TERMS OF USE OF THE “IDENTT” APPLICATION

§1. General Provisions

1. These Terms of Use (hereinafter: the “Terms”) set out the rules for the use and operation of the “IDENTT” mobile application (hereinafter: the “Application”) available in the Google Play and App Store, including in particular: the rules and scope of using the Application, the rights and obligations of Users, and liability rules.
2. The Application is intended for natural persons who are consumers within the meaning of Article 22¹ of the Polish Civil Code.
3. The Application enables local OCR reading of data from an identity document and reading data from an identity document to support the identity verification process at IDENTT Partners.
4. The Application is downloaded via the Google Play or App Store.
5. Using the Application does not require permanent account registration. The agreement for the use of the Application is concluded once for the actual period of use and terminates automatically upon completion of the data reading, after which such data are promptly deleted from the device.
6. The service is provided by IDENTT sp. z o.o. with its registered office in Wrocław (hereinafter: “IDENTT”), ul. Traugutta 45, 50-416 Wrocław, entered into the Register of Entrepreneurs maintained by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register under number 0000586371, NIP (Tax ID) 8982215099, REGON 363017634, email address: contact@identt.pl.
7. The above data constitute the contact point for direct electronic communication with the authorities of the Member States, the European Commission and the European Board for Digital Services pursuant to Regulation (EU) 2022/2065 of the European Parliament and of the Council of 19 October 2022 on a Single Market for Digital Services and amending Directive 2000/31/EC (Digital Services Act).
8. These Terms of electronic service provision are made available to the User free of charge via the Application in a form enabling its acquisition, reproduction and recording. Every User is obliged to read the Terms before concluding an agreement with IDENTT for the use of the Application.
9. The Terms apply only for the period of actual use of the Application by the User. After the end of the use of the Application: the User’s data are automatically deleted from the Application and the device, the provision of the service is deemed completed, and the Terms cease to apply to that instance of use of the Application.
10. In connection with IDENTT’s processing in the Application of the User’s personal data provided in order to perform the Service, the User undertakes to read the Privacy Policy available in the Application.

§2. Definitions

For the purposes of these Terms, the following definitions apply:

1. Service Provider – IDENTT sp. z o.o. with its registered office in Wrocław, ul. Traugutta 45, 50-416 Wrocław, entered into the Register of Entrepreneurs maintained by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register under number 0000586371, NIP 8982215099, REGON 363017634.
2. User – a natural person whose electronic layer data from an identity document are to be read within the Application.
3. Application – the “IDENTT” mobile application made available in the Google Play and App Store, which enables local OCR reading of data from an identity document and reading data from an identity document to support the identity verification process.
4. Service – a service provided electronically by the Service Provider via the Application, consisting in enabling the User to locally read data from the electronic layer of an identity document or to read data from an identity document to support the identity verification process.
5. IDENTT Partner – an entity with which IDENTT has concluded cooperation agreements for supporting the identity verification process using tools offered by IDENTT and which is the recipient of the verification result.

§3. Provision of Services by Electronic Means

1. The Service Provider provides the following services by electronic means:
   a) enabling local OCR reading of data from an identity document;
   b) enabling reading of data from an identity document to support the identity verification process;
   c) providing a preview of the data read from the identity document.
2. Services are provided 24 hours a day, 7 days a week, subject to periods of unavailability related to maintenance, technical repairs, expansion or system updates, about which the Service Provider will inform with appropriate advance notice (unless interruptions are caused by failures that could not have been foreseen).
3. The Service Provider reserves the right to temporarily suspend access to the Application in order to carry out necessary maintenance or updates. The Service
4. Provider will inform the User in advance about planned technical breaks via a message in the Application.
5. Minimum technical requirements for using the Application:
   a) a mobile device with Android version 27 and/or iOS version 15.3;
   b) a device equipped with an NFC module;
   c) Internet connection;
   d) activation of required system permissions, e.g., access to the camera.
6. The Service Provider does not guarantee that all functionalities of the Application will be available on all devices.
7. The Application and all its functionalities are made available to Users as they currently are (“as is”), without any warranty, express or implied, as to their quality, fitness for a particular purpose, error-free operation or conformity with the User’s expectations.
8. The Service Provider informs that the use of services provided electronically may entail specific risks related to the potential loss of availability, confidentiality or integrity of data. To minimize such risk, the Service Provider recommends that Users apply organizational and technical measures adequate to the identified risks, in particular anti-virus programs or tools protecting identification on the Internet.

