Master Service
Agreement
This Master Service Agreement (“Agreement”) is between Truv Inc., a Delaware corporation (“Truv”, “we”, “us”, and “our”), and you (“Client”, “you”, and/or “yours” add affiliate, subsidiaries, etc.); each a “Party”, jointly referred to as the “Parties”, and it governs your use of our Products and the Truv Platform.
By signing and accepting an Order Form (as defined below) for our Products via the Truv Platform, by using our Products, Truv Platform, website, or otherwise showing acceptance to this Agreement (e.g., clicking accept, or continue buttons, etc.) you agree that you have read, understood, and accepted this Agreement and you accept to be bound by the Agreement and all terms, policies and guidelines incorporated herein by reference. If you are acting on behalf of an entity you represent and warrant that you have the legal capacity to legally bind such an entity.
Truv’s Products and access to the Truv Platform are offered to you conditional on your acceptance of these Terms.
SECTION 1 – PRODUCTS AND SERVICES.
1.1Products. Client is engaging Truv to collect and transmit Permissioned Information to be provided by Consumers who are residents in the Territory, as defined in this Agreement to Client, for which Truv will provide certain Products ordered by Client under an Order Form and made commercially available by Truv, as described in this Agreement, applicable Documentation and Order Form.
1.2Order Form. If Client enters into an Order Form with Truv and the terms and conditions of the Order Form conflict with this Agreement, the Order Form will control.
1.3Support. Pursuant to the contents of this Agreement, Truv will comply with certain Service Level Agreements as indicated in Exhibit A incorporated by reference to this Agreement.
SECTION 2 – BILLING AND PAYMENT TERMS.
2.1Billing Terms. Client agrees and authorizes Truv to charge Client via Automated Clearing House (ACH) debit or credit (wire), for which Client is required to provide Truv via Stripe, Inc. (a third-party payment processor) (the “Payment Processor”) with information regarding ACH debit or credit authorization, and maintain a valid payment method on file with Truv which Client warrants and represents that all information relating to such payment method is true and accurate and that Client is authorized to use such payment method. In the event Client fails to maintain a valid payment method on file with Truv, Truv shall have the right to suspend Client’s access to and use of the Products until a valid payment method is provided and all Fees due have been paid. Client is bound by and agrees to the Payment Processor’s terms of service located at https://stripe.com/legal/payment-terms and https://stripe.com/legal/end-users ) and privacy policy (located at https://stripe.com/privacy. Truv is not responsible for the performance of the Payment Processor. Fees are exclusive of all applicable Payment Processor fees. Unless expressly indicated to the contrary, all amounts set forth in each Order Form are in U.S. Dollars. All payment obligations are non-cancellable, and all fees paid are non-refundable and non-creditable. For the avoidance of doubt, payments by check and card are not accepted.
2.2Dispute. Upon written notice to Truv, Client, acting in good faith, may withhold payment for any fees on Truv’s invoices that Client reasonably disputes with documented justification for the dispute. Client will pay the remaining undisputed portion of any invoice in accordance with the payment terms set forth herein and the Parties will negotiate in good faith to resolve the dispute within thirty (30) days of Client’s dispute notice. Client’s non-payment of fees disputed in good faith, in accordance with this Section 2.2 does not constitute default by Client and does not entitle the Parties to suspend or delay any of its services or providing any information or materials, except as otherwise established by this Agreement.
2.3Past Due Fees. Unpaid Fees for more than fifteen (15) days past due are subject to a finance charge of 1.5% per month, or the maximum permitted by law, whichever is lower. Additionally, if Client’s account is fifteen (15) days or more overdue (except for charges then under reasonable and good faith dispute pursuant to Section 2.2), Truv reserves the right to suspend Client’s access to the Products until such amounts are paid in full.
2.4Future Functionality. Client agrees that its purchases are not contingent on the delivery of any future or updated functionality or features, or dependent on any oral or written public comments made by Truv regarding future functionality or features.
2.5Taxes. Fees are exclusive of all applicable taxes. Client is responsible for paying all taxes associated with its purchases hereunder other than taxes based on Truv’s net income. In the event Truv has the legal obligation to pay or collect taxes for which Client is responsible under this Agreement, the appropriate amount of such taxes will be allocated and invoiced to and paid by Client, unless Client provides Truv with a valid tax exemption certificate.
SECTION 3 – TERM.
3.1Term. This Agreement commences on the Effective Date and continues until all subscriptions hereunder have expired or have been terminated (the “Initial Term”). The term of each subscription shall be as specified in the applicable Order Form.
3.2Renewal. This Agreement will automatically renew for consecutive terms of 1 year (each, a “Renewal Term”) unless either Party, at least thirty (30) days prior to the expiration of the then-current Initial Term or Renewal Term (each, a “Term”), provides written notice to the other Party of its intention not to renew, in which case this Agreement (and the applicable Order Form(s), as the case may be) will expire at the end of the then-current Term.
3.3Termination for Cause.
In addition to any other remedies it may have, either Party may also terminate this Agreement
(i) upon thirty (30) days’ written notice, if the other Party materially breaches any of the terms or conditions of this Agreement, with an opportunity to cure during such period,
(ii) upon the institution by or against the other party of insolvency, receivership or bankruptcy proceedings, including but not limited to, voluntarily or involuntarily commencing any proceeding or filing a petition seeking relief under Title 11 of the United States Code or any other federal, state or foreign bankruptcy, insolvency, liquidation or similar law,
(iii) upon the other Party’s making an assignment for the benefit of creditors, or
(iv) upon the other Party’s dissolution or ceasing to do business.
SECTION 4 – ACCESS AUTHORIZATIONS AND RESTRICTIONS.
4.1Access Authorizations. Subject to Client’s compliance with the terms and conditions of this Agreement, Truv hereby grants Client a limited, non-exclusive, non-transferable, non-sublicensable, revocable authorization to:
- internally use the API and API Key provided by Truv solely as necessary to make the Client Application interoperate with the Products;
- use the Products during the Term, in accordance with the Documentation and solely for Client’s internal business purposes;
- permit Client User(s) to access and use the Products in accordance with this Agreement; and
- use the Documentation only in accordance with the Client’s authorized use of the Products.
4.2Restrictions. All rights not expressly granted herein to Client, are reserved by Truv. Client agrees that it must not, and must not permit or authorize any third party, including any authorized user under its employ, to directly or indirectly:
- use the Products in i) any manner beyond the scope of rights expressly granted in this Agreement, ii) violation of any Applicable Law, regulation or regulatory guideline;
-
use the Product for a purpose other than for the permissible purpose. Client acknowledges and accepts that for the purposes of this Agreement permissible purpose shall be understood as the definition granted to such term under the FCRA to obtain an employment report, and Client represents to have a permissible purpose under the FCRA to obtain an employment report. Section 604 of FCRA contains a list of the permissible purposes under FCRA. These are:
As ordered by a court or a federal grand jury subpoena.
In accordance with the written instructions of the employee.
In connection with a credit transaction involving the employee or the review or collection of an employee’s account.
For employment purposes, including hiring and promotion decisions, where the employee has given prior written consent.
For the underwriting of insurance as a result of an application from an employee.
To review an employee’s eligibility for a license or other benefit granted by a governmental instrumentality required by law to consider an applicant’s financial responsibility or status.
For use by a potential investor or servicer, or current insurer, in a valuation or assessment of the credit or prepayment risks associated with an existing credit obligation.
