Additional Product-Specific Terms for Apple Access Technology within HID Origo™ Platform and Related Services

(Version August 2022)

 

These terms are in addition to the Terms of Service applicable to Your use of HID Origo™ Platform and Related Services (“Terms of Service”). These additional terms apply if You use the Service with Apple Pay Technology and/or Apple Access Technology (e.g., enable users to add access credentials to Apple Wallet) (collectively referred to herein as “Apple Access Technology”). All capitalized terms not defined herein will have the meaning ascribed in the Terms of Service. In the event of a conflict between this additional and the Terms of Service, these additional terms govern.

IN THE EVENT OF A CONFLICT BETWEEN THESE TERMS AND/OR THE TERMS OF SERVICE AND THE PPTC (AS HEREIN DEFINED), THE PPTC SHALL GOVERN WITH RESPECT TO YOUR USE OF THE APPLY TECHNOLOGY.

1.Additional Definitions

Apple Pay Technology” means the Apple Access Technology that enables end users to make payments and access other related services, including accessing a physical space, or authenticating virtually to use (physically, virtually, or otherwise) services, using Apple-designated Apple products.

Apple Access Technology” means the Apple Access Technology that enables users to gain access to a physical space or controlled service, or authenticate virtually to use (physically, virtually, or otherwise) End Customer’s services, using Apple Products designated by Apple or Apple’s Affiliates.

Account” means any account under which an end user may initiate a Transaction.

“Applicable Law” means all applicable laws (including common law), codes, statutes, rules, regulations, published standards, permits, judgments, writs, injunctions or rulings.

Credential” means any digital or virtual card eligible to be provisioned by HID or a Channel Partner for the purposes of initiating a Transaction using the Apple Access Technology.

“De-Identified Data” means data that does not contain any information relating to an identified or identifiable natural person.

Enabled Device” means any Apple Product that has been enabled to store and/or present Provisioned Credentials to conduct a Transaction using the Apple Access Technology.                                                                            

Governmental Authority” means any domestic or foreign, federal, state, provincial, municipal or local government, any political subdivision thereof and any entity exercising executive, legislative, judicial, regulatory, or administrative functions of or pertaining to government, regardless of form, including any agency, bureau, court, tribunal, or other instrumentality.

Personal Data” means any information relating to an identified or identifiable natural person.

PPTC” means any Participating Provider Agreement or Participating Provider Terms and Conditions by and between You and Apple or an Apple affiliated entity. You must execute any PPTC that may be required by Apple to use the Apple Access Technology.

Program Manager” means HID in a role that supports and integrates Credentials with the Apple Access Technology and services including Transactions as well as associated reporting and management.

Provisioned Credential” means a Credential that has been provisioned to an Enabled Device so that the Enabled Device may be used in the Program to make Transactions.

Provisioning Data” means any data supplied by Apple or HID to you or any of your end users for the purpose of facilitating your provisioning path decision process.

Transaction” means the use of a Provisioned Credential through an Enabled Device to gain access to a physical space, authenticate to utilize a service, or conduct a financial transaction funded by a stored value balance.

2. You acknowledge that you may have access to certain confidential and proprietary information in connection with your use of the Apple Access Technology (the “Confidential Information”). Such Confidential Information includes but is not limited to: (a) Provisioning Data; (b) information related specifically to an Account, Credential and/or end user that is obtained, generated or created by or on behalf of the Program Manager in connection with Account establishment, processing and maintenance activities, customer service, and transaction data (transaction date, merchant name, amount, industry category, and industry code); and (c) the Credential. You will take all reasonable precautions necessary to safeguard the confidentiality of the Confidential Information, including those taken to protect your own Confidential Information of a similar nature. You agree to use such Confidential Information only in connection with your use and provision of the Apple Access Technology and will not share such information with any third parties. Because of the unique nature of the Confidential Information, you agree that HID may suffer irreparable harm in the event you fail to comply with these confidentiality obligations, and that monetary damages may be inadequate to compensate HID for such breach. Accordingly, you agree that HID will, in addition to any other remedies available to you at law or in equity, be entitled to seek injunctive relief to enforce such confidentiality obligations.

