Terms & Conditions

Welcome to our platform. If you continue to browse and use this platform, you are agreeing to comply with and be bound by the following terms and conditions of use, which together with our privacy policy govern Dornet LTD's relationship with you concerning this platform. If you disagree with any part of these terms and conditions, please do not use our platform.

The term ‘Dornet, or ‘us’ or ‘we’ refers to the owner of the platform the term ‘you’ refers to the user or viewer of our platform. The use of this platform is subject to the following terms of use: The content of the pages of this platform is for your general information and use only. It is subject to change without notice.

Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness, or suitability of the information and materials found or offered on this platform for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.

Dornet is not a financial service institution, Dornet does not provide financial advice, and Dornet does not hold financial instruments and security. All the funds generated are directly invested in projects relating to the services Dornet provide at such.

Dornet is not a trading platform and should not be treated as such, Dornet does not provide financial returns on the user's occupied positions.
All the transactions made or related to Dornet products, or services must be done through the platform at such Dornet cannot and will not entertain transactions between member outside of this platform.
Dornet does not and will not change the registered name on the platform without proper name change documentation provided i.e., Government approved documentation through company house approval process and informing the members of the name change.
All value appreciation of the selling user’s position shall be retained by Dornet and reinvested into current or future projects.
All retained positioned value appreciation shall be reinvested into current and future projects.
All available positions shall be made open to all members of the platform and all offers submitted by platform members shall be reviewed by Dornet for proper approval process.
All accepted offers shall be made public and the current owner’s position shall be closed on completion of the transaction.
Payments shall only be returned to the registered account on the platform .
All returning funds may incur administrative related costs which shall be deducted by the managing agent before fund is returned to the registered members account as. This cost is covered by the member.
All users must pass the mandatory KYC process.
Any position transfer transaction conducted outside the platform, will not be validated by Dornet, and may lead to the termination of your agreement and access to the program.
Your use of any information or materials on this platform is entirely at your own risk, for which we shall not be liable. It shall be your responsibility to ensure that any products, services, or information available through our platform meet your specific need or requirements.
This platform contains material that is owned by or licensed to us. These materials include, but is not limited to, the design, layout, look, technology infrastructure, appearance, verbiage and graphics.
Reproduction of our website or mobile application is prohibited other than following the copyright notice, which forms part of these terms and conditions.
All trademarks reproduced in this platform, which is not the property of, or licensed to, Dornet is acknowledged on the platform. Unauthorised use of this platform may give rise to a claim for damages and/or be a criminal offense.
From time to time this platform may also include links to other platforms. These links are provided for your convenience to provide further information. They do not signify that we endorse the platform(s). We have no responsibility for the content of the linked platform(s).

DORNET does its utmost to ensure the privacy, confidentiality and security of its members are preserved both throughout their interaction with the company and afterwards, to the fullest extent achievable by the company.