When there is a legitimate business need, in connection with a business transaction that is initiated by the employee.
When there is a legitimate business need to review an account to determine if the employee continues to meet the terms of the account.
For use by state and local officials in connection with the assessment of child support obligations.
Client must designate and provide Truv with the particular permissible purpose for which the employment report is being obtained and certify that the employment report will not be used for any other purpose.
Client is also required by the FCRA to notify employees when adverse action is taken based in whole or in part on any information in the employment report. Adverse action includes all business, credit, insurance and employment actions that have an adverse or unfavorable impact on the employee, such as denying a loan, denying or canceling credit insurance, or denying employment or promotion. Adverse action also includes denying an apartment lease application based on the employment report.
FCRA also requires that we provide to Client as a user of a consumer report a prescribed notice on the FCRA responsibilities of users of consumer reports. The Notice to Users is attached to this Agreement and provided to Client with each employment report you receive, furthermore, Client acknowledges and agrees that to comply with these additional requirements. - modify or create derivative works of the Products or Documentation, in whole or in part;
- reverse engineer, disassemble, decompile, decode or otherwise attempt to derive or gain improper access to any software component of the Products, in whole or in part;
- frame, mirror, sell, resell, rent or lease use of the Products to any other third-party, or otherwise allow any third-party to use the Products for any purpose other than for the benefit of Client in accordance with this Agreement;
- use the Products, Documentation, or Truv Data in any manner or for any purpose that infringes, misappropriates, or otherwise violates any intellectual property right or other right of any third-party:
- interfere with, or disrupt the integrity or performance of, the Products, or any data or content contained therein or transmitted thereby;
- access or search the Products (or download any data or content contained therein or transmitted thereby) through the use of any engine, software, tool, agent, device or mechanism (including spiders, robots, crawlers or any other similar data mining tools) other than software or Product features provided by Truv for use expressly for such purposes;
- use the Products, Documentation or any other Truv Confidential Information for benchmarking or competitive analysis with respect to competitive or related products or services, or to develop, commercialize, license or sell any product, service or technology that could, directly or indirectly, compete with the Subscription Services;
- grant any third party access to or permission to use the Products, API, API Key, or Documentation;
- remove any proprietary notices from the Products, API, API Key and Documentation;
- white label or resell the Products to third-parties, e.g., Client’s customers, in any of Client’s own offerings, applications, or websites, unless otherwise established in the applicable Order Form;
- use the Products to store or transmit inaccurate, infringing, libelous, Prohibited Content or otherwise unlawful or tortious material, or to store or transmit material in violation of third-party privacy rights;
- use the Products to store or transmit malicious software code, e.g., code, files, scripts, agents or programs intended to do harm, including, for example, viruses, worms, time bombs or Trojan horses (collectively “Viruses”); or
- use or enable use of the Products, API, API Keys or when applicable the Client Application that has the API integrated, for the use with any Consumer payroll or employer account outside the Territory.
4.3 Access Suspension. Truv shall have the sole right to suspend any part of the Products, using commercially reasonable efforts under the circumstances to provide Client with notice and an opportunity to remedy such violation or threat prior to any such suspension, if Truv reasonably determines that:
- Client’s use of the Products disrupts or poses a security risk to any Truv’s Confidential Information or to any other Truv’s customers or vendors;
- Client is using the Products for fraudulent or illegal activities or in violation of this Agreement;
- subject to Applicable Law, Client has ceased to continue business in the ordinary course, made an assignment for the benefit of creditors or similar disposition of its assets, or becomes the subject of any bankruptcy, reorganization, liquidation, dissolution, or similar proceeding;
- Truv’s provision of Products to Client is prohibited by Applicable Law; or
- Any use of the Products by Client or Client Users that in Truv’s judgment threatens the security, integrity or availability of Truv’s services.
SECTION 5 – THIRD PARTIES, CLIENT USERS AND CLIENT APPLICATION.
5.1Third-Party Providers. Client is responsible for complying with any applicable terms and conditions of any third-party products, services, and platforms used by Client in conjunction with the Products, which are not provided by Truv as part of the Products.
5.2Third-Party Access.
- Client may allow its Client Users to access and use the Products, Documentation, API, API key, and Consumer Data, solely on Client’s behalf and only for Client’s direct beneficial purpose under this Agreement.
- Client accepts and acknowledges to always identify Client Users before having access to the Consumer’s data, and certify that such data is used only for the permissible purpose. Moreover, Client shall be responsible for all actions and/or omissions by any Client User as if such action or omission were an action or omission of Client. Client shall be responsible for all activities performed on or through the Client’s account and Client Users’ accounts whether authorized or not by Client.
5.3Third-Party Data Sources. Client acknowledges that, at its instruction, Truv may obtain data from Data Sources which may contain Personal Identifiable Information (“PII”), as defined in this Agreement. The Parties agree, that nor Truv, or Client have a contractual relationship with such Data Sources with whom the Consumers have registered accounts, therefore, Truv cannot guarantee the continued availability of the Products and may cease providing them with respect to any Consumer in the event the specific Data Source ceases to make its platform or applicable account available in a manner consistent with this Agreement.
5.4Client Application. Client shall be responsible for maintaining the Client Application and obtaining and maintaining any supporting services and/or equipment required to connect to, access, or otherwise use the Products, including but not limited to internet connection, servers, hardware, software, operating systems, web servers, etc. Truv shall not be responsible for any delay or interruption in the provision of Products caused by the failure of the Client Application or any required additional services or equipment.
SECTION 6 – INFORMATION SECURITY, DISCLOSURE, AND CONSENT.
6.1Information Security.
- Truv must maintain the confidentiality of any Confidential Information and PII, as such term is defined in this Agreement, by developing, implementing and maintaining an information security program, which may include but is not limited to technical and physical safeguards to protect the information collected, accessed, stored, processed, or received by Truv for the purposes of this Agreement, to prevent unauthorized disclosure or misuse, and to anticipate any reasonably foreseeable threats to the confidentiality of the aforementioned information. Additionally, Truv’s information security program includes Truv’s obligation to maintain compliance with an annual audit for SOC 2 Type 2 report. This audit shall be conducted by an independent third-party auditor selected by Truv. The audit shall assess Truv’s controls and processes in accordance with the criteria outlined in the SOC 2 framework.
- In the event Truv discovers or becomes aware of any unauthorized access or misuse of Confidential Information or PII, or intrusion to Truv’s systems resulting on the unauthorized disclosure of Confidential Information or PII, Truv will notify Client of the corresponding security breach within the first forty-eight (48) hours from the discovery of the security breach, and cooperate with Client to protect the Confidential Information and/or PII, and to mitigate the damage or impact caused by the security breach, and to comply with any mitigation actions as required by Applicable Law.
6.2Compliance with Applicable Laws. Truv’s information security program must comply with all applicable federal and state law as well as industry best practices. Each Party must not knowingly include in the Confidential Information, PII or any other information exchanged between the Parties for the purposes of this Agreement any PII of any resident of the European Union (“EU Resident”) nor email or collect any information from any EU Resident without: (a) obtaining the prior written consent of the other Party; and (b) ensuring that Party’s compliance with the requirements of all Applicable Law, including the European Union General Data Protection Regulation (the “GDPR”). In addition, Client must not provide information to Truv from any country outside of the United States without Truv’s previous written consent and the Parties entering into Standard Contractual Clauses as requested and defined by the European Commission (or other ad hoc clauses to validate the transfer of data).
