Proof

Individual Digital Certificate Supplement

The Individual Digital Certificate Supplement, incorporated into the Proof General Terms, outlines that Proof may issue an Individual Digital Certificate to a User upon verifying their application, requires the Individual to protect their Private Key and associated credentials, mandates accurate information provision, and obligates the Individual to request certificate revocation if their information changes, all subject to specified terms, conditions, and validity periods.

This Individual Digital Certificate Supplement is attached to and incorporated into the Proof General Terms (“General Terms”). Capitalized terms not otherwise defined have the meanings given in the General Terms, the Proof Glossary, or the Order Form.

1. Applicability

This Individual Digital Certificate Supplement applies to a User in an individual capacity (“Individual”), if Proof provides the Individual with an Individual Digital Certificate.

2. General

Proof will use commercially reasonable efforts to verify the information provided by Individual when requesting an Individual Digital Certificate (an “Application”). If Proof accepts Individual’s Application, Proof will provide the Individual Digital Certificate to Individual, as an Individual, subject to the terms, conditions, and restrictions stated in the Agreement. Proof has no obligation to provide the Individual Digital Certificate to Individual. Proof will inform Individual of the length of time that the Individual Digital Certificate is valid. At the end of that validity period, Individual must submit a new Application for an Individual Digital Certificate.

3. Obligations and Restrictions on Use

3.1 Protection of Private Key

Individual must protect the Private Key included in an Individual Digital Certificate. A “Private Key” means part of a key pair, along with the corresponding public key, that is kept secret. Individual must take all reasonable measures to protect Individual’s account, Private Key, and any associated activation data or device (such as a password, pass phrase, or token) from unauthorized use and disclosure.

3.2 Individual’s Obligations

As a condition of issuance and use of an Individual Digital Certificate, Individual acknowledges and agrees that Individual must:

  • (a) provide accurate and complete information as part of the Application;
  • (b) request revocation of the Individual Digital Certificate, if information, including name and email address, provided by Individual changes or if Individual discovers or suspects that Individual’s Private Key was misused or compromised;
  • (c) notify Proof if Individual discovers or suspects that Individual’s Proof account has been compromised;
  • (d) fully cooperate with Proof by providing information, assistance, and cooperation as a result of any compromise of the Individual Digital Certificate or the Private Key;
  • (e) not use the Individual Digital Certificate for any purpose other than the purpose(s) designated by Proof; and
  • (f) use the Individual Digital Certificate in accordance with all applicable laws and regulations.

4. Representations and Warranties

Individual represents and warrants that Individual:

  • (a) provided true and correct information in the Application and there is no additional information necessary to make the information submitted materially accurate and complete;
  • (b) has the full legal right and authority to obtain an Individual Digital Certificate;
  • (c) has protected and secured the Private Key; and
  • (d) has full legal rights to use the Individual Digital Certificate as part of the Proof Services.

5. Revocation

5.1 Revocation

Proof, in its sole discretion, may revoke an Individual Digital Certificate if Proof discovers or reasonably suspects that the Individual Digital Certificate or any element of the Individual Digital Certificate:

  • (a) has been compromised;
  • (b) is being used in connection with any illegal activities, such as phishing attacks or fraud;
  • (c) is being used in connection with activities that violate industry norms for acceptable network use, such as hate speech, defamation, intellectual property infringement, non-consensual sex acts or child pornography, network abuse, bulk correspondence (spam), etc.;
  • (d) the continued use of the Individual Digital Certificate presents a risk to the security or integrity of the public key infrastructure (“PKI”) or presents any other risk to its business, its reputation, Relying Parties, or other users;
  • (e) Individual is engaged in conduct that is illegal or would be grounds for revocation of the Individual Digital Certificate under this Individual Digital Certificate Supplement; or
  • (f) other grounds stated in documents maintained by Relying Parties.

Revocation of the Individual Digital Certificate may also be backdated to protect Internet users and the PKI. “Relying Parties” include any and all entities that rely upon the information contained within the Individual Digital Certificate.

5.2 Other

An Individual Digital Certificate may be revoked if Proof ceases doing business or is no longer allowed to issue Individual Digital Certificates and no other certificate provider is willing to provide revocation support.

5.3 Expired and Revoked Individual Digital Certificates

Individual may not use any revoked or expired Individual Digital Certificate. Individual may not use any Private Key associated with Individual’s revoked or expired Individual Digital Certificate(s) except to decrypt previously encrypted data associated with Individual’s Private Key.

6. Indemnification

Individual will indemnify, defend, and hold Proof, its affiliates and their officers, directors, employees, agents and representatives harmless from and against any and all costs, damages, liabilities or expenses (including reasonable attorneys’ fees) arising from any third-party claims resulting from:

  • (a) Individual’s misrepresentation of, or omission, of any material fact in the Application or otherwise submitted to Proof for purposes of the Individual Digital Certificate, regardless of whether such misrepresentation or omission was intentional or unintentional;
  • (b) the compromise or unauthorized use or disclosure of an Individual Digital Certificate or a Private Key; and
  • (c) Individual’s misuse of an Individual Digital Certificate or Private Key.

Individual’s obligations under this Section 6 are conditioned on Proof:

  • (x) giving prompt notice of the claim to Individual,
  • (y) granting sole control of the defense or settlement of the claim to Individual, and
  • (z) providing reasonable cooperation to Individual at Individual's request and expense.

Proof may participate in the claim’s defense at its sole cost and expense. Individual will not enter into any settlement that adversely affects Proof’s interests without prior written approval, not to be unreasonably withheld. Individual is not responsible for any settlement it does not approve in writing.