When clients register with DORNET they acknowledge their willingness to share with the company certain private information which we use for the purpose of confirming the client’s identity and ensuring the security of their subscription and account. This information is collected in line with our stringent verification procedures which are used to deter international money laundering operations and to ensure the security and safety of our customer’s activity throughout.
Our clients undertake to supply us with true, updated, and accurate information about their identity. Furthermore, they are required to state categorically that they are registering on their own behalf and are not seeking at any time to act any manner which could be considered fraudulent nor are they seeking to impersonate any other individuals for any purposes whatsoever.
DORNET data collection procedures include the collection of client’s freely disclosed information as shared with the company, in addition to the placement of cookies for the purposes of gathering data about the way members interact with DORNET platform. The tools for gathering client’s information are employed for the purpose of ensuring the customer’s own security and all data collected by the company is shared only with individuals within the company who are involved with the verification of member account information and our third-party partner for the express purpose of regulatory compliance and ensuring the customer’s confidentiality and security.
DORNET will never disclose any private or otherwise confidential information in regard to our members and former members to third parties without the express, consent of our clients, except in such specific cases in which disclosure is a requirement under law or is otherwise necessary in order to perform verification analysis on the client’s identity for the purposes of safeguarding their account and securing their personal information.
By registering with DORNET and through the voluntary interaction they undertake with DORNET products and services the clients confirm and agree that they consent to the use of all or part of the information they provide concerning their DORNET account, the transactions they undertake through it and the interactions which they perform with the company. All interactions the member undertakes with the company will be stored by the company for the purposes of record and as such may be employed by the company in such cases that disputes arise between members and the company.
DORNET does its utmost to ensure the confidentiality of its clients’ personal information including the implementation of data protection procedures designed to ensure client confidentiality. DORNET ensures that its data protection policy is regularly updated to ensure that client’s confidential information is continually safeguarded.
From time-to-time DORNET may contact members whether by phone or email for the purpose of offering them further information about DORNET. In addition, the company may, on occasion, seek to contact members, whether by phone or by email, for the purpose of informing them of serious security issues, however Dornet will/ shall never request for our members personal identifiable details or financial details on the phone or through an email communication. Client's consent to the receipt of such contact when they consent to our terms and conditions of use when registering with DORNET.
Any person wishing to opt out of further contact with DORNET at any time whatsoever is entitled to do so, simply by contacting the company whether by phone or email and requesting that no further contact on behalf of the company should be made.

Accessibility statement

Accessibility statement for Dornet Ltd

This accessibility statement applies to https://www.dornet.org

This website is run by [Dornet Ltd]. We want as many people as possible to be able to use this website and mobile app. For example, that means you should be able to:

Change colours, contrast levels and fonts
Zoom in up to 300% without the text spilling off the screen.
Navigate most of the website using just a keyboard.
Navigate most of the website using speech recognition software.
Listen to most of the website using a screen reader.

InTechnology has advice on making your device easier to use if you have a disability.

How accessible this website is

You can select the Accessibility option to change the font size to large or extra-large without the text spilling off the screen.
You can also select a Text only option without images or the Graphical viewing option.
The website is more accessible in Mobile view.
We know some parts of this website are not fully accessible:
Some of our online forms are difficult to navigate using just a keyboard
You cannot skip to the main content when using a screen reader
On some parts of the website users are not alerted to fresh content appearing
Some error messages appear underneath input fields.
On some forms screen readers is not notified of new content.
On some pages a screen reader user is autofocused on the first form element on the page, forcing the user to interact with the form without any context.
Not all elements on the website that can receive focus have visible focus styling.

Feedback and contact information

If you need information on this website in a different format like accessible PDF, large print, easy read, audio recording or braille:

Email: [email protected]

We’ll consider your request and get back to you in [5] days.

Reporting accessibility problems with this website

We’re always looking to improve the accessibility of this website. If you find any problems not listed on this page or think we’re not meeting accessibility requirements, contact: [email protected]

Refund Policy

In certain exceptional circumstances, the user may order the sales of their position on the platform. In this case, the position will be made available to the registered members on the platform, when offers are made and accepted for the purchase of the position, such funds will be refunded to the card or account that was registered on the account and has been used for payment or subscription toward to the services and product and such account or card must have been registered and validated for more than 120 days. The members Dornet account and position will be closed at the completion of the fund repayment to the member; the user has the right to close his/her account at any time he/she wishes to.

The Company will approve the account closure if:

There is no active query open on the validity account payment.
There are no investigations underway associated with any of the terms of the current terms of services.
If there are no charges applied to the account, the company must close the account by the customer’s demand on completion of the transfer.
If the account of the member has been suspended due to the violation of the current online service or due to any other abuse detected by the user, the refund will not be provided under any circumstances.
The company does not have to provide any type of the refund in case the loss of fund was caused due to any act performed by client either foreseen or unforeseen.
Processing of fund requests can take up to 120 days or at earliest up to 28 business days provided that the member account or card is fully verified, the member has submitted a withdrawal request (via the company approved channels), the funds are still available in the customer`s balance and the member doesn’t have any active repayment request that prevents the account from accepting the funds.
All other requests will be treated as member repayment options and will be processed using those methods and procedures.
All repayment requests shall be processed as long as the member does not fail withing the scope of Financial monitory restriction groups, i.e., politically exposed person (PEP, sanctioned person, declared wanted person by the National Crime Agency (NCA).
All members funds are held by an authorised third-party organisation which is protected by the Financial Conduct Authority (FCA) and authorised to operate in the United Kingdom, European Union and other regulatory bodies within out regions of operation
Dornet deploys the services of an independent account manager to manage our members individual account wallets and the functions of the account managers are as follows:
- Monitors the activities within individual's account
- Process members repayment request
- Validate members identity
- Ensure the availability of members funds at all time
- Ensure members fund is not used for any of Dornets financial business activities
- Ensures adequate redress protection is always at place to the benefit of the member
- Facilitates members fund settle with Dornet for property allocation processes
Dornet operations are subject to the followings client money protection act and registered with an approved (CMP), Property Redress Schemes (Ombudsman scheme), HMRC, NCA and may be subject to Housing Ombudsman Services (HOS)

If you have any questions about this policy do not hesitate to contact us by E-mail: [email protected]

This policy has been drafted in the English language. In the event of any discrepancy between the meanings of any translated versions of this policy and the English language version, the meaning of the English language version shall prevail.

In compliance with anti-money laundering regulations,

Dornet is allowed to transfer funds only to an account bearing your name.
Dornet approved account managers are only allowed to approve repayment to account that has been validated by our systems and active on our systems for more than 120 days

Our approved account managers may require additional information or documentation prior to releasing funds to your account.

Docs need to be sent to the email that will be communicated to you by the account managers.
Scanned using Dornet application
A certified copy by the following must be sent to us:
- Post office
- Registered solicitor
- Commisional of state
- Judge

AML Policy

DORNET does not tolerate money laundering activities and supports the fight against money launderers. DORNET follows the guidelines set by the UK’s Joint Money Laundering Steering Group. The UK is a full member of the Financial Action Task Force (FATF), the intergovernmental body whose purpose is to combat money laundering and terrorist financing.

DORNET now has policies in place to deter people from laundering money. These policies include:

Ensuring members have valid proof of identification.
Maintaining records of identification information.
Determining that members are not known or suspected terrorists by checking their names against lists of known or suspected terrorists.
Informing members that the information they provide may be used to verify their identity closely following clients’ money transactions.
Not accepting cash, money orders, third party transactions, exchange houses transfers, Money Grams money transfers or Western Union money transfers.

Money Laundering usually follows three stages:

Firstly, cash or cash equivalents are placed into the financial system
Secondly, money is transferred or moved to other accounts (e.g., Futures accounts) through a series of financial transactions designed to obscure the origin of the money (e.g., Executing trades with little or no financial risk or transferring account balances to other accounts).
And finally, the funds are re-introduced into the economy so that the funds appear to have come from legitimate sources (e.g., Closing a platform account and transferring the funds to a bank account).

Property related accounts are one vehicle that can be used to launder illicit funds or to hide the true owner of the funds. A member account can be used to execute financial transactions that help obscure the origins of the funds.

DORNET and our account managers directs funds withdrawals back to the original source of remittance, as a preventative measure. International Anti-Money Laundering requires financial services institutions to be aware of potential money laundering abuses that could occur in a member account and implement a compliance program to deter, detect and report potential suspicious activity.

These guidelines have been implemented to protect DORNET, our partners and our members.

For questions/comments regarding these guidelines, please contact us [email protected]

KYC Policy

Know your member policies have become increasingly important worldwide lately, especially among banks, financial institutions and other regulatory business functions, to prevent identity theft, money laundering, financial fraud and terrorist activity.

