User Agreement

Secure Business Services, Inc.,
Relying Party Agreement ("Agreement")

Please read this document carefully before proceeding. You must not validate, rely on or use a Secure Business Services, Inc. (“SBS”) issued Digital Certificate, TrustLogo, or access or use any service provided by SBS before reading and accepting the terms of this Relying Party Agreement and reading and understanding the SBS Certification Practice Statement (“SBS CPS”). In any event you will be deemed to have accepted the terms of this Agreement if you validate, rely on or use a Digital Certificate or use the TrustLogo Service.

1. Application of Terms

1.1. These terms and conditions set out in this Agreement govern the relationship between you (the "Relying Party") and SBS with regard to the Relying Party's:

1.1.1. Validation, reliance on or use of a Digital Certificate and the information and public key contained within for the purpose of verifying a Digital Signature and decrypting a message set out in that Certificate; and

1.1.2. Use of the Repository.

1.2. By accessing a Certificate, the Relying Party consents to the terms and conditions in this Agreement and is deemed to have read and understood the SBS CPS.

2. Definitions

2.1. In this Agreement the following terms and expressions shall have the following meanings:

2.1.1. "Business Day" means Monday through Friday, but does not include any days recognized by the United States government as holiday;

2.1.2. "Certificate Chain" means the chain of Digital Certificates which may arise due to the issuing of a Digital Certificate by a Subordinate Certification Authority;

2.1.3. "SBS CPS" means the certification practice statement released by SBS as amended from time to time;

2.1.4. "CRL" means SBS’ certificate revocation list;

2.1.5. "Digital Certificate" means an encrypted electronic data file (conforming to the X509 version 3 ITU-T standard) issued by SBS in order to identify a person or entity or to provide SSL encryption using a Digital Signature or entity and which contains the identity of the person authorized to use the Digital Signature and a copy of their Public Key, a serial number, a time period during which the Digital Certificate may be used and a Digital Signature issued by SBS;

2.1.6. "Subscriber Agreement" means the agreement entered into between SBS and the Subscriber for the provision of a Digital Certificate;

2.1.7. "Digital Signature" means an encrypted electronic data file which is attached to or logically associated with other electronic data and which identifies and is uniquely linked to the signatory of the electronic data, is created using means that the signatory can maintain under its sole control and is linked in a way so as to make any subsequent changes that have been made to the electronic data detectable;

2.1.8. "Force Majeure Event" means any circumstances beyond the reasonable control of SBS including without prejudice to the generality of the foregoing any natural disaster, act or regulation of any governmental or supra-national authority, lack or shortage of materials supplied by a third party (other than where such circumstances arise due to lack of reasonable planning), war or natural emergency, accident, epidemic, fire or riot;

2.1.9. "Prescribed Details" means the following details:

2.1.9.1. Indication that Digital Certificate is issued as a "qualified certificate;"

2.1.9.2. SBS’ name and state of establishment;

2.1.9.3. Name of Subscriber or Subscriber's pseudonym (to be identified as such);

2.1.9.4. Provision for inclusion of a specific attribute of Subscriber, if relevant and depending on purpose of Certificate;

2.1.9.5. Public Key corresponding to the Private Key under the control of the Subscriber;

2.1.9.6. Indication of the beginning and end period of validity of the Digital Certificate;

2.1.9.7. Identity code of the Digital Certificate;

2.1.9.8. SBS’ Digital Signature;

2.1.9.9. Limitations on the scope of use of the Certificate, if any; and

2.1.9.10. Limitations on the value of transactions for which the Certificate can be used, if any;

2.1.10. "Private Key" means a confidential encrypted electronic data file designed to interface with a Public Key using the same encryption algorithm and which may be used to create Digital Signatures, encrypt and decrypt files or messages and provide proof of identities to access secure websites;