SECTION 7 – PERSONAL DATA.
7.1Personal Data.
7.1.1Use of Personal Data. Personal Data that Truv collects for Client will not be:
- used by Client other than as necessary for the compliance with this Agreement and the applicable Order Form and as expressly authorized by the Consumer(s);
- sold, assigned, transferred, or otherwise provided to third parties by Client.; or
- Retaining, using, or disclosing the information outside of the direct business relationship between the Parties.
7.1.2Disclosure and Consent. The Parties accept and acknowledge to be responsible of complying with the following obligations related to Personal Data disclosures and consent granting:
- Each Party will remain fully liable for any unauthorized disclosure of PII under their control to third parties;
- Each Party will implement and monitor procedures to comply with Applicable Laws and implement procedures concerning the safeguarding and disposal of PII;
- Each Party will maintain safeguards and take all necessary technical, physical and organizational precautions to ensure that PII is protected from unauthorized access, alteration, destruction, disclosure, erasure, manipulation, and destruction by third parties while PII is in the possession or under the control of each Party and ensure that PII is not processed in other ways contradictory to privacy and/or data protection Applicable Laws, and upon request, provide the other Party with all information that the other Party reasonably requests regarding the processing of PII, including, but not limited to, where and how PII is stored, who has access PII and for what purpose, and what security measures are taken to ensure that PII is protected from unauthorized access, alteration, disclosure, erasure, manipulation, and destruction while in the possession or under the control of the Disclosing Party, as defined in this Agreement;
- Client will maintain sufficient procedures to detect and respond to security breaches involving PII and will immediately inform Truv when Client suspects or learns of any other security breach involving PII and take corrective action.
- Client will provide Truv with such information regarding the PII security breach as Truv reasonably requests;
- Client will ensure that all Consumers are presented with and required to acknowledge and consent Truv contacting them for the purpose of the provision of the Products, and Truv shall be responsible for presenting them and getting their consent to Truv’s privacy policy prior to initiating any activity through the Products; and
- Client will only receive the Consumer Data of a specific Consumer after such Consumer has authorized Client within the Truv Platform. In the event a Consumer removes the authorization granted to Client, Truv will terminate Client’s access to such Consumer Data, and Client shall terminate any third party use and access to the Truv Platform. Furthermore, if a Consumer deletes its account with the Client, Client shall immediately notify Truv.
The Parties agree and acknowledge that each Consumer owns the exclusive right, title and interest to their data and nothing in this Agreement shall be interpreted as granting Client right to the Consumer Data except for the right to use as permitted by this Agreement and to the extent of the consent granted by each Consumer.
SECTION 8 – CONFIDENTIAL INFORMATION AND PROPRIETARY RIGHTS
8.1 Protection of Confidential Information. The Receiving Party will use the same degree of care that it uses to protect the confidentiality of its own confidential information, but in no event less than reasonable standard of care, to (a) not use any Confidential Information of the Disclosing Party for any purpose outside the scope of this Agreement and (b) except as otherwise authorized by the Disclosing Party in advance, in writing, limit access to Confidential Information of the Disclosing Party to its employees and contractors who need access to such information solely for purposes consistent with this Agreement and who have signed confidentiality agreements with the Receiving Party containing substantially similar protections for the Confidential Information as required herein. Neither party will disclose the terms of this Agreement or any Order Form to any third-party other than to its legal counsel and accountants without the other party’s prior written consent, provided that a party that makes any such disclosure to its legal counsel or accountants will remain responsible for the legal counsel’s or accountant’s compliance with this Agreement. For the avoidance of doubt, the non-disclosure obligations set forth in this “Confidential Information and Proprietary Rights” section apply to Confidential Information exchanged between the parties in connection with the evaluation of additional Truv services. Truv reserves the right to use Client’s name and logo (i) in connection with the hosting, operation and maintenance of the Products, (ii) as a reference for marketing or promotional purposes on Truv’s website, and (iii) in other communications with existing or potential Truv customers, subject to any written trademark policies Client may provide Truv in writing, upon reasonable notice.
8.2Compelled Disclosure. The Receiving Party may disclose Confidential Information of the Disclosing Party to the extent compelled by law to do so, provided it gives the Disclosing Party prior notice of the compelled disclosure (to the extent legally permitted) and reasonable assistance, at the Disclosing Party’s cost, if the Disclosing Party wishes to contest the disclosure. If the Receiving Party is compelled by law to disclose the Disclosing Party’s Confidential Information as part of a civil proceeding to which the Disclosing Party is a party, and the Disclosing Party is not contesting the disclosure, the Disclosing Party will reimburse the Receiving Party for its reasonable cost of compiling and providing secure access to that Confidential Information.
8.3Internal Use of Confidential Information. Client agrees and acknowledges that Truv may use Confidential Information, for internal compliance and audit purposes to ensure performance of the Products and may share the same with third parties engaged by Truv for the specific purpose of conducting audits, accuracy reviews, or compliance reviews who are subject to obligations of confidentiality at least as restrictive as those contained in this Agreement. Truv will be responsible for any breach of the obligations of this Section 8 (Confidential Information and Proprietary Rights) by any of those third parties, or their affiliates or subsidiaries, unless that third party has an agreement directly with Client with respect to the subject matter of this Agreement.
8.4Truv Proprietary Rights. Truv shall own and retain the exclusive right, title and interest in and to the Products, Truv Platform, API, API Keys and Documentation, all improvements, enhancements, derivative works or modifications thereto, (including all intellectual property and proprietary rights involved in the development of additional Products) whether or not developed based on Client’s suggestions or other feedback, and all intellectual property rights related to any of the foregoing. Truv shall have the right to collect and analyze data and other information relating to the Products and related systems and technologies, and Truv will be free (during and after this Agreement) to (i) use such information and data to improve and enhance the Products, and for other development, diagnostic and corrective purposes in connection with the Products and other Truv offerings and (ii) disclose such data solely in aggregate or other de-identified form in connection with its business.
SECTION 9 – INDEMNIFICATION AND LIABILITY.
9.1Client Indemnification Obligations. Client agrees to defend, indemnify, and hold harmless Truv, its parents and Affiliates, from and against all liabilities, claims, damages, and expenses (including reasonable attorney’s fees and costs) arising from or otherwise related to:
- Client’s use of the Products in a manner not authorized by this Agreement;
- any gross negligence or willful misconduct by Client in performance of this Agreement;
- Client’s breach or alleged breach of this Agreement; or
- any claim that Client’s Confidential Information, including Client’s Application if applicable, infringes the intellectual property rights of any third party.
The aforementioned indemnification responsibilities will be applicable provided Truv (i) promptly gives Client written notice of the claim against Truv, (ii) gives Client sole control of the defense and settlement of the claim against Truv (except that Client may not settle any Claim against Truv unless it unconditionally releases Truv of all liability), and (iii) gives Client all reasonable assistance, at Client’s expense. The above defense and indemnification obligations do not apply if a claim against Truv arises from Truv’s breach of this Agreement or applicable Order Forms.
9.2Truv’s Indemnification Obligations. Truv agrees to defend, indemnify, and hold harmless Client, its parents and affiliates, from and against all liabilities, claims, damages, and expenses (including reasonable attorney’s fees and costs) arising from or otherwise related to:
- the use of the Products as authorized in this Agreement infringes the Intellectual property rights of any third party;
- any gross negligence or willful misconduct by Truv in performance of this Agreement;
- Truv’s breach of this Agreement; or
- any claim that Truv’s Confidential Information infringes the Intellectual Property rights of a third party.