DORNET holds a zero-tolerance fraud policy and is taking all measures possible to prevent it. Any fraudulent activity will be documented and all related accounts to it will be immediately closed. All funds in these accounts will be forfeited and all related account will be reported to the regulatory authorities and monitoring bodies

Prevention:

DORNET aims to ensure the integrity of any sensitive data it obtains, such as your account or card information and the transactions you make, using a variety of security measures and fraud controls. Securing your electronic transactions requires us to be provided with certain data from you, including your preferred payment method.

When you subscribe to our platform, a verification and validation process will be triggered, this process will be performed by an independent third-party organisation which shall verify and validate your identity.

The following will be applied to your account

The verification cost set by the independent verifying organisation in your respected country of region which must be paid to the organisation
Scanning your original document using our approved independent third-party application
Your biometric identity to validate your physical recognition as against the provided documentations
You may require a suitable mobile device to perform this verification
Further documentation may be requested by the validator

When you subscribe and before you can transfer funds, we will require the following documents:

We may request for further documentation from you.
We may request for further documentation from you.

If you have any questions, please don’t hesitate to contact our member support: [email protected]

When do I need to provide these documents?

We highly appreciate you taking the time to provide us with all the necessary documents as soon as you can, to avoid any delays in processing your transactions. We require the receipt of all the necessary documents prior to making any online transactions to your benefit.

Some circumstances may require us to request these documents before allowing any other activities in your account, such as viewing properties or approving your registration.

Please note that if we will not receive the required documents on file within the stipulated period of 14 days, your pending actions will be cancelled, and this may lead to your account been closed. We will notify you on such event via our system.

How can I send you these documents?

Please scan your documents, or take a high-quality digital camera picture, save the images as jpegs, then attach it to the document request section on the platform.

As part of your registration process, a document verification email will be sent to your registered email which will require you to complete the process. On completion of the verification process Dornet will then be able to approve your platform registration.

How do I know my documents are safe with you?

DORNET holds the security of documentation at highest priority and treats all documents it receives with utmost respect and confidentiality. All files we obtain are fully protected using the highest level possible of encryption at every step of the review process

We thank you for your cooperation in helping us make DORNET a safer business place.

General Terms of use

The use of this platform is subject to the following terms of use: The content of the pages of this platform is for your general information and use only. It is subject to change without notice.

All the funds generated through this platform or domain are directly invested on projects or program.

Dornet is not a financial service institution
Dornet do not provide financial advice
Dornet do not hold financial instruments and security
Dornet do not hold members money
Dornet do not provide guarantee at any time property development will/shall be provided to our members at a set time or period
Dornet do not assume responsibility at any time for your homelessness
Dornet do not assume responsibility at any time for your loss of fund as the result of your direct or indirect action
Dornet shall not contact our members and request for your personal information
Dornet shall not contact our members and request for your financial information
Dornet do not provide guarantee at any time property development will/shall be provided to our members at a set time or period
If you receive communication from any source except the source provided on our public website or mobile application.

Do not engage such communication channel

Contact our members support team for verification.