2.1.11. "Public Key" means a publicly available encrypted electronic data file designed to interface with a Private Key using the same encryption algorithm and which may be used to verify Digital Signatures, encrypt and decrypt files or messages and verify identities to access secure websites;

2.1.12. "Repository" means a publicly available collection of databases for storing and retrieving Digital Certificates and other information relating to Digital Certificates and which may be accessed via SBS’ website;

2.1.13. "Subscriber" means a person who is issued a Digital Certificate signed by SBS and who has entered into a Digital Certificate Subscription Agreement;

2.1.14. "Subordinate Certification Authority" means SBS or any third party appointed by SBS to act as a certification authority;

2.1.15. "IdAuthority Service" means the service provided by SBS pursuant to this Agreement and utilizing any IdAuthority enabled software which is used to verify and retrieve IdAuthority Certificates and display certain information from the IdAuthority Certificates on the IdAuthority Enabled Applications;

2.1.16. "IdAuthority Enabled Applications" means software and services developed by SBS or third party software vendors for use with the IdAuthority Service.

2.1.17. "TrustToolbar Software" means the software program designed by SBS for use with the IdAuthority Service and supplied by SBS to end users pursuant to the TrustToolbar End-User Software License Agreement;

2.1.18. "TrustToolbar End-User Software License Agreement" means the agreement for the use of the TrustToolbar Software that may be attached or electronically linked to this Agreement;

2.1.19. "E-Sigil Software" means the software program designed by SBS for use with the IdAuthority Service and supplied by SBS to end users pursuant to the E-Sigil End-User Software License Agreement;

2.1.20. "E-Sigil End-User Software License Agreement" means the agreement for the use of the E-Sigil Software that may be attached or electronically linked to this Agreement;

2.1.21. "TrustLogo Service" means the service designed by SBS for use with the IdAuthority Service;

2.1.22. “VEngine Service” means the software program designed by SBS for use with the IdAuthority Service and Content Verification Certificates supplied by SBS to end users pursuant to the VEngine End User Software License Agreement;

2.1.23. “VEngine End User Software License Agreement” means the arrangement for the use of the VEngine Software that may be attached or electronically linked to this Agreement;

2.2. In this Agreement unless otherwise specified:

2.2.1. References to clauses and schedules are to clauses of, and schedules to, this Agreement;

2.2.2. Use of any gender includes the other genders;

2.2.3. References to a "person" shall be construed so as to include any individual, firm, company or other body corporate, government, state or agency of a state, local or municipal authority or government body or any joint venture, association, partnership or limited partnership (whether or not having separate legal personality);

2.2.4. A reference to any statute or statutory provision or regulations shall be construed as a reference to the same as it may have been, or may from time to time be, amended, modified or re-enacted;

2.2.5. Any reference to a "day" (including within the phrase "Business Day") shall mean a period of 24 hours from midnight to midnight;

2.2.6. Subject to Clause 16, references to "indemnifying" any person against any circumstance include indemnifying and keeping him harmless from all actions, claims and proceedings from time to time made against him and all loss, damage, payments, cost or expenses suffered made or incurred by him as a consequence of that circumstance;

2.2.7. A reference to any other document referred to in this Agreement is a reference to that other document as amended, varied, novated or supplemented (other than in breach of the provisions of this Agreement) at any time;

2.2.8. Headings and titles are for convenience only and do not affect the interpretation of this Agreement;

2.2.9. General words introduced by the word "other" shall not be given a restrictive meaning by reason of the fact that they are preceded by words indicating a particular class of acts, matters or things; and

2.2.10. References to "$" are to US Dollars and reference to any amount in such currency shall be deemed to include reference to an equivalent amount in any other currency.

