• Supplier hosts the Supplier Data
• Supplier is a Sub-processor of Client Information
• Supplier receives and processes Client Information
• Client Information includes Personal Data
• The Sub-processor is located in the United Kingdom
• The Sub-processor is based within the EEA

The Supplier Data that GBG uses to provide the Global PEP and Global Sanctions check is supplied by GBG’s Data Supplier. GBG is obliged under the terms of its agreement with GBG’s Data Supplier to ensure that all End Users agree to comply with the following provisions:

1. DEFINITIONS

In these Additional Terms the following definitions shall apply, in addition to the definitions set out int he General Terms: 

“Identity Verification” means validating that the claimed identity of an individual or company actually exists and verifying that the person or company who lays claim to said identity is actually who they claim to be. 

“PEP Screening” means screening for political risk of any nature.

“Permitted Purpose” means the use of this element of the Service for the purposes of Identity Verification, Sanctions Checking and/or PEP Screening

“Sanctions Check” means screening for any sanctions against any party imposed by any governmental of official body.

2. USE OF THE SERVICE

2.1 The End User may only use the Global PEP and Global Sanction check for the Permitted Purpose.

The terms “consumer reporting agency,” “consumer report,” “permissible purposes,” and “adverse action” utilised within clause 2 shall adhere to the definitions ascribed to them under the Fair Consumer Reporting Act, 15 U.S.C. §1681 et seq. (“FCRA”).

2.2 If the End User processes personal data belonging to data subjects residing in the United States or any of its territories then clauses 2.2-2.4 below shall apply.
2.3 THE END USER ACKNOWLEDGES AND AGREES THAT (A) GBG DOES NOT QUALIFY AS A “CONSUMER REPORTING AGENCY”, (B) THAT THIS DATASET PROVIDED BY GBG TO END USER HEREUNDER DO NOT CONSTITUTE “CONSUMER REPORTS,” AND (C) THAT THIS DATASET IS EXCLUSIVELY PROVIDED FOR IDENTITY VERIFICATION AND FRAUD PREVENTION, AND THEREFORE IT SHALL NOT USE THIS DATASET AS A FACTOR TO DETERMINE ELIGIBILITY FOR CREDIT, INSURANCE, EMPLOYMENT, OR ANY OTHER PERMISSIBLE PURPOSES UNDER THE FCRA OR ANY OTHER SIMILAR APPLICABLE CONSUMER CREDIT LAW IN THE UNITED STATES OR OTHERWISE.

2.4 The End User agrees that it shall not consider the use of this Dataset as a “permissible purpose” to obtain a credit report under the FCRA or consider the use of any of the information or Results it receives from this Dataset to take any “adverse action” based in whole or in part on any information provided by this Dataset as that term is defined in the FCRA. Furthermore, End User shall not use any data provided by this Dataset for marketing purposes. If at any time, GBG determines, in its sole and reasonable discretion, that End User is not using this Dataset provided under the Agreement in compliance with any of the foregoing, GBG may immediately terminate the Agreement without notice and without waiving any claim for damages.
2.5 The End User further agrees that it shall not use any information and/or Results it receives through this Dataset: (i) in violation of the provisions and regulations of the Drivers Privacy Protection Act (18 U.S.C. Section 2721 et seq.); or (ii) in violation of such other future legislation that GBG reasonably determines limits the use of this Dataset.

3. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS

3.1 The Supplier Data used to provide the End User with this element of the Service is hosted by the Data Supplier. In order to perform the Services, the Data Supplier shall act as Sub-processor of the Client Information (including any Personal Data supplied) for the sole purpose of delivering this element of the Service. The End User authorises GBG to appoint the Data Supplier as Sub-Processor for the purposes specified in this clause 3.1.

3.2 The Data Supplier is based in the United Kingdom which is located within the EEA. On this basis, Personal Data is not transferred outside of the EEA in order to provide End Users with access to this element of the Service.