Do not provide your information to such contact

Dornet or our approved vendors and partner will/shall not contact our members requesting using action point such as the following
You must act now
You are the lucky one
Urgent action
Financial gain promises
Promise of undue advantage
Discounted offers
Secrecy actions (do not tell anyone)
Threat of legal action
Threat of government action. i.e., HMRC, NCA
Threat of malicious engagement I.e., cyber security team, hackers, members account manager, client money protecting body
Dornet do not provide refund directly; users can regenerate their committed funds when they put current occupying position up for sale and verifiable offers are received
Dornet is not a trading platform and should not be treated as such, Dornet does not provide financial returns on the user's occupied positions
All transactions made with respect to Dornet products or related to Dornet products, or services must be done through Dornet platform and approved Dornet account managers' account
Dornet will not change the official registered name of the Business and trading platform name without proper name change documentation provided by the Government and official communication made to platform members through official registered communication links
All value appreciation realised from selling current members position shall be retained by Dornet and no financial gain can or shall be transferred from one member account to another member's account
All revenue retained from the sales of members position shall be reinvested into the project and program
All available positions shall be made open to all members of the platform in proximity to their location and registered address
All approved members position which is placed for transfer which offers are received, such offers shall be reviewed by Dornet, and only verifiable members offer shall be approve
All accepted offers shall be made public and the current owner’s position shall be closed on completion of the transaction
All payments shall be returned to the payment account in accordance with the anti money laundering regulation in relation to registered account on the platform.
Returned payment may take up to 28 days or 120 days for verified and validated account before it will be remitted
All administrative costs shall be covered by the member
All users must pass the mandatory KYC requirement
Any transaction conducted which is related to Dornet products or Dornet services outside of Dornet approved platform, or not through the approved account manager will not be validated by Dornet and may lead to the termination of clients’ agreement and access to the program
Your use of any information or materials on this platform is entirely at your own risk, for which we shall not be liable
It shall be your responsibility to ensure that any products, services, or information available through this platform meet your specific requirements
This platform contains material that is owned by or licensed to us by third-party organisations. This material includes, but is not limited to, the design, layout, look, appearance, IT infrastructure, verbiage and graphics of which reproduction is prohibited other than following the copyright notice, which forms part of these terms and conditions.
All trademarks reproduced in this platform, which is not the property of, or licensed to, the us is acknowledged on the platform.
Unauthorised use of this platform may give rise to a claim for damages and/or be a criminal offense.
From time to time this platform may also include links to other platforms. These links are provided for your convenience to provide further information. They do not signify that we endorse the platform(s) for activities or transactions that are not clearly stipulated on this platform and are not related to Dornet processes, products or services. We have no responsibility for the content of the linked platform(s).

Your use of this platform and any dispute arising out of such use of the platform is subject to the laws of England, Northern Ireland, Scotland, and Wales.

Schedule 1

Third Party Additional Terms

The following additional terms will apply dependent on the Dornet product or services that the vendor is accessing or purchasing:

Facial Recognition and/or document verification:

The vendor must not use the Service for the purposes of verifying the identity of data subjects where the vendor does not have the relevant permission or consent from the data subject in accordance with the Data Protection Legislation.
The vendor shall be responsible for the creation, maintenance and design of all data provided by the vendor to Dornet.
The vendor acknowledges and accepts that occasionally Dornet (or is Data provider), may be required to:

Change the Specification for operational reasons, however, Dornet will ensure that any change to the Specification does not materially reduce or detrimentally impact the performance of Dornet Product.
Give the vendor instructions which it reasonably believes are necessary to enhance or maintain the quality of Dornet product which are provided by Dornet and Dornet shall not be responsible for any errors resulting from the customer’s non-compliance with such instructions.

The vendor shall be responsible for:

Ensuring that it has a minimum of one system administrator.
Informing Dornet of any changes to the Customer’s system administrator’s contact details without undue delay.
Providing the telecommunications and network services and correctly configured hardware and other equipment needed to connect to the Software.
The configuration and management of access to the Software including configuration of the Customer’s network, firewall, DNS, routers, personal computers, and user profile.
Obtaining Dornet’ prior written consent to any integration of Dornet Product into a website or call centre application which the vendor may wish to undertake; and
Any work required for any integration approved by Dornet.

The vendor shall ensure that:

any use of the Dornet product for the purpose of testing, development, or any activity that affects the production environments usage, license model or configuration (” Testing Activity”) must be reported to Dornet prior to the Testing Activity taking place; and

any Dornet Product used in test/staging environment must at all times be licensed appropriately and adhere to all relevant usage restrictions as advised by Dornet.