The above, provided Client (i) promptly gives Truv written notice of the claim against Client, (ii) gives Truv sole control of the defense and settlement of the claim against Client (except that Truv may not settle any claim against Client unless it unconditionally releases Client of all liability), and (iii) gives Truv all reasonable assistance, at Truv’s expense.
If Truv receives information about an infringement or misappropriation claim related to the Products, Truv may in its discretion and at no cost to Client (i) modify the Products so that they are no longer claimed to infringe or misappropriate, without breaching Truv’s warranties under “Truv Warranties” below, (ii) obtain a license for Client’s continued use of that Product in accordance with this Agreement, or (iii) terminate Client’s subscriptions for that Product upon 30 days’ written notice and refund Client any prepaid fees covering the remainder of the term of the terminated subscriptions. The above defense and indemnification obligations do not apply if (1) the allegation does not state with specificity that the Products are the basis of the claim against Client; (2) a claim against Client arises from the use or combination of the Products or any part thereof with software, hardware, data, or processes not provided by Truv, if the Products or use thereof would not infringe without such combination; (3) a claim against Client arises from Products under an Order Form for which there is no charge; (4) a claim against Client arises from third-party products or Client’s breach of this Agreement or applicable Order Forms; (5) the Products are used by Client for a purpose or in a manner for which the Products were not designed; or (6) use of any older version of Products software when use of a newer revision was made available by Truv to Client.
9.3Limitations of Liability. Neither Party will be liable to the other for consequential, incidental, indirect, punitive, or special damages (including loss of profits, data, business, or goodwill), from any cause of action of any kind, including any action sounding in contract, tort, breach of warranty, or otherwise. It is further agreed that each Party’s aggregate liability for direct damages in connection with a claim under this Agreement will not exceed the total amount paid or received by the respective Party in the 12 months preceding the date upon which that claim first accrued. Nothing in this Agreement excludes or limits either party’s liability for matters for which liability cannot be excluded or limited under Applicable Law, for fraud or fraudulent misrepresentation, or for death or personal injury resulting from its negligence or the negligence of its Affiliates, employees, or agents. Nothing in this agreement excludes or limits either party’s liability: (i) for any security breach incident ; (ii) under the indemnification provisions of this Agreement; (iii) for any regulatory assessments, penalties, or fines imposed on a party, or expenses incurred by a Party in connection with regulatory inquiries or enforcement actions; and (iv) for breach of any express or implied obligations of Client.
SECTION 10 – REPRESENTATIONS, AND WARRANTIES.
10.1Client Representations, and Warranties. Client represents and warrants that:
- it has full power, capacity, and authority to enter into this Agreement;
- no person’s privacy rights are being or will be infringed; and
- no Applicable Law is being violated by providing Truv with any of the information used for the Services.
Client agrees that it will comply in all material respects with Applicable Law in its use of the Services under this Agreement.
10.2Truv Representations, and Warranties. Truv represents and warrants that:
- it has full power, capacity, and authority to enter into this Agreement; and
- it will comply in all material respects with Applicable Law in performing this Agreement.
10.3Disclaimer of Warranties. Except as expressly provided in this Agreement, Truv disclaims all warranties, express and implied, including but not limited to the implied warranties of merchantability and fitness for a particular purpose. No oral or written information or advice given by Truv or its authorized representatives will create a warranty of any kind or in any way increase the scope of Truv’ obligations in this Agreement. The Products may be used to access and transfer information over the internet. Client acknowledges and agrees that Truv does not operate or control the internet and that unauthorized users may attempt to obtain access to and damage Client’s data, websites, computers, or networks. Except with respect to breaches of this Agreement, Truv will not be responsible for those activities. Client is responsible for preserving and making adequate backups of its data. Truv makes no representations or warranties regarding any Data Source account or any Consumer Data, its accuracy, completeness, or currentness. information contained in a Consumer’s Data Source account may be different from the Consumer Data obtained through the Products due to different reporting methods, or other factors outside Truv’s control. Client’s reliance on any Consumer Data is at its own risk. Furthermore, under no circumstance will Truv be responsible or liable for (a) the use of or access to any Data Source account using compromised, inaccurate, fake, or invalid Client Credentials; (b) any entry or transmission to the products of any incorrect account number, routing number, monetary amount, etc.; (c) providing any payment or other remedy for payment or deposits; or (d) lost or inaccurate information or data, resulting in whole or in part from fault or other factors attributable to other parties other than Truv.
SECTION 11 – MISCELLANEOUS.
11.1Entire Agreement. This Agreement contains the entire agreement and understanding between the Parties with respect to its subject matter and supersedes all prior and contemporaneous agreements, proposals, representations, arrangements or understandings, whether written or oral, with respect to that subject matter.
11.2Export Regulation. Client will comply with all applicable federal laws, regulations and rules that prohibit or restrict the export or re-export of the Products or Truv Platformoutside the United States (“Export Rules”), and will complete all undertakings required by Export Rules, including obtaining any necessary export license or other governmental approval.
11.3Anti-Corruption. Neither party has received or been offered any illegal or improper bribe, kickback, payment, gift, or thing of value from an employee or agent of the other party in connection with this Agreement. Reasonable gifts and entertainment provided in the ordinary course of business do not violate the above restriction.
11.4Assignment. Neither party may assign any of its rights or obligations hereunder, whether by operation of law or otherwise, without the other party’s prior written consent, such consent not to be unreasonably withheld, conditioned or delayed; provided, however, either party may assign this Agreement including the Order Form without the other party’s consent in connection with a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets. Any assignment in violation of this section shall be null and void
11.5Modifications. Client acknowledges and agrees that Truv has the right, in its sole discretion, to modify this Agreement from time to time, and that modified terms become effective on posting. Client will be notified of modifications through notifications through the Services or direct email communication from Truv. Client will be responsible for reviewing and becoming familiar with any such modifications. Certain portions of the Services may, or may in the future, have different terms and conditions posted on the website, as provided by Truv, or may require you to agree with and accept additional terms and conditions. When you use such Services and agree to the additional terms and conditions they will be incorporated into and form part of this Agreement. If there is a conflict between this Agreement and terms and conditions posted for a specific portion of the Services, the latter terms and conditions shall take precedence with respect to Client’s use of or access to that portion of the Services.
11.6Waiver. No provision of this Agreement may be waived except by a written document executed by the Party entitled to the benefits of the provision. No waiver of a provision will be deemed to be or will constitute a waiver of any other provision of this Agreement. A waiver will be effective only in the specific instance and for the purpose for which it was given and will not constitute a continuing waiver.
No delay or omission by either Party in exercising any right, power, or privilege under this Agreement will impair that right, power, or privilege, nor will any single or partial exercise of any right, power, or privilege preclude any further exercise of that right or the exercise of any other right, power, or privilege.
11.7Independent Contractor Status. Truv will act as an independent contractor of Client. Nothing contained in this Agreement shall be construed to create the relationship of employer and employee, principal and agent, partnership or joint venture, or any other fiduciary relationship. Truv has no authority to act as agent for, or on behalf of, Client, or to represent or bind Client in any manner. Truv will not be entitled to worker’s compensation, retirement, insurance, or other benefits afforded to employees of Client. Client agrees to pay all sales tax on Services, and Truv agrees to pay all tax associated with furnishing the Services, including taxes on income, receipts, and payroll and arising from Truv doing business in any particular jurisdiction.