Incident Priority Levels and Resolution

Priority Level Conditions

  • Level 1 (Critical Business Impact): The Incident seriously affects the functionality of the Services (or component thereof) and cannot be circumvented such that most of the significant functionality of the Services (or component thereof) is available.
  • Level 2 (Significant Business Impact): The Incident partially affects the functionality of the Services (or component thereof), but can be circumvented so that most of the significant functionality of the Services (or component thereof) is available.
  • Level 3 (Minimal Business Impact): The Incident can be circumvented such that the Services (or component thereof) can be used with only slight inconvenience. The problem can be considered insignificant and has no significant effect on the usability of the Services (or component thereof).

Conditions for Closure of Help-Desk Ticket

  • Level 1: The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
  • Level 2: The Incident is considered resolved and closed when an Incident Resolution has been fully implemented.
  • Level 3: The Incident is considered resolved and closed when one of the following occurs: (i) an Incident Resolution has been fully implemented, or (ii) 10 business days have elapsed since Proof’s communication of the information that Proof reasonably believes will resolve the Incident (communicated by email to Subscriber’s designated contact for such Incident), and Subscriber has not responded to Proof. The Incident can be reopened later if it has not been resolved.

On-Demand Notary Availability Downtime Credits

  • Up to 240 minutes: No On-Demand Notary Downtime Credit
  • 241-360 minutes: 1%
  • 361-480 minutes: 3%
  • 481-600 minutes: 5%
  • 601 minutes or greater: 7%

Platform Availability Percentage and Downtime Credits

  • 99.9% or higher: No Platform Downtime Credit
  • 97% - 99.9%: 1%
  • 95% - 97%: 3%
  • 93% - 95%: 5%
  • Below 93%: 7%

Incident Priority Response Times

Incident PriorityAcknowledgement Time (During Business Hours)Provision of Incident Resolution or Interim ProcessIf Interim Process is provided, Maximum Timeframe for Provision of Incident Resolution
Level 11 hour8 hours36 hours
Level 24 hours24 hours5 days

Personal Information Categories (California)

Personal Identifiers

  • Sources: Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction; credential analysis companies; identity verification services.
  • For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
  • For job applicants: Assess your application; satisfy legal obligations.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; single sign-on providers; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

California Customer Records Personal Information

  • Sources: Directly from you; counterparties in a transaction; credential analysis companies; identity verification services.
  • For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
  • For job applicants: Process your application; satisfy legal obligations.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Characteristics of Protected Classifications

  • Sources: Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction; credential analysis companies; identity verification services.
  • For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you; meet our legal obligations.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Commercial Information

  • Sources: Directly from you; indirectly from you as you navigate or use our Services; notaries; data analytics providers; social networks; advertising networks; internet or mobile service providers; counterparties in a transaction.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you; meet our legal obligations; maintain transaction records.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Biometric Information

  • Sources: Directly from you; indirectly from you as you navigate or use our Services; internet or mobile service providers; credential analysis companies; identity verification services.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; meet our legal obligations; maintain transaction records.
  • Recipients: Affiliates; technology service providers.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Internet and Other Electronic Network Activity Information

  • Sources: Indirectly from you as you navigate or use our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
  • Purpose: Provide you with our Services; detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity; verify, maintain, improve, upgrade, or enhance a service or device that is owned or controlled by us; identify and repair errors; advertise or marketing to you; perform analytics.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; single sign-on providers; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Geolocation Data

  • Sources: Indirectly from you; devices you use to access our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
  • Purpose: Provide you with our Services; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
  • Recipients: Advertising networks; social networks; technology service providers; customer relationship management providers; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Sensory Data

  • Sources: Directly from you; indirectly from you as you navigate or use our Services; internet or mobile service providers; credential analysis companies; identity verification services.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; meet our legal obligations; maintain transaction records.
  • Recipients: Affiliates; technology service providers; counterparties in a transaction.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.

Professional or Employment-Related Information

  • Sources: Directly from you; notaries; data analytics providers; social networks; advertising networks; counterparties in a transaction; credential analysis companies; identity verification services.
  • For job applicants: directly from you; background check providers; recruiters; recruiting software providers.
  • Purpose: Provide you with our Services; communicate with you; protect and secure our environment; verify, maintain, improve, upgrade, or enhance a product or service; identify and repair errors; advertise or market to you.
  • For job applicants: Process your application.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; payment processors; mobile application platforms; tag management platforms; video sharing platforms; notaries; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; counterparties in a transaction; collaboration software providers; customer engagement and communication platforms; identity verification and anti-fraud solution providers; background screening companies; mortgage process digitization providers; electronic signature and digital transaction management providers; financial services companies.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.
  • For job applicants: Barring any legally required additional retention period, up to 7 years for non-hired applicants.

Non-public Education Information

  • For job applicants: directly from you; recruiting software providers; background check providers; recruiters.
  • For job applicants: Process your application.
  • Recipients: Affiliates; background screening companies; technology service providers.
  • For job applicants: Barring any legally required additional retention period, up to 7 years for non-hired applicants.

Inferences Drawn from Information

  • Sources: Indirectly from you; devices you use to access our Services; data analytics providers; social networks; advertising networks; internet or mobile service providers.
  • Purpose: Provide you with our Services; advertise or market to you; perform analytics; maintain, improve, upgrade, or enhance a product or service.
  • Recipients: Affiliates; advertising networks; social networks; technology service providers; customer relationship management providers; mobile application platforms; tag management platforms; video sharing platforms; customer support platforms; data analytics providers; marketing platforms; mobile linking platforms; collaboration software providers; customer engagement and communication platforms; web mapping platforms.
  • Retention: The length of your business relationship with us plus any legally required additional retention period for this category of Personal Information following conclusion of your business relationship with us or as long as business needs require, whichever is longer.