The vendor acknowledges that it is solely responsible for supplying Dornet with written notification of any intention to conduct Testing Activity. If any Testing Activity takes place prior to Dornet being notified, then any such usage shall be charged.
The vendor acknowledges and accepts that Dornet cannot process payment cards as it does not follow the Payment Card Industry Data Security Standard. Consequently, the vendor must not send Dornet images of payment cards.
The vendor must retain back-up copies of all information provided to Dornet.
The vendor shall only access the Dornet Product as permitted by Dornet and shall not attempt at any time to circumvent system security or access the source software or compiled code.
Upon no less than seven (7) days’ prior written notice, Dornet may vary the Third-Party Additional Terms and such varied terms shall become effective upon the expiry of the seven (7) day notice period or such later date as the notice may specify.
The vendor procures the grant of a non-transferable, non-exclusive, royalty free license to use, disclose and copy the information provided to Dornet to enable Dornet to carry out its obligations under these terms and conditions.
The vendor warrants that:

it will not use or exploit the Intellectual Property Rights in the Dornet Product or permit others to use or exploit the Intellectual Property Rights in the Dornet Product outside of the terms of the license granted to the vendor under these terms and conditions.
all computers and/or IT systems which Dornet are required to use, are legally licensed to the vendor or are the Customer’s property and that such activities by Dornet will not infringe the rights of any third party.
the use of the Dornet Product by the vendor through any software, equipment, materials, or services not provided by Dornet will not infringe the rights of any third party.
Dornet’ compliance with any designs or specifications provided by the Customer, or on the Customer’s behalf will not infringe the rights of any third party; and
the use by Dornet of the data provided by the vendor through the provision of the service in accordance with the terms of the Agreement, will not infringe any third party’s Intellectual Property Rights.

The Parties acknowledge that damages alone may not be an adequate remedy for a breach by the other Party. Accordingly, without prejudice to any other rights and remedies it may have, the injured Party shall be entitled to seek specific performance and/or injunctive or other equitable relief.
Due to Dornet’ reliance on its Data providers, and telecommunication services, over which Dornet has no direct control, Dornet cannot warrant:

Suitability for purpose/requirements and/or uninterrupted availability of the Dornet Product; or
That the use of the Dornet Product; will meet the Customer’s business requirements and the vendor accepts that the Dornet Product was not designed or produced to the Customer’s individual requirements and that they are responsible for their selectio

Dornet makes no warranty (i) that the Software is or will be compatible with any rules, requirements or guidelines of the owners or operators of other platforms which may be used by the Customer, (ii) regarding the accuracy or suitability of the templates contained within the Dornet Product; or (iii) that the use of the Software, or the Dornet Product will meet the Customer’s business requirements.

Data Services

The vendor shall not use the Dornet Products for the following purposes: (a) marketing; (b) employment screening; (c) credit assessment purposes.
The Dornet Data is supplied subject to additional terms of its Data Providers, which are available upon request and are hereby incorporated into the Agreement as if written in full herein.
The vendor shall adhere to and implement all of the security and audit requirements set out in Schedule 3.
In performing its obligations under these terms and conditions, the vendor shall comply with the Code.
The vendor acknowledges that Data Providers are subject to economic sanctions laws, including but not limited to those enforced by the U.S. Department of the Treasury’s Office of Foreign Assets Control (“OFAC”), the European Union, and the United Kingdom. Accordingly, the vendor shall comply with all economic sanctions’ laws of the United States, the European Union, the United Kingdom and the GCC as appropriate. The vendor shall not provide access to Dornet Products to any individuals identified on OFAC’s list of Specially Designated Nationals (“SDN List”), the UK’s HM Treasury’s Consolidated List of Sanctions Targets, or the EU’s Consolidated List of Persons, Groups, and Entities Subject to EU Financial Sanctions. vendor shall not take any action, which would place Dornet or its licensors in a position of non-compliance with any such economic sanctions laws.
The vendor acknowledges that Dornet, or its Data Provider, maintains a database, updated on a periodic basis, from which the vendor obtains and sells Dornet Data, and that Dornet does not undertake a separate investigation for each inquiry or request for Dornet Data made by the Customer. The vendor also acknowledges that the prices Dornet charges the vendor for the Dornet Products, are based upon Dornet’ expectation that the risk of any loss or injury that may be incurred by use of the Dornet Products will be borne by the vendor and not Dornet. The vendor therefore agrees that it is responsible for determining that the Dornet Products and the Dornet Data are in accordance with Dornet’ obligations under these terms and conditions. If the vendor reasonably determines that the Dornet Data does not meet Dornet’ obligations under these terms and conditions, vendor shall so notify Dornet in writing within five (5) days after receipt of the Dornet Data in question. The Customer’s failure to notify Dornet within the specified period, shall mean that the vendor accepts the Dornet Data as is, and Dornet will be discharged of any liability for non-performance.
Without limiting the effect of clause 15.6 of the agreement, Dornet does not warrant that the Dornet Data is accurate, complete, reliable, secure, useful, fit for purpose, timely or of a particular quality.
Disclaimer of Warranty: Vendor will use reasonable efforts to deliver the Dornet Products requested by the Customer; provided, however, that the vendor accepts all information contained in the Dornet Data “AS IS.” Because the Dornet Products involve conveying information and data provided to Dornet by other sources, Dornet cannot and will not, be an insurer or guarantor of the accuracy or reliability of the Vendor Product, Dornet Data contained in its database, or in the Dornet Product. DORNET DOES NOT GUARANTEE OR WARRANT THE ACCURACY, TIMELINESS, COMPLETENESS, CURRENTNESS, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE OF THE VENDORS PRODUCT OR VENDOR DATA, INFORMATION IN THE VENDOR PRODUCT OR VENDOR DATA OR THE MEDIA ON OR THROUGH WHICH THE DORNET PRODUCTS ARE PROVIDED AND SHALL NOT BE LIABLE TO CUSTOMER, TO ANY END USERS OR OTHER THIRD PARTIES FOR ANY LOSS OR INJURY ARISING OUT OF OR CAUSED IN WHOLE OR IN PART BY VENDOR ACTS OR OMISSIONS, IN PROCURING, COMPILING, COLLECTING, INTERPRETING, REPORTING, COMMUNICATING OR DELIVERING THE DORNET PRODUCT OR DORNET DATA OR INFORMATION THEREIN UNLESS CAUSED BY DORNET NEGLIGENCE OR WILFUL MISCONDUCT.
The vendor warrants not to sue or maintain any cause of action, claim, demand, cross claim, third party action or other form of litigation or arbitration against Dornet, its Data providers, officers, directors, employees, contractors, agents, affiliated bureaus, or subscribers arising out of or relating in any way to the Dornet Products (or information therein) being blocked by Dornet or not being accurate, timely, complete or current. The vendor agrees that Dornet and its Data Providers are entitled to enforce the data security, use, legal compliance and indemnification provisions of these terms and conditions directly against the Customer.

Schedule 2

Trademarks

Trademark number:

Schedule 3

Vendor Security and Audit Requirements

THESE TERMS SHALL ONLY APPLY TO CUSTOMERS WHO ARE RECEIVING DATA SERVICES

INTRODUCTION

The vendor must appropriately protect data.

The vendor must keep all information confidential and secure and must take appropriate measures to protect against misuse and/or unauthorized access.

The vendor must implement an audit program.

The vendor must develop and implement a defined audit program designed to detect unauthorized use of the Dornet Products, Software or information.

Upon request, the vendor agrees to provide Dornet with any documentation related to above.

1. VENDOR SECURITY REQUIREMENTS

USE RESTRICTIONS

The vendor acknowledges that the Dornet Products and information available therein may include personally identifiable information and vendor required to keep all such information confidential and secure. Accordingly, the vendor shall take appropriate measures to protect against the misuse and/or unauthorized access through or to User ids and passwords. The vendor shall: (a) restrict access to the Dornet Products to those employees who have a need to know as part of their official duties; (b) ensure that none of its employees (i) obtain and/or use any information from the Dornet Products for personal reasons, or (ii) transfer any information received through the Dornet Products to any party except as permitted hereunder; (c) keep all User ids and related passwords, or other security measures used to access the Dornet Products confidential and prohibit the sharing of User ids; (d) immediately deactivate the User ID of any employee who no longer has a need to know, or for terminated employees on or prior to the date of termination; (e) take all commercially reasonable measures to prevent unauthorized access to, or use of, the Dornet Products or Dornet data received there from, whether the same is in electronic form or hard copy, by any person or entity; (f) maintain and enforce data destruction procedures to protect the security and confidentiality of all information obtained through Dornet Products as it is being disposed; (g) unless otherwise required by law, purge all information received through the Dornet Products and stored electronically or on hard copy by the vendor which is not required for the purposes of providing access to the results data obtained to provide to the Customer’s customers within ninety (90) days of initial receipt; (h) be capable of receiving the Dornet Products where the same are provided utilizing “secure socket layer,” or such other means of secure transmission as is deemed reasonable by Dornet; (i) not access and/or use the Dornet Products via mechanical, programmatic, robotic, scripted or other automated search means, other than through batch or machine-to-machine applications approved by Dornet; and (k) take all steps to protect its networks and computer environments, or those used to access the Dornet Products, from compromise. The vendor agrees that on at least a quarterly basis, it will review searches performed by its User ids to ensure that such searches were performed for a legitimate business purpose and in compliance with all terms and conditions herein and shall use commercially reasonable efforts to follow additional policies and procedures for account maintenance as may be communicated to vendor by Dornet from time to time.

Further, the vendor shall ensure that personal data shall be processed in a manner that ensures appropriate security, integrity, and confidentiality of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

SECURITY POLICIES AND PROCEDURES AND INCIDENT NOTIFICATION

The vendor will implement policies and procedures to prevent unauthorized use of User ids and the Dornet Products and information related thereto and will immediately notify Dornet if the vendor suspects, has reason to believe or confirms that a User ID or the Dornet Products (or data derived directly or indirectly there from) is or has been lost, stolen, compromised, misused or used, disclosed, accessed or acquired in an unauthorized manner or by any unauthorized person, or for any purpose other than legitimate business reasons. The vendor shall, without undue delay, investigate all such instances. The vendor solely liable for all costs associated therewith and shall further reimburse Dornet for any expenses Dornet or its Data Providers incur due to the Customer’s failure to prevent such impermissible use or access of User ids and/or the Dornet Products, or any actions required as a result thereof.

Furthermore, in the event that the Dornet Products provided to the vendor include personally identifiable information (including, but not limited to, social security numbers, driver’s license numbers or dates of birth), the following shall apply: the vendor acknowledges that, upon unauthorized acquisition or access of or to such personally identifiable information, including but not limited to that which is due to use by an unauthorized person or due to unauthorized use (a “Security Event”), the vendor shall, in compliance with law or as may be requires at Dornet’ discretion, notify the individuals whose information was potentially accessed or acquired that a Security Event has occurred, and also notify any other parties (including but not limited to regulatory entities and credit reporting agencies).

The vendor agrees that such notification shall not reference Dornet or its Data Providers or the Dornet Products through which the data was provided, nor shall Dornet or the Dornet Products be otherwise identified or referenced in connection with the Security Event, without Dornet’ express written consent.

The vendor shall be solely responsible for any other legal or regulatory obligations that may arise under Legislation in connection with a Security Event and shall bear all costs associated with complying with legal and regulatory obligations in connection therewith.

The vendor shall remain solely liable for all costs and claims that arise from a Security Event, including, but not limited to, costs for litigation (including attorneys’ fees), and reimbursement sought by individuals, including but not limited to, costs for credit monitoring or allegations of loss in connection with the Security Event, and to the extent that any claims are brought against Dornet, shall indemnify Dornet from such claims. The vendor shall provide samples of all proposed materials to notify consumers and any third parties, including regulatory entities, to Dornet for review and approval prior to distribution. In the event of a Security Event, Dornet may, in its sole discretion, take immediate action, including suspension or termination of the Customer’s account, without further obligation or liability of any kind. If the vendor contacted by a government or law enforcement agency regarding suspected or actual misuse of Dornet Products, the