11.8Interpretation. The titles of the sections of this Agreement are for convenience of reference only and are not to be considered in construing this Agreement. Unless the context of this Agreement clearly requires otherwise: (a) references to the plural include the singular, the singular the plural, and the part the whole; (b) the word “or” has the inclusive meaning frequently identified with the phrase “and/or”; (c) the word “including” has the inclusive meaning frequently identified with the phrase “including but not limited to” or “including without limitation”; and (d) any reference in this Agreement to any statute, rule, regulation, or agreement (including this Agreement), include its form after having been amended, restated, revised, modified, supplemented, reenacted, or succeeded.
11.9Notices. The Parties agree that notices under this Agreement will be effective if and only if in writing addressed to the recipient Party at its address below (or any other address it later provides in writing), via email, or via overnight courier service or postal mail requiring the recipient’s or its agent’s signature. Email notices will be deemed received upon the sender’s receipt of a delivery or read receipt, or, in the absence of a notice to the contrary, after one day. Physical mail will be deemed received at the time it is signed for at the destination. Any notices from Client to Truv must be sent to Truv at legal@truv.com.
11.10No Responsibility for Force Majeure Loss. Neither Party shall have any liability for any failure or delay resulting from any condition beyond the reasonable control of such party, including but not limited, an act of God, act of government, epidemics or pandemics (including any laws, orders, rules, regulations of any governing body concerning public health, quarantines, shelter in place orders, etc.) flood, fire, earthquake, civil unrest, act of terror, strike or other labor problem (other than one involving a party’s employees), internet hosting, telecommunication, or other third-party service provider failure or delay, or denial of service attack (“Force Majeure Event”).
11.11Choice of Law and Venue. This Agreement, and any disputes arising out of or related hereto, will be governed exclusively by the laws of the State of Florida, without regard to its conflicts of laws rules. Each party irrevocably consents to the exclusive jurisdiction of the state and federal courts located in Miami-Dade County, Florida for any dispute relating to this Agreement, and irrevocably and unconditionally waives any right to a trial by jury in respect of any action arising out of or relating to this Agreement or the transactions contemplated hereby. The Parties agree to exclude the application of the United Nations Convention on Contracts for the International Sale of Goods or any other similar conventions, regulations or treaties to this Agreement and the obligations hereunder.
11.12Severability. Whenever possible, each provision of this Agreement must be interpreted in a manner that makes it effective and valid under Applicable Law. If any provision of this Agreement becomes or is declared by a court of competent jurisdiction to be illegal, unenforceable or void, this Agreement will continue in full force and effect without that provision, and this Agreement will be construed to the fullest extent possible as to give effect to the intentions of the provisions found to be unenforceable or invalid. The Parties agree that a court may reform that provision so that it is reasonable under the circumstances and that that provision, as reformed, will be enforceable, except that the material intent of the Parties in entering into this Agreement must not be defeated or rendered impossible by the removal of that provision from this Agreement.
11.13Case Study. With Client’s prior consent Truv may publish a case study of the Client’s use of the Products on Truv’s websites and social media. Truv agrees that any information used for the case study will be anonymous, aggregated or de-identified prior to its publication so that this information does not allow the identification of end-user(s). Truv shall be solely responsible for the production and distribution costs of any case study.
11.14Surviving Provisions. Any of the provisions in this Agreement which expressly or impliedly by their nature should survive this Agreement will survive.
SECTION 12 – DEFINITIONS.
12.1“Affiliate” means any entity or entities that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
12.2“API” means Truv’s proprietary application programming interface.
12.3“API Key(s)” means a set of keys for the API made available by Truv to its clients. An API Key may be a production API Key or a sandbox API Key.
12.4“Applicable Law” means all international, country, federal, state, provincial, and local laws, rules, regulations, binding regulatory guidance, directives, and governmental requirements applicable to a party’s performance under this Agreement. Applicable Law includes, but is not limited to the Fair Credit Reporting Act, 15 U.S.C. § 1681 et seq., and any regulations or rules promulgated thereunder, as amended from time to time.
12.5“Client Application” means a software solution developed, offered and commercialized by or on behalf of Client in which the API shall be integrated pursuant to this Agreement.
12.6“Client User” means an employee of Client that is authorized to access and use the Products or API Keys and to whom individual and non-sharable login and password credentials (“Client Credentials”) are generated to use the Products and/or API Keys on behalf of Client and not for his/her or a third party’s benefit.
12.7“Committed Spend During Term” means the minimum amount expressed in USD that Client has agreed to pay Truv for the Products per term as outlined in the applicable Order Form.
12.8“Confidential Information” means all information disclosed by a party to this Agreement to the other party, whether orally or in writing, that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure, including, but not limited to, business, technical or financial information relating to the disclosing party’s business. Confidential Information includes, but is not limited to, Truv’s non-public information regarding features, functionality and performance of the Products, and r PII, about end-users. However, Confidential Information does not include any information that (i) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (ii) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (iii) is received from a third party without breach of any obligation owed to the Disclosing Party, or (iv) was independently developed by the Receiving Party.
12.9“Consumer” means a natural person that is the subject of any of the Products who is the end-user of the Client Application and with whom Client has a contractual relationship.
12.10“Consumer Data” means any data, information, and materials of a Consumer provided to Truv and by a Consumer through the Products directly from or through a Data Source. Consumer Data may include, without limitation, information about the Consumer’s Data Source account (e.g., login credentials), the Consumer’s name, address, telephone number, email address, financial information , employment status or details, and service ratings.
12.11“Data Source” means a third-party service with whom a Consumer has a contractual relationship, and from whom the Consumer may retrieve or direct and authorize Truv to retrieve Consumer Data through the Truv Platform and/or API Keys. The Parties acknowledge that the Consumer, not Truv or any Truv client (including, without limitation, Client), has the applicable contractual relationship with Data Sources.
12.12“Disclosing Party” means the party disclosing Confidential Information to the other party to this Agreement.
12.13“Documentation” means the documentation, usage guides and policies, as updated from time to time, and made available by Truv to the Client.
12.14“Fees” means the fees described in the applicable Order Form(s).
12.15“Order Form” means an ordering document or online order specifying the Products to be provided hereunder that is entered into between Client and Truv or any of their Affiliates. By signing the Order Form, Client and its Affiliates agree to be bound by the terms of this Agreement as if it were an original party hereto.
12.16“Permissioned Information” means data or information that is shared or accessed with the explicit consent or permission of the individual or entity to whom it pertains, i.e., the Consumers, for the specific purpose for which the owner of such information is consenting.
12.17“Personally Identifiable Information” means any depiction or representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means. Further, PII is defined as information: (i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or (ii) that indirectly identifies specific individuals in conjunction with other data elements.
12.18“Products” means the products and associated services made commercially available by Truv, as described in this Agreement, applicable Documentation and Order Form.
12.19“Prohibited Content” means content that: (i) is illegal under Applicable Law; (ii) violates any third party’s intellectual property rights, including, without limitation, copyrights, trademarks, patents, and trade secrets; (iii) contains indecent or obscene material; (iv) contains libelous, slanderous, or defamatory material, or material constituting an invasion of privacy or misappropriation of publicity rights; (v) promotes unlawful or illegal goods, Products, or activities; (vi) contains false, misleading, or deceptive statements, depictions, or sales practices; (vii) contains viruses or other destructive elements; or (viii) is otherwise objectionable to Truv in its sole, but reasonable, discretion.
