ConnectID End User Terms

  1. Identity Data

1.1 Digital Identity Transactions

(a) We are a participant in a digital identity network, ConnectID, that enables you to request various organisations with whom you have a relationship (Identity Providers) to provide identity and attribute information (together Identity Data) about you to us. This can help streamline our interactions with you. Identity Data may include identity and attribute information such as your

(b) This “Identity Service” is only available where the eligibility criteria set out in section 1.2 have been met, where we have enabled the “Identity Service” for the relevant product or service you wish to use and where the Identity Provider holds valid accreditation as part of ConnectID.

(c) The “ConnectID Network” facilitates the transfer of Identity Data on a bilateral basis between us and the Identity Provider (each a Digital Identity Transaction). However, the ConnectID Operator does not access or hold your Identity Data and the transfer of Identity Data occurs directly from the relevant Identity Provider to us.

(d) Any Digital Identity Transaction is at your request and option, and any Identity Data will only be provided by the Identity Provider selected by you and with your express consent. If you do not provide your consent, the Digital Identity Transaction will not be performed and we will provide you with an alternative option to provide your Identity Data or have your identity verified, other than through ConnectID.

(e) Further, each Digital Identity Transaction is a one-off transfer of Identity Data, and any further transfers of Identity Data, including any transactions where you ask the same Identity Provider to provide us your Identity Data, will require further consent from you and a new Digital Identity Transaction.

1.2 Eligibility

You will only be able to perform a Digital Identity Transaction if:

(a) you have a digital account enabled with the relevant Identity Provider and have verified your identity and certain core Identity Data (such as your name, telephone number, email and date of birth) with the Identity Provider within the prior 5 years; and

(b) you meet the minimum age requirements set out in the relevant Identity Provider’s terms of service for ConnectID.

 

  1. Customer acknowledgments

(a) You acknowledge and agree that:

(i) any Digital Identity Transaction requested by you using the “Identity Service” is governed by these terms;

(ii) you will be asked by the Identity Provider to review the Identity Data to be transferred to us to verify its accuracy and to expressly consent to such transfer;

(iii) where you consent to the transfer of Identity Data to us from an Identity Provider:

(A) we may collect, use and disclose the Identity Data as consented to by you as part of the Digital Identity Transaction, and for secondary purposes where you have further consented to such secondary purposes or where the secondary purposes are otherwise permitted by applicable privacy law, our terms with you and our Privacy Policy;

(B) the Identity Provider will no longer control and will not be responsible for the security or handling of any Identity Data that has been transferred by the relevant Identity Provider to us, and and our Privacy Policy will govern our handling of Identity Data, not the terms you have with the Identity Provider nor the Identity Provider’s privacy policy; and

(C) if we suffer a security or data incident that impacts your Identity Data, you consent to us providing to the Identity Provider information about such incident, including your Personal Information and the Identity Data impacted by the incident, which the Identity Provider may use to seek to prevent or respond to cyber security incidents, fraud, scam activity or identify theft;

(iv) neither us nor the ConnectID Operator endorse or make any representations or recommendations in respect of any Identity Providers, including in respect of the suitability of their security or privacy practices; and

(v) both us and the ConnectID Operator exclude all liability to you to the maximum extent permitted by law in connection with any acts or omissions of the Identity Provider.

(b) The exclusions in this section that relate to the ConnectID Operator are held on trust by us for the ConnectID Operator. This means that, although the ConnectID Operator is not a party to these terms, it can rely on your acknowledgment of and agreement to these exclusions.

We do not participate in the Consumer Data Right scheme.

  1. Withholding service

We may withdraw or suspend the Identity Service at any time. We may also, or the relevant Identity Provider may, be unable to make available the “Identity Service” or process Digital Identity Transactions relating to you for a number of reasons, including if:

(a) the underlying transaction that you are conducting with us is not a transaction for which we are able to utilise the “Identity Service”;

(b) you do not meet the eligibility requirements set out in section 1.2 or the relevant Identity Provider is not otherwise able to supply the requested Identity Data;

(c) there are suspicions on reasonable grounds that any fraud (including identity fraud) or security incident has or may be occurring in connection with you, the Digital Identity Transaction or the relevant Identity Provider;

(d) our participation in the “ConnectID Network” has been suspended or terminated; or

(e) there are grounds to believe that the Digital Identity Transaction requires intervention, for example because it relates to you as a vulnerable person.

  1. Fees

We will not charge you any fees to perform a Digital Identity Transaction for you.

  1. Access and updates to your Identity Data

(a) You can request access to, or correction of, your Personal Information held by us by contacting us in accordance with the procedures set out in our Privacy Policy.

(b) For clarity, where you update your record of Personal Information with us, this will not update your record with an Identity Provider. You will be required to separately contact the relevant Identity Provider to update the Personal Information they hold about you.

(c) If you have any suspicions of fraud in relation to your identity or account with us or any Digital Identity Transaction that you did not authorise, you must notify us as soon as possible.

  1. Complaints

If you have any complaints or disputes relating to our participation in a Digital Identity Transaction relating to you, please contact us at compliance@gbgplc.com. However, please note that if your complaint or dispute relates to activities of an Identity Provider that you asked to disclose Identity Data to us, we may direct you to contact that Identity Provider directly.

  1. Dictionary

7.1 Definitions

ConnectID Operator means ConnectID Pty Ltd or its Related Bodies Corporate (as this term is defined in the Corporations Act 2001 (Cth)).

Digital Identity Transaction has the meaning given in section 1.1(c).

Identity Data has the meaning given in section 1.1(a).

Identity Provider has the meaning given in section 1.1(a).

Personal Information means personal information, as that term is defined in the Privacy Law.

Privacy Law means the Privacy Act 1988 (Cth) and any privacy legislation which applies to you from time to time in force in Australia.

Privacy Policy means our privacy policy as amended from time to time and available here

We means GBG greenID. Any other grammatical form of the word “we” has a corresponding meaning.

You means the customer, member, client, service recipient or other person that we provide services to from time to time. Any other grammatical form of the word “you” has a corresponding meaning.