§4. Use of the Application

Using the Application is possible in two variants, namely as a tool for:

1. an identity verification process initiated by an IDENTT Partner, from whom the User received a redirection to the Application.
   The User has been redirected to the Application from a dedicated link received from an IDENTT Partner during the identity verification process.
   In the Application, the User can read data from the electronic layer of an ID card or a passport compliant with ICAO 9309.
   The data read in the Application are then processed by IDENTT outside the Application at the request of the Partner, where IDENTT supports the identity verification process and prepares the verification result, which is then provided to the IDENTT Partner who directed the User to the Application and who takes the final decision on the positive or negative outcome of the User’s identity verification.
   In this variant, the User’s data are processed by two independent personal data controllers:
   IDENTT – to the extent of providing the Application’s functionality and reading and processing data from the identity document directly in the Application;
   IDENTT Partner – to the extent of commissioning IDENTT to support the identity verification process and receiving the verification result, its analysis and use in its own process (e.g., contract conclusion, identity verification, fraud prevention, etc.).

• data preview on the device, i.e., the User uses the Application independently, without involvement of an IDENTT Partner who would have provided a redirection link to the Application.
  The User downloaded the Application independently from an app store (Google Play or App Store).
  The User independently read data from the electronic layer of an identity document (e.g., ID card or passport) and then previewed them in the Application.
  These data are not transmitted anywhere; only local preview is possible. The data remain solely on the User’s device and are not sent to either IDENTT or a Partner, and after the preview ends, the data are automatically deleted from the Application.

§5. User’s Rights and Obligations

1. The User is obliged to:
   a) comply with the provisions of the Terms and generally applicable laws;
   b) provide true, up-to-date and complete data when reading data from the identity document;
   c) refrain from using the Application contrary to its intended purpose or with the aim of circumventing the law.
2. The User is prohibited from:
   a) supplying unlawful content;
   b) using forged identity documents;
   c) attempting to impersonate other persons;
   d) using someone else’s identity documents;
   e) attempting to circumvent system safeguards, including social engineering or phishing attacks;
   f) attempting to deceive the Application;
   g) taking actions that could disrupt the functioning of the Application;
   h) attempting unauthorized access to the Application or other Users’ data;
   i) using the Application for purposes contrary to law, good morals or infringing third-party rights;
   j) copying, modifying, distributing, transmitting or otherwise using any elements of the Application without the express consent of the Service Provider;
   k )taking actions that could compromise data security in the Application.

§6. Rights and Obligations of the Service Provider

1. The Service Provider is obliged to ensure appropriate technical and organizational measures to protect data processed in the Application and to process personal data in accordance with applicable laws and the Privacy Policy.
2. The Service Provider reserves the right to monitor Users’ activity in the Application to ensure security, detect abuses and ensure that the Application is used in compliance with the Terms.
3. The Service Provider has the right to discontinue the provision of Services in the event of finding a breach by the User of the provisions of the Terms or of the law.

§7. Intellectual Property

1. The portal and all its elements, including in particular the name, logo, graphic layout, software, databases, content and other components, are subject to intellectual property rights of the Service Provider or third parties from whom the Service Provider has acquired such rights.
2. None of the provisions of the Terms may be construed as granting the User any intellectual property rights to all or part of the portal.
3. Upon conclusion of the service agreement, the Service Provider grants the User a non-exclusive, non-transferable licence, territorially unlimited to the whole world, to use the Application solely for the purpose and to the extent necessary to use the Services provided by the Service Provider in accordance with the Terms.
4. The licence referred to in the preceding sentence applies for the duration of the agreement and does not include the right to:
   modify, adapt, translate, decompile, disassemble or otherwise attempt to obtain the portal’s source code;
   create derivative works based on the portal;
   sell, license, lease, rent, transfer, make available or otherwise disseminate the portal.
5. The User may not remove, obscure or alter copyright, trademark or other intellectual property notices placed in the Application.
6. Use of the elements of the Application beyond the scope of permitted use defined in the Terms requires the Service Provider’s prior written consent.
7. In the event of the User’s breach of this section, the Service Provider may terminate the Agreement with immediate effect and seek damages under general principles.