12.20“Receiving Party” means the party receiving Confidential Information from the other party to this Agreement.
12.21“Territory” means the United States of America and its territories.
12.22“Truv Platform” means a software as a service product developed and owned by Truv, through which Truv, on behalf of an at the Consumer’s express authorization, retrieves Consumer Data from a Data Source and Client is enabled to receive such Consumer Data.
EXHIBIT A
SERVICE LEVEL AGREEMENTS
The Service Level Agreement included in this document shall only be applicable to the availability of Truv’s Services, and shall not apply to the availability of any Third-Party Services or websites that may be integrated into or accessible through the Products, or the ability of access or transmit data to or from Client.
1.Definitions.
-
“Product Availability” means the ratio of (i) hours that the Platform is available for access and use by Client (“Available”) (excluding Scheduled Maintenance and Force Majeure Events) in any calendar month period to (ii) the total number of hours in the period (excluding Scheduled Maintenance and Force Majeure Event hours) (i.e. (Hours Available minus Scheduled Maintenance hours minus Force Majeure Event hours) divided by (Total Hours in month minus Scheduled Maintenance hours minus Force Majeure Events)). Any periods of unavailability due to a Force Majeure Event (including general failures of the internet network backbone, the Client data center, or other Client facilities) shall not be included in the calculation of Services Availability.
-
“Scheduled Maintenance” means periods of time during which Truv temporarily interrupts the Truv Platform or Products for upgrades, maintenance, or for any other agreed upon reason or purpose, pursuant to an established framework for scheduling and managing such outages. Notice for Schedule Maintenance may be given at any time via email. Additionally, availability status and reports can be consulted at https://status.truv.com/.
2.Availability. During the Initial Term and any Renewal Term of this Agreement, Truv agrees to use all commercially reasonable efforts to make the Truv Platform and the Products available with a Product Availability of at least 99% per each calendar month.
3.Credits.
-
Credit Amount. In the event that the Product Availability in any given month falls below the level outlined in Section 2 above, then within 30 days after the end of the applicable month, Client may request the corresponding Credit which shall be applied to those Products that did not meet the Product Availability.
-
Claims for Credit. Client must make claims for a Credit to Truv’s customer support department in writing (email communication is accepted). In the event a claim is received, Truv shall investigate the claim and must respond back to Client within 14 calendar days after receipt of the claim. Truv’s response must either (i) accept the validity of the claim, or (ii) dispute the claim, including supporting details and documentation. In case of a dispute, the Parties will seek to resolve it promptly in good faith.
-
Use of Credits. At no moment shall credits represent or allocate any cash value. Instead, Truv will apply each Credit to one or more future invoices for the same Product. Credits cannot be applied to amounts due for other Products. Client’s sole and exclusive remedy, and Truv’s sole and exclusive liability, in the event of not meeting the Availability levels indicated in Section 2 above, will be the application of the Credits in accordance with the terms of this Service Level Agreement.
-
Credit Measurement. Credits for not meeting the established Availability levels outlined in Section 2, will be calculated as a percentage of the monthly pro rata share of the Client’s Committed Spend During Term as follows:
Monthly Uptime Percentage | Service Credit |
---|---|
99.00% or higher | None |
98.00%-98.99% 10% | 10% |
95.00%-97.99% | 15% |
Under 95.00% | 20% |
4.Service Level Agreement Exclusions. Truv shall not be deemed to have failed to meet the Product Availability because of the Platform’s or a Product’s unavailability, suspension, or termination caused by events beyond the reasonable control of Truv. These include, but are not limited to:
- Natural disasters, acts of terrorism, riots, insurrections, epidemics, pandemics, wars, extraordinary governmental actions, ISP provider failures or delays, and any other event reasonably considered to be an event of force majeure;
- Actions or inactions of Client or any third party not controlled by Truv;
- Failures that result from Client’s equipment, software or other technology and/or third party equipment, software or other technology; or
- Arising from non-payment or late payment of an undisputed invoice, or suspension or termination of Client’s right to use the Products because of its breach of this Agreement.
A. Error Correction. Truv will respond to errors or failures of the Products (“Errors”) within the Error Response Times set forth below and resolve or correct the Errors within the Error Resolution Times set forth below. Client, in its reasonable judgment, will determine the priority level of Errors.
Priority Level | Definition | Initial Response Time | Error Resolution Time* |
---|---|---|---|
1 – Critical | An event and/or problem that has a significant business impact, or an immediate severe impact to a core business process or an operation that is mission critical to the business. The event and/or problem may render the Services non-functional or severely limited. | 1 hour | 4 hours Truv shall promptly initiate the following procedures: (1) assign its specialists and provide escalated procedures to correct the Error on an expedited basis, and (2) provide ongoing communication to Client on the status of an Error on an hourly basis. |
2 – High | An event and/or problem that has a major business impact to Client or to a critical operation. The event and/or problem may limit the operations of the Services. | 4 hours | 24 hours Truv shall promptly initiate the following procedures: (1) assign its specialists and provide escalated procedures to correct the Error on an expedited basis, and (2) provide ongoing communication to Client on the status of an Error on an hourly basis. |
3 – Medium | An event and/or problem that disrupts the operations of the Services. A workaround is available and use of the Services can continue. | 1 day | 7 days Truv shall (1) assign its specialist to correct the Error, and (2) provide communication to Client on the status of the Error on request within 24 hours. |
4 – Low | An event and/or problem that has limited business impact, is not critical in nature, or does not have any significant impact to Client. | 1 day | Next Maintenance Release Truv shall (1) assign its specialist to correct the Error, and (2) provide communication to Client on the status of the Error on a weekly basis. |
*Error resolution time means the time to provide a fix or workaround.
“Maintenance Release” means a subsequent version of a Service that includes Error corrections and/or upgrades. Truv will use commercially reasonable efforts to provide Maintenance Releases not less than four times per year.
All users of consumer reports must comply with all applicable regulations. Information about applicable regulations currently in effect can be found at the Consumer Financial Protection Bureau’s website, www.consumerfinance.gov/learnmore.
NOTICE TO USERS OF CONSUMER REPORTS:
OBLIGATIONS OF USERS UNDER THE FCRA
The Fair Credit Reporting Act (FCRA), 15 U.S.C. 1681-1681y, requires that this notice be provided to inform users of consumer reports of their legal obligations. State law may impose additional requirements. The text of the FCRA is set forth in full at the Consumer Financial Protection Bureau’s (CFPB) website at www.consumerfinance.gov/learnmore.. At the end of this document is a list of United States Code citations for the FCRA. Other information about user duties is also available at the CFPB’s website. Users must consult the relevant provisions of the FCRA for details about their obligations under the FCRA.
The first section of this summary sets forth the responsibilities imposed by the FCRA on all users of consumer reports. The subsequent sections discuss the duties of users of reports that contain specific types of information, or that are used for certain purposes, and the legal consequences of violations. If you are a furnisher of information to a consumer reporting agency (CRA), you have additional obligations and will receive a separate notice from the CRA describing your duties as a furnisher.