3. HID, or its suppliers, own the Credential, and retain all rights in the Credential. You acknowledge that you possess no right, title or interest in the Credential other than the rights expressly granted in by these terms and/or the Participating Provider Agreement between you and Apple.

4.  HID or Apple may:

  1. suspend or delete a Provisioned Credential or reactivate a suspended Provisioned Credential on an Enabled Device at the end user’s request and in line with Participating Provider policies (e.g., upon loss of the Enabled Device or service at an Apple Store); 
  2. suspend or delete a Provisioned Credential on an Enabled Device without the request of the end user in the event (i) the end user reports loss of the Enabled Device to Apple in person or by telephone, subject to verification of such end user’s identification to Apple’s reasonable satisfaction, (ii) the end user returns an Enabled Device or submits an Enabled Device for a product exchange or upgrade (or similar service) in accordance with Apple’s applicable return, exchange or upgrade policies, or (iii) as otherwise required pursuant to the agreement between HID and Apple;
  3. suspend provisioning for additional Credentials, processing for Provisioned Credentials, or any other services you may perform in connection with the Apple Access Technology, if an underlying issue has occurred; and
  4. suspend your use of the Apple Access Technology due to any breach by you or any of end users of the terms set forth herein.

HID shall have no obligation to refund or credit for or any liability with respect to any suspension pursuant to this Section.

5.  In the event that you are notified by a Governmental Authority, or otherwise reasonably believe, upon advice of counsel, that you are not complying with Applicable Law due to the processes by any party in the provisioning of Credentials and use of Provisioned Credentials using the Apple Access Technology, you and HID shall, unless prohibited by law, promptly meet and work in good faith to determine together whether any such failure to comply with Applicable Law has occurred or is occurring.  Upon such determination, you and HID shall work together in good faith to use commercially reasonable measures to modify such processes to ensure compliance with Applicable Law. Where a Governmental Authority is involved or upon the reasonable request of HID, communications related to such good faith efforts and measures will be subject to a common interest agreement between the parties on reasonable terms and conditions. HID reserves the right to make changes to any products, services, or processes that HID deems necessary to comply with Applicable Law. In the event of any audit or investigation by a Governmental Authority, you shall, unless prohibited by law, provide HID’s legal counsel with assistance reasonably required to address any issues of non-compliance that may be raised by such audit or investigation.

6.  Notwithstanding anything to the contrary, in the event that you receive a written supervisory communication, written guidance or written direction from a Governmental Authority (“Regulatory Guidance”) that requires a modification to or suspension of the provision or use of any Apple Access Technology in less than thirty (30) days, then you shall: (i) promptly memorialize such Regulatory Guidance in writing and, with the consent of the Governmental Authority issuing the Regulatory Guidance, if such consent is required by Applicable Law or practically required, deliver such writing to the other party, and (ii) deliver an officer’s certificate that you believe in good faith that such expedited action is required, based on advice received from legal counsel, and (iii) use commercially reasonable efforts to clarify with the applicable Governmental Authority that the expedited action is required. HID shall have the right to modify or suspend use of the Apple Access Technology in accordance with the time period required by the Regulatory Guidance, and you shall cooperate with HID to take actions reasonably required to effect the modification or suspension (where a Governmental Authority is involved, subject to the parties agreeing on disclosure to each other pursuant to a common interest agreement between the parties on reasonable terms and conditions).

7.  Subject to Applicable Law, you shall promptly notify HID in the event you learn or have reason to believe that any person has breached security measures relating to the Apple Access Technology, an Enabled Device or other technology provided by HID, or gained unauthorized access to any Confidential Information, respectively (an “Information Security Breach”). In the event that you are responsible for the Information Security Breach, upon discovering such Information Security Breach, you will, at your cost, (i) appropriately investigate, remediate, and mitigate the effects of the Information Security Breach and (ii) provide HID with assurances reasonably satisfactory to HID that appropriate measures have been taken to prevent such Information Security Breach from recurring.  Additionally, if and to the extent any Information Security Breach or other unauthorized access, acquisition or disclosure of Personal Data or Confidential Information occurs and if HID, upon advice of legal counsel, reasonably determines that notices or other remedial measures (including notice, credit monitoring services, fraud insurance and the establishment of a call center to respond to customer inquiries) are warranted, you will, at your cost and expense, upon HID’s request, undertake such notices and remedial actions. Except as required by Applicable Law, you shall not make any public announcement in respect of an Information Security Breach unless and until you shall have consulted with and have obtained the approval of HID.

