PHONE NUMBER VALIDATION | ID NUMBER 200302

• The Supplier hosts the Supplier Data
• The Supplier is a processor of End User Data appointed by GBG in its capacity as an independent controller
• The Supplier is located in the United States of America
• The Supplier is located outside of the EEA
• GBG has an arrangement in place with the Supplier to maintain appropriate safeguards
The Supplier Data used to provide Phone Number Validation Dataset is supplied by GBG’s Supplier, Twilio Inc. GBG is obliged under the terms of its agreement with its Supplier to ensure that all End Users agree to comply with the following licensing provisions:

1. DEFINITIONS
1.1. In these Additional Terms, the following definitions shall apply, in addition to the definitions set out in the General Terms and Product Terms:
“End User Data” means any data provided to GBG by the End User for processing in accordance with the terms of the Agreement including where relevant any personal data.
“Permitted Purpose” means the purposes, restrictions and/or conditions for the use of the Dataset outlined by the Supplier as set out in clauses 2.2 – 2.5 below, in addition to the Customer Use Case set out in the Agreement and at clause 2.1.
"Standard Contractual Clauses" means: (i) where the EU GDPR applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council ("EU SCCs"); and (ii) where the UK GDPR applies, standard data protection clauses in the form of the International Data Transfer Addendum to the EU Commission Standard Contractual Clauses adopted pursuant to or permitted under Article 46 of the UK GDPR ("UK SCCs")
“Supplier Services” means the Supplier’s platform services, which includes all of its programs, features, functions and report forma included in GBG’s own products and services.

2. USE OF THE DATASET
2.1. This Dataset may only be used for the Customer Use Cases detailed below, provided that such Customer Use Case is selected on the End User's Order Form, the End User complies with any use case restriction set out in the Agreement and the End User agrees that it shall not use the Dataset for anything other than the Permitted Purpose:
• Data Quality
2.2. In addition to the Customer Use Case restrictions contained within clause 2.1 (including any conditions that apply to that Customer Use Case) the following terms set out in clauses 2.3-2.5 shall also apply.
2.3. The End User must not use this Dataset to transmit or store any content or communications (commercial or otherwise) that is illegal, harmful, unwanted, inappropriate, objectionable, confirmed to be criminal misinformation, or otherwise poses a threat to the public. This prohibition includes use of this Dataset by a hate group or content or communications that originate from a hate group or are exploitive, abusive, or hate speech.
2.4. The End User agrees not to use this Dataset to engage in or encourage any activity that is illegal, deceptive, harmful, violating others’ rights, or harmful the Supplier’s business operations or reputation, including:
(a) Violations of Laws. Violating laws, regulations, governmental orders, or industry standards or guidance in any applicable jurisdiction (collectively, “Applicable Laws”). This includes violating Applicable Laws requiring (a) consent be obtained prior to transmitting, recording, collecting, or monitoring data or communications or (b) compliance with opt-out requests for any data or communications.
(b) Interference with the Supplier Services. Interfering with or otherwise negatively impacting any aspect of the Supplier Services or any third-party networks that are linked to the Supplier Services.
(c) Reverse Engineering. Reverse engineering, copying, disassembling, or decompiling the Supplier Services.
(d) Falsification of Identity or Origin. Creating a false identity or any attempt to mislead others as to the identity of the sender or the origin of any data or communications.
2.5. The End User must not violate the integrity of the Supplier Services, including:
(a) Bypassing Service Limitations. Attempting to bypass, exploit, defeat, or disable limitations or restrictions placed on the Supplier Services.
(b) Security Vulnerabilities. Finding security vulnerabilities to exploit the Supplier Services or attempting to bypass any security mechanism or filtering capabilities.
(c) Disabling the Supplier Services. Any denial of service (DoS) attack on the Supplier Services or any other conduct that attempts to disrupt, disable, or overload the Supplier Services.
(d) Harmful Code or Bots. Transmitting code, files, scripts, agents, or programs intended to do harm, including viruses or malware, or using automated means, such as bots, to gain access to or use the Supplier Services.
(e) Unauthorized Access. Attempting to gain unauthorized access to the Supplier Services.

3. DATA PROTECTION AND COMPLIANCE WITH RELEVANT LAWS
3.1. The Supplier Data used to provide you with this Dataset is hosted by the Supplier in the United States. In order to deliver this Dataset, the Supplier shall receive and process End User Data in its capacity as a processor.
3.2. GBG has entered into Standard Contractual Clauses with the Supplier to ensure safe onward transit of End User Data.