§8. Liability

1. The Service Provider is liable for non-performance or improper performance of services provided via the Application under generally applicable laws, subject to the limitations set out below.
2. The Service Provider is not liable for:
   a) damage resulting from the User providing untrue, incomplete, outdated or false data;
   b) damage resulting from improper use of the Application by the User;
   c) loss of data caused by equipment or system failure or other circumstances beyond the Service Provider’s control;
   d) damage resulting from interruptions in availability of the Application caused by force majeure, acts of third parties or technical reasons beyond the Service Provider’s control;
   e) damage resulting from failure to meet the minimum technical requirements by the User, in particular due to lack of Internet access;
   f) damage resulting from the manner in which the User uses information obtained via the Application.
3. The Service Provider’s liability to the Client, to the extent permitted by law, is limited to the amount of the Client’s actual loss related to the service provided by the Service Provider.
4. The IDENTT Partner is responsible for compliance with security, cyber-security and personal data protection rules in the process of providing the link to the Application.

§9. Personal Data Protection

1. The controller of personal data in connection with the use of the Application is Identt sp. z o.o. with its registered office in Wrocław (50-416), ul. Gen. Romualda Traugutta 45, entered into the Register of Entrepreneurs of the National Court Register by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register under KRS number 0000586371, NIP 8982215099, REGON 363017634, with share capital of PLN 100,000.00.
2. IDENTT cooperates with various organizations, such as banks, telecom operators, lending companies, financial institutions, etc., i.e., IDENTT Partners.
   The identity and contact details of the specific IDENTT Partner correspond to the identity of the IDENTT Partner from whom the User received the link redirecting to the Application and will also be found in that Partner’s privacy policy provided to the User before the start of the identity verification support process using the Application.
3. The Application forms part of the support provided by IDENTT for the identity verification process commissioned by the Partner; IDENTT’s role in data processing varies, as follows:
   Data collection stage in the Application: in this respect, IDENTT acts as an independent controller — IDENTT initiates the process, designs the Application, and reads data from the identity document.
4. Comparison stage (outside the Application): in this respect, IDENTT acts as the Partner’s processor and in this case IDENTT processes data solely on the Partner’s instructions, i.e., on the Partner’s instructions and in accordance with its directions set out in the data processing agreement, IDENTT supports the identity verification process and provides the Partner with the verification result.
   Decision stage: the IDENTT Partner receives the verification result and, as an independent controller, takes the final decision, stores the result and acts in accordance with its own privacy policy.
   Detailed information on the processing of personal data by the Service Provider is set out in the Privacy Policy available in the Application.

§10. Complaints

1. The User may submit complaints regarding the Service provided via the Application, i.e., the service consisting in enabling the User to locally read data from the electronic layer of an identity document or to read data from an identity document — to the email address: […].
2. A complaint should include:
   a) data enabling contact with and identification of the User (e.g., email or correspondence address);
   b) a description of the issue forming the basis of the complaint;
   c) an indication of the User’s request.
3. The Service Provider will examine the complaint within 14 days from the date of its receipt. If it is necessary to supplement the complaint, the 14-day period runs from the date of delivery of the supplemented complaint.
4. The Service Provider will inform the User of the outcome of the complaint by email or in writing, depending on the form in which the complaint was submitted.
5. If the complaint does not include data enabling contact with the User, the Service Provider will leave the complaint unexamined.
6. The Service Provider reserves the right to leave a complaint unexamined if it results from a failure to read the provisions of the Terms, the Privacy Policy or the law.

§11. Termination of the Agreement

1. The agreement for the provision of services by electronic means is concluded until the Service has been completed.
2. The User may terminate the use of the Application at any time by closing it or uninstalling it from the device.

§12. Final Provisions

1. The Terms enter into force on the date of their publication in the Application.
2. The Service Provider reserves the right to amend the Terms at any time. The Service Provider will inform about changes to the Terms by publishing a new version of the Terms in the Application.
3. Matters not regulated by the Terms are governed by Polish law, in particular the Civil Code, the Act on the Provision of Electronic Services, the Act on Copyright and Related Rights, and other generally applicable provisions of law.
4. Any disputes arising between the Service Provider and the Client shall be resolved by a court of general jurisdiction.
5. If any provision of the Terms is held invalid or ineffective by any competent court or as a result of future legislative or administrative actions, such holding or actions shall not invalidate or render ineffective the remaining provisions of the Terms. If provisions of the Terms are ultimately found unlawful or ineffective, those provisions shall be deemed excluded from the Terms, while all remaining provisions shall continue to be fully binding and effective, and the provisions found unlawful or ineffective shall be replaced by a provision of similar meaning that reflects the original intent of the given provision to the extent permitted under applicable law.
6. The Terms have been drawn up in Polish and English, which constitute the only binding language versions.