3. Relying Party Obligations

3.1. In consideration of being permitted access to and use of the Repository and access to, use of and reliance on, a Digital Certificate, the IdAuthority Service or the VEngine Service the Relying Party agrees to do the following prior to relying upon a Digital Certificate:

3.1.1. Where the Digital Certificate is issued by a third party, verify the Certificate Chain to ensure that the third party is a Subordinate Certification Authority and that the Digital Certificate was issued in accordance with the policies set out in the SBS CPS;

3.1.2. Check the CRL to ensure that the Digital Certificate is valid and operational; and

3.1.3. Take any other steps which would be reasonable for the Relying Party to take in the given circumstances, such as verification of digital signatures and obtaining additional assurances as may be prudent in the circumstances.

3.2. The Relying Party agrees not to use the Digital Certificate for any purpose other than the purpose set out in the relevant section of the SBS CPS for that particular class and type of Digital Certificate and to comply with the policies and procedures set out in the SBS CPS.

4. SBS Obligations

4.1. SBS agrees to :

4.1.1. Update the CRL by registering all revocations of Digital Certificates used for SSL which have been made by SBS or notified to SBS by a Subscriber within the 34 hours immediately preceding the time of update in the CRL; and

4.1.2. Amend in real-time the IdAuthority records by registering all revocations of Digital Certificates used for TrustLogo, TrustToolbar, E-Sigil and VEngine which have been made by SBS or notified to SBS by a Subscriber

4.1.3. Validate information provided by each Subscriber on the SBS enrolment form prior to issuing a Digital Certificate containing that information using the methods set out in the table at Section titled "Validation of Certificate Applications" of the SBS CPS.

5. Relying Party Acknowledgements

5.1. The Relying Party acknowledges that:

5.1.1. The CRL is updated by SBS and therefore does not contain a real time record of all SSL Digital Certificate revocations.

5.1.2. The IdAuthority is updated by SBS in real-time and provides immediate TrustLogo, TrustToolbar, E-Sigil and VEngine Certificate revocation

5.1.3. The security or integrity of a Private key which corresponds to a Public key contained in a Digital Certificate may be compromised due to an act or omission of a third party which has not been authorized by SBS and agrees that SBS shall not be liable to the Relying Party for any losses suffered by the Relying Party as a result of such compromise;

5.1.4. SBS relies upon authorization records, government records, third party business databases and domain name services to validate information contained in Digital Certificates and agrees that SBS shall not be liable for loss suffered by the Relying Party as a result of inaccuracies or deficiencies contained in those records or databases or inaccurate information supplied by providers of domain name services or any other third party; and

5.1.5. SBS performs differing degrees of validation of information in Digital Certificates depending on the level of warranty attached to the Digital Certificate and its intended use and agrees to take these factors into consideration when deciding whether or not to rely on a Digital Certificate.

6. Amendments to the SBS CPS

SBS reserves the right to amend any section of the SBS CPS at any time without prior notice to the Relying Party, including without limitation, the section of the SBS CPS that sets all the validation procedures for Digital Certificates.

7. Repository

The Repository is made on as "as is" and "as available" basis over publicly accessible networks and SBS cannot be responsible for any failures in such network that may cause the Repository to be unavailable. SBS excludes any warranty as to the availability of the Repository and reserves the right to exclude access to or close the Repository without notice at any time.

8. Exclusion of Warranties

Save as expressly provided under this Agreement all other warranties either expressed or implied are hereby excluded to the fullest extent permissible by law.

9. Termination

9.1. This Agreement shall commence on the date hereof and shall continue in force until terminated by SBS in accordance with the provisions of Clause 9.2 below.

9.2. SBS may terminate this Agreement for convenience at any time and for any reason and will notify the Relying Party of such termination in accordance with Clause 15 of this Agreement.

10. Consequences of Termination

10.1. If this Agreement is terminated by SBS in accordance with Clause 9 above, the Relying Party shall not, from the date of such termination:

10.1.1. Use or access the Repository; or

10.1.2. Use, access or rely on a Digital Certificate or any Service provided by SBS, and SBS’ obligations under this Agreement shall cease.