I. OBLIGATIONS OF ALL USERS OF CONSUMER REPORTS
A.Users Must Have a Permissible Purpose
Congress has limited the use of consumer reports to protect consumers’ privacy. All users must have a permissible purpose under the FCRA to obtain a consumer report. Section 604 contains a list of the permissible purposes under the law. These are:
- As ordered by a court or a federal grand jury subpoena. Section 604(a)(1)
- As instructed by the consumer in writing. Section 604(a)((2)
- For the extension of credit as a result of an application from a consumer, or the review or collection of a consumer’s account. Section 604(a)(3)(A)
- For employment purposes, including hiring and promotion decisions, where the consumer has given written permission. Sections 604(a)(3)(B) and 604(b)
- For the underwriting of insurance as a result of an application from a consumer. Section 604(a)(3)(C)
- When there is a legitimate business need, in connection with a business transaction that is initiated by the consumer. Section 604(a)(3)(F)(i)
- To review a consumer’s account to determine whether the consumer continues to meet the terms of the account. Section 604(a)(3)(F)(ii)
- To determine a consumer’s eligibility for a license or other benefit granted by a governmental instrumentality required by law to consider an applicant’s financial responsibility or status. Section 604(a)(3)(D)
- For use by a potential investor or servicer, or current insurer, in a valuation or assessment of the credit or prepayment risks associated with an existing credit obligation. Section 604(a)(3)(E)
- For use by state and local officials in connection with the determination of child support payments, or modifications and enforcement thereof. Sections 604(a)(4) and 604(a)(5)
In addition, creditors and insurers may obtain certain consumer report information for the purpose of making “prescreened” unsolicited offers of credit or insurance. Section 604(c). The particular obligations of users of “prescreened” information are described in Section VII below.
B.Users Must Provide Certifications
Section 604(f) prohibits any person from obtaining a consumer report from a consumer reporting agency (CRA) unless the person has certified to the CRA the permissible purpose(s) for which the report is being obtained and certifies that the report will not be used for any other purpose.
C.Users Must Notify Consumers When Adverse Actions Are Taken
The term “adverse action” is defined very broadly by Section 603. “Adverse actions” include all business, credit, and employment actions affecting consumers that can be considered to have a negative impact as defined by Section 603(k) of the FCRA – such as denying or canceling credit or insurance, or denying employment or promotion. No adverse action occurs in a credit transaction where the creditor makes a counteroffer that is accepted by the consumer.
1.Adverse Actions Based on Information Obtained From a CRA
If a user takes any type of adverse action as defined by the FCRA that is based at least in part on information contained in a consumer report, Section 615(a) requires the user to notify the consumer. The notification may be done in writing, orally, or by electronic means. It must include the following:
- The name, address, and telephone number of the CRA (including a toll-free telephone number, if it is a nationwide CRA) that provided the report
- A statement that the CRA did not make the adverse decision and is not able to explain why the decision was made.
- A statement setting forth the consumer’s right to obtain a free disclosure of the consumer’s file from the CRA if the consumer makes a request within 60 days.
- A statement setting forth the consumer’s right to dispute directly with the CRA the accuracy or completeness of any information provided by the CRA.
2.Adverse Actions Based on Information Obtained From Third Parties Who Are Not Consumer Reporting Agencies
If a person denies (or increases the charge for) credit for personal, family, or household purposes based either wholly or partly upon information from a person other than a CRA, and the information is the type of consumer information covered by the FCRA, Section 615(b)(1) requires that the user clearly and accurately disclose to the consumer his or her right to be told the nature of the information that was relied upon if the consumer makes a written request within 60 days of notification. The user must provide the disclosure within a reasonable period of time following the consumer’s written request.
3.Adverse Actions Based on Information Obtained From Affiliates
If a person takes an adverse action involving insurance, employment, or a credit transaction initiated by the consumer, based on information of the type covered by the FCRA, and this information was obtained from an entity affiliated with the user of the information by common ownership or control, Section 615(b)(2) requires the user to notify the consumer of the adverse action. The notice must inform the consumer that he or she may obtain a disclosure of the nature of the information relied upon by making a written request within 60 days of receiving the adverse action notice. If the consumer makes such a request, the user must disclose the nature of the information not later than 30 days after receiving the request. If consumer report information is shared among affiliates and then used for an adverse action, the user must make an adverse action disclosure as set forth in I.C.1 above.
D.Users Have Obligations When Fraud and Active Duty Military Alerts are in Files
When a consumer has placed a fraud alert, including one relating to identity theft, or an active duty military alert with a nationwide consumer reporting agency as defined in Section 603(p) and resellers. Section 605A(h) imposes limitations on users of reports obtained from the consumer reporting agency in certain circumstances, including the establishment of a new credit plan and the issuance of additional credit cards. For initial fraud alerts and active duty alerts, the user must have reasonable policies and procedures in place to form a belief that the user knows the identity of the applicant or contact the consumer at a telephone number specified by the consumer; in the case of extended fraud alerts, the user must contact the consumer in accordance with the contact information provided in the consumer’s alert.
E.Users Have Obligations When Notified of an Address Discrepancy
Section 605(h) requires nationwide CRAS, as defined in Section 603(p), to notify users that request reports when the address for a consumer provided by the user in requesting the report is substantially different from the addresses in the consumer’s file. When this occurs, users must comply with regulations specifying the procedures to be followed. Federal regulations are available at www.consumerfinance.gov/learnmore.
F.Users Have Obligations When Disposing of Records
Section 628 requires that all users of consumer report information have in place procedures to properly dispose of records containing this information. Federal regulations have been issued that cover disposal.
II. CREDITORS MUST MAKE ADDITIONAL DISCLOSURES
If a person uses a consumer report in connection with an application for, or a grant, extension, or provision of credit to a consumer on material terms that are materially less favorable than the most favorable terms available to a substantial proportion of consumers from or through that person, based in whole or in part on a consumer report, the person must provide a risk-based pricing notice to the consumer in accordance with regulations prescribed by the CFPB.
Section 609(g) requires a disclosure by all persons that make or arrange loans secured by residential real property (one to four units) and that use credit scores. These persons must provide credit scores and other information about credit scores to applicants, including the disclosure set forth in Section 609(g)(1)(D) (“Notice to the Home Loan Applicant”).
III. OBLIGATIONS OF USERS WHEN CONSUMER REPORTS ARE OBTAINED FOR EMPLOYMENT PURPOSES
A.Employment Other Than in the Trucking Industry
If information from a CRA is used for employment purposes, the user has specific duties, which are set forth in Section 604(b) of the FCRA. The user must:
- Make a clear and conspicuous written disclosure to the consumer before the report is obtained, in a document that consists solely of the disclosure, that a consumer report may be obtained.
- Obtain from the consumer prior written authorization. Authorization to access reports during the term of employment may be obtained at the time of employment.
- Certify to the CRA that the above steps have been followed, that the information being obtained will not be used in violation of any federal or state equal opportunity law or regulation, and that, if any adverse action is to be taken based on the consumer report, a copy of the report and a summary of the consumer’s rights will be provided to the consumer.
- Before taking an adverse action, the user must provide a copy of the report to the consumer as well as the summary of consumer’s rights. (The user should receive this summary from the CRA.) A Section 615(a) adverse action notice should be sent after the adverse action is taken.
An adverse action notice also is required in employment situations if credit information (other than transactions and experience data) obtained from an affiliate is used to deny employment. Section 615(b)(2)
The procedures for investigative consumer reports and employee misconduct investigations are set forth below.
B.Employment in the Trucking Industry
Special rules apply for truck drivers where the only interaction between the consumer and the potential employer is by mail, telephone, or computer. In this case, the consumer may provide consent orally or electronically, and an adverse action may be made orally, in writing, or electronically. The consumer may obtain a copy of any report relied upon by the trucking company by contacting the company.