8.  You shall cooperate with HID and provide assistance in fraud detection, reporting, and prevention efforts. Subject to the confidentiality obligations hereunder and subject to Applicable Law, you agree to keep HID informed of the progress of any fraud investigation to the extent it affects Confidential Information, Personal Data, the improper use of Provisioned Credentials, the improper provisioning of Credentials or any other rights, customers, or information of the other party.

9.  You agree to provide HID, with consent to share with Apple, De-Identified Data in compliance with Applicable Law, the Participating Provider Agreement, or these terms, whichever is more restrictive.

10. Upon request, you shall provide to HID information and reports that contain the necessary data and statistics related to use and provision the Apple Access Technology as may be required by HID or Apple from time to time (the “Reports”). You grant HID the right and license to use any information contained in the Reports, sublicensable to Apple for purposes of (i) performing obligations and exercising its rights and (ii) improving the Apple Access Technology. 

11. Except as otherwise set forth herein, you shall use the Provisioning Data only for the following purposes:  (a) testing of the provisioning approval and implementation process for use of the Apple Access Technology prior to and after the first date that Apple Access Technology is available for use with Provisioned Credentials to conduct Transactions, and for implementation of the provisioning approval process in production; (b) fine-tuning and bug fixes in system rules and provisioning related processes specific to the Apple Access Technology; (c) improving communication protocol and process between systems relating to the Apple Access Technology; or (d) other legitimate purposes for the enhancement of the Apple Access Technology.

12. To the extent you are permitted access to the Provisioning Data and except for data elements specifically identified by HID, you agree to permanently destroy and render unrecoverable any such Provisioning Data.

13. You are not permitted to charge end users any additional fees related directly to the Provisioned Credentials, Transactions, or the Apple Access Technology.

14. You agree to participate in any testing, certification, or implementation deemed necessary by Apple or HID related to any Transaction, Enabled Device, or Credential.

15. You agree that HID may issue one or more jointly approved press releases announcing the provisioning of Credentials on Enabled Devices at your property or facilities.

16. For provisioning Credentials, Apple (in its sole discretion) may require that You agree to procure that all users:

  1. set up any or all of a pass-code, PIN, biometric identification, or other comparable authentication mechanism enabled by Apple to control access to the Apple Access Technology on an Enabled Device;
  2. authenticate themselves at the time of provisioning as themselves via two-factor authentication, or another similar approach approved by Apple; and
  3. provide to Apple, or permit Apple to access (e.g., through a reader mode tap), or by enrolling through Your mobile application, the full Credential and Account information, that Apple may reasonably require.

17. HID may share with Apple and Apple, solely in its own independent capacity, may use End Customer Data (including personal data) and Credential Manager Provisioning Data for the purpose of performing its obligations and exercising its rights set forth in the PPTC. In the event of a conflict between the Data Processing Terms and/or the Data Processing Specifications (incorporated therein) and the PPTC, the PPTC shall govern with respect to the sharing and processing of such data. “End Customer Data” means information related specifically to any account, credential or user that is obtained, generated, or created by or on behalf of End Customer in connection with account establishment, processing, and maintenance activities, End Customer service, and transaction data (including personal data), as associated with Apple Access Technology and “Credential Manager Provisioning Data” means data supplied by HID or an HID partner to Apple for the purpose of facilitating End Customer’s provisions path decision process. HID hereby disclaims all liability with respect to the data shared with ApplE. the disclosure and use of such data shall be governed EXCLUSIVELY by the PPTC.