11. Limitation of Liability

11.1. Nothing in this Agreement shall exclude or limit either party's liability in respect of fraud or of any statements made fraudulently by such party.

11.2. Subject to Clause 11.1, SBS shall not be liable to the Relying Party (or any other person or entity) whether in contract (including under any indemnity or warranty), in tort (including negligence), under statute or otherwise for any loss or damages incurred by such party, including but not limited to loss of profits, loss of revenue, loss of anticipated savings, loss or corruption of data, loss of contract or opportunity or loss of goodwill whether that loss is direct, indirect or consequential. Relying Party agrees that SBS’ maximum liability, and Relying Party’s exclusive remedy, in law, equity, or otherwise with respect to any Digital Certificate Services and/or this Agreement and/or your reliance on any Digital Certificate Services is solely and exclusively limited to any payment, if any, made under the Relying Party Guarantee associated with the Digital Certificate Services upon which Relying Party reasonably and actually relied, in accordance with this Agreement. IN NO EVENT SHALL SBS, ITS LICENSORS AND CONTRACTORS (INCLUDING THIRD PARTIES PROVIDING SERVICES AS PART OF THE Certificate SERVICEs) BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES EVEN IF SBS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. TO THE EXTENT THAT A STATE DOES NOT PERMIT THE EXCLUSION OR LIMITATION OF LIABILITY AS SET FORTH HEREIN SBS' LIABILITY IS LIMITED TO THE FULL EXTENT PERMITTED BY LAW IN SUCH STATE.

11.3. In addition, and subject to Clause 11.1, SBS SHALL NOT BE LIABLE TO RELYING PARTY FOR ANY LOSS SUFFERED BY RELYING PARTY DUE TO THE SUBSCRIBER’S BREACH OF THE SUBSCRIBER AGREEMENT.

11.4. In addition, and subject to Clause 11.1, SBS SHALL NOT BE LIABLE TO RELYING PARTY FOR ANY LOSS, INCLUDING ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES, SUFFERED BY ANY PARTY DUE TO THE LOSS, THEFT, UNAUTHORIZED DISCLOSURE, UNAUTHORIZED MANIPULATION, ALTERATION, LOSS OF USE, OR ANY OTHER COMPROMISE OF ANY PRIVATE KEY USED BY THE SUBSCRIBER.

11.5. In addition, SBS’ total aggregate liability to all persons under any Relying Party Guarantee associated with any given Digital Certificate or TrustLogo is subject to the terms and conditions of the Relying Party Guarantee as provided in the Repository and shall be limited TO THE amount SET OUT IN EACH CERTIFICATE.

11.6. The Relying Party acknowledges that limitations on the use of the Certificate and limitations on the value of transactions for which the Certificate can be used are set out in each Certificate and agrees that SBS shall not be liable for any loss incurred (subject to Clause 11.1 above) by the Relying Party from use of the Certificate which exceeds these limitations.

11.7. The parties acknowledge and agree that the limited warranty and limited liability set forth in this Clause 11 are fundamental terms of this Agreement and are fair and reasonable having regard to the relationship between the parties and the benefits received by the Relying Party and obligations imposed on SBS under this Agreement.

12. Indemnification

Relying Party agrees to release, indemnify, defend and hold harmless SBS and any of SBS’ parent companies, contractors, agents, employees, officers, directors, shareholders, affiliates and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorney's fees and expenses, asserted by third parties or incurred by SBS relating to or arising out of (i) Relying Party’s failure to perform the obligations of a Relying Party in accordance with this Agreement, (ii) Relying Party’s reliance on a Digital Certificate or TrustLogo that is not reasonable under the circumstances, or (iii) Relying Party’s failure to check the status of a Digital Certificate or TrustLogo to determine if the Digital Certificate or TrustLogo is expired or revoked. When SBS is threatened with suit or sued by a third party, SBS may seek written assurances from Relying Party concerning Relying Party’s indemnification obligation. Relying Party’s failure to provide such assurance(s) may be considered by SBS to be a material breach of this Agreement. SBS shall have the right to participate in any defense by Relying Party of a third-party claim related to Relying Party’s use of any SBS services, with counsel of SBS’ choice. Relying Party shall have sole responsibility to defend SBS against any claim, but Relying Party must receive SBS’ prior written consent regarding any related settlement. The terms of this Section 12 will survive any termination or cancellation of this Agreement.