IV. OBLIGATIONS WHEN INVESTIGATIVE CONSUMER REPORTS ARE USED
Investigative consumer reports are a special type of consumer report in which information about a consumer’s character, general reputation, personal characteristics, and mode of living is obtained through personal interviews by an entity or person that is a consumer reporting agency. Consumers who are the subjects of such reports are given special rights under the FCRA. If a user intends to obtain an investigative consumer report, Section 606 requires the following:
- The user must disclose to the consumer that an investigative consumer report may be obtained. This must be done in a written disclosure that is mailed, or otherwise delivered, to the consumer at some time before or not later than three days after the date on which the report was first requested. The disclosure must include a statement informing the consumer of his or her right to request additional disclosures of the nature and scope of the investigation as described below, and the summary of consumer rights required by Section 609 of the FCRA. (The summary of consumer rights will be provided by the CRA that conducts the investigation.)
- The user must certify to the CRA that the disclosures set forth above have been made and that the user will make the disclosure described below.
- Upon the written request of a consumer made within a reasonable period of time after the disclosures required above, the user must make a complete disclosure of the nature and scope of the investigation. This must be made in a written statement that is mailed, or otherwise delivered, to the consumer no later than five days after the date on which the request was received from the consumer or the report was first requested, whichever is later in time.
V. SPECIAL PROCEDURES FOR EMPLOYEE INVESTIGATIONS
Section 603(x) provides special procedures for investigations of suspected misconduct by an employee or for compliance with Federal, state or local laws and regulations or the rules of a self-regulatory organization, and compliance with written policies of the employer. These investigations are not treated as consumer reports so long as the employer or its agent complies with the procedures set forth in Section 603(x), and a summary describing the nature and scope of the inquiry is made to the employee if an adverse action is taken based on the investigation.
VI. OBLIGATIONS OF USERS OF MEDICAL INFORMATION
Section 604(g) limits the use of medical information obtained from consumer reporting agencies (other than payment information that appears in a coded form that does not identify the medical provider). If the information is to be used for an insurance transaction, the consumer must give consent to the user of the report or the information must be coded. If the report is to be used for employment purposes or in connection with a credit transaction (except as provided in federal regulations) – the consumer must provide specific written consent and the medical information must be relevant. Any user who receives medical information shall not disclose the information to any other person (except where necessary to carry out the purpose for which the information was disclosed, or as permitted by statute, regulation, or order).
VII. OBLIGATIONS OF USERS OF “PRESCREENED” LISTS
The FCRA permits creditors and insurers to obtain limited consumer report information for use in connection with unsolicited offers of credit or insurance under certain circumstances. Sections 603(1), 604(c). 604(e), and 615(d). This practice is known as “prescreening” and typically involves obtaining from a CRA a list of consumers who meet certain preestablished criteria. If any person intends to use prescreened lists, that person must (1) before the offer is made, establish the criteria that will be relied upon to make the offer and to grant credit or insurance, and (2) maintain such criteria on file for a three-year period beginning on the date on which the offer is made to each consumer. In addition, any user must provide with each written solicitation a clear and conspicuous statement that:
- Information contained in a consumer’s CRA file was used in connection with the transaction.
- The consumer received the offer because he or she satisfied the criteria for credit worthiness or insurability used to screen for the offer.
- Credit or insurance may not be extended if, after the consumer responds, it is determined that the consumer does not meet the criteria used for screening or any applicable criteria bearing on credit worthiness or insurability, or the consumer does not furnish required collateral.
- The consumer may prohibit the use of information in his or her file in connection. with future prescreened offers of credit or insurance by contacting the notification system established by the CRA that provided the report. The statement must include the address and toll-free telephone number of the appropriate notification system.
In addition, the CFPB has established the format, type size, and manner of the disclosure required by Section 615(d), with which users must comply. The relevant regulation is 12 CFR 1022.54.
VIII. OBLIGATIONS OF RESELLERS
A.Disclosure and Certification Requirements
Section 607(e) requires any person who obtains a consumer report for resale to take the following steps:
- Disclose the identity of the end-user to the source CRA.
- Identify to the source CRA each permissible purpose for which the report will be furnished to the end-user.
- Establish and follow reasonable procedures to ensure that reports are resold only for permissible purposes, including procedures to obtain:
(1) the identity of all end-users;
(2) certifications from all users of each purpose for which reports will be used; and
(3) certifications that reports will not be used for any purpose other than the purpose(s) specified to the reseller. Resellers must make reasonable efforts to verify this information before selling the report.
B.Reinvestigations by Resellers
Under Section 611(f), if a consumer disputes the accuracy or completeness of information in a report prepared by a reseller, the reseller must determine whether this is a result of an action or omission on its part and, if so, correct or delete the information. If not, the reseller must send the dispute to the source CRA for reinvestigation. When any CRA notifies the reseller of the results of an investigation, the reseller must immediately convey the information to the consumer.
C.Fraud Alerts and Resellers
Section 605A(f) requires resellers who receive fraud alerts or active duty alerts from another consumer reporting agency to include these in their reports.
IX. LIABILITY FOR VIOLATIONS OF THE FCRA
Failure to comply with the FCRA can result in state government or federal government enforcement actions, as well as private lawsuits. Sections 616, 617, and 621. In addition, any person who knowingly and willfully obtains a consumer report under false pretenses may face criminal prosecution. Section 619.
The CFPB’s website, www.consumerfinance.gov/learnmore., has more information about the FCRA, including publications for businesses and the full text of the FCRA.
Citations for FCRA sections in the U.S. Code, 15 U.S.C. § 1681 et seq.:
- Section 602
- Section 603
- Section 604
- Section 605
- Section 605A
- Section 605B
- Section 606
- Section 607
- Section 608
- Section 609
- Section 610
- Section 611
- Section 612
- Section 613
- Section 614
- 15 U.S.C. 1681
- 15 U.S.C. 1681a
- 15 U.S.C. 1681b
- 15 U.S.C. 1681c
- 15 U.S.C. 1681c-1
- 15 U.S.C. 1681c-2
- 15 U.S.C. 1681d
- 15 U.S.C. 1681e
- 15 U.S.C. 1681f
- 15 U.S.C. 1681g
- 15 U.S.C. 1681h
- 15 U.S.C. 1681i
- 15 U.S.C. 1681j
- 15 U.S.C. 1681k
- 15 U.S.C. 1681l
- Section 615
- Section 616
- Section 617
- Section 618
- Section 619
- Section 620
- Section 621
- Section 622
- Section 623
- Section 624
- Section 625
- Section 626
- Section 627
- Section 628
- Section 629
- 15 U.S.C. 1681m
- 15 U.S.C. 1681n
- 15 U.S.C. 1681o
- 15 U.S.C. 1681p
- 15 U.S.C. 1681q
- 15 U.S.C. 1681r
- 15 U.S.C. 1681s
- 15 U.S.C. 1681s-1
- 15 U.S.C. 1681s-2
- 15 U.S.C. 1681t
- 15 U.S.C. 1681u
- 15 U.S.C. 1681v
- 15 U.S.C. 1681w
- 15 U.S.C. 1681x
- 15 U.S.C. 1681y
Ready to
Get Started?
Ready to Get Started?
Talk to our team about driving growth for your organization or access the developer portal today.
