the property or property of the Administrator or the safety of any person or third party, as well as to establish, protect or exercise the Administrator's rights or defend the Administrator against legal claims.
  13. The identified person has the right to access their personal data and the right to rectify, delete, limit processing, the right to transfer data, the right to object to data processing based on the legitimate interest of the Administrator.
  14. The Administrator may refuse to delete personal data if further processing of this data by the Administrator is permitted under the law.
  15. The data subject has the right to lodge a complaint with the supervisory authority if he or she considers that the processing of his/her personal data violates the provisions of the GDPR.
  16. The personal data of the Identified Person processed as part of the Broker ID service will be processed for no longer than is required by the justified interest of the Administrator indicated in point. 12 let. c hereinabove.

Final provisions

  1. The Administrator can amend the Regulations. The amendment becomes effective on the date indicated by the Administrator, which may not be less than 15 days from the moment of making the amended Regulations available. The User will be informed about the change in the Regulations by e-mail or during the first login from the amendment of the Regulations to the Broker ID. In the event of refusal to accept the changes to the Regulations, the User will have the right to terminate the contract with the Administrator regarding the use of Broker ID with effect on the date of entry into force of the new Regulations. Services ordered by the User are provided on the terms applicable at the time of commissioning.
  2. Any disputes related to Broker ID under the Regulations, conducted with Users who are not consumers (or do not use consumer rights), which cannot be prevented in an amicable manner, will be settled by a common court competent for the Administrator's seat. A User who is a consumer (or acting under the rights of a consumer) has the option of using an out-of-court method of investigation Complaints and pursuing claims before the Permanent Consumer Arbitration Court at the Provincial Inspector of Trade Inspection in Poznań. Information on how to access the abovementioned procedures and procedures for resolving disputes can be found at the following address: www.uokik.gov.pl, in the tab "Help and advice for Consumers". A User who is a consumer also has the option of using the EU ODR internet platform, available at the following address: https://ec.europa.eu/consumers/odr/ .
  3. In matters not settled herein, the provisions of the Regulations of the Autenti Platform and the Privacy Policy available at: https://autenti.com/regulamins/polityka-ochrony-prywatnosci-autenti/ shall be applied accordingly.