13. Force Majeure

SBS shall not be liable for any breach of its obligations under this Agreement resulting from a Force Majeure Event.

14. Waiver

The waiver by either party of a breach or default of any of the provisions of this Agreement by the other party shall not be construed as a waiver of any succeeding breach of the same or other provisions nor shall any delay or omission on the part of either party to exercise or avail itself of any right power or privilege that it has or may have hereunder operate as a waiver of any breach or default by the other party.

15. Notices

15.1. Notices to SBS: Any notice, request, instruction or other document to be given to SBS under this Agreement shall be delivered or sent by first class post or by facsimile transmission (such facsimile transmission notice to be confirmed by letter posted within 12 hours) to the address or to the facsimile number of SBS set out in this Agreement (or such other address or numbers as may have been notified to the Relying Party in writing) and any such notice or other document shall be deemed to have been served (if delivered) at the time of delivery (if sent by post) upon the expiration of 48 hours after posting or (if sent by facsimile transmission) upon the expiration of 12 hours after dispatch. The address for SBS is Secure Business Services, Inc., Suite 300, PMB#1046, 2711 Centerville Road, Wilmington, DE 19808, to be marked for the attention of: SBS Legal Department.

15.2. Notices to Relying Party: Any notice, request, instruction or other document to be given to the Relying Party under this Agreement shall be posted on SBS’ website, situated at www.securebusinessservices.com.com in the section "Repository" and shall be deemed to have been served at the time of entry of the notice on SBS’ website.

16. Invalidity and Severability

If any provision of this Agreement (not being of a fundamental nature to its operation) shall be found by any court or administrative body of competent jurisdiction to be invalid or unenforceable the invalidity or unenforceability of such provision shall not affect the other provisions of this agreement and all provisions not affected by such invalidity or unenforceability shall remain in full force and effect. The parties hereby agree to attempt to substitute for any invalid or unenforceable provision a valid or enforceable provision which achieves to the greatest extent possible the economic, legal and commercial objectives of the invalid or unenforceable provision.

17. Entire Agreement

17.1. This Agreement and all documents referred to herein contain the entire and exclusive agreement and understanding between the parties on the subject matter contained herein and supersedes all prior agreements, understandings and arrangements relating thereto. No representation, undertaking or promise shall be taken to have been given or implied from anything said or written in negotiations between the parties prior to this Agreement except as may be expressly stated in this Agreement.

17.2. Without prejudice to any liability for fraudulent misrepresentation, no party shall be under any liability or shall have any remedy in respect of misrepresentation or untrue statement unless and to the extent that a claim lies for breach of this Agreement.

18. Assignment

Neither party may assign or transfer or purport to assign or transfer a right or obligation under this Agreement without first obtaining the other party's written consent.

19. Variation

19.1. Any variations to this Agreement required by law shall take effect immediately. SBS shall provide written notice of such a variation to the Relying Party.

19.2. Subject to Clause 19.1, SBS may vary any term of this Agreement at any time on the provision of 20 Business Days written notice to the Relying Party of the variation.

20. Governing Law and Jurisdiction

This Agreement and any disputes regarding its interpretation and enforcement shall be governed by the laws of the United States of America and the State of Washington, as if this Agreement was a contract wholly entered into and wholly performed within the State of Washington. Any action to enforce this Agreement or any matter relating to use of the Digital Certificate services shall be brought exclusively in the United States District Court for the Western District of Washington, or if there is no jurisdiction in such court, then in a state court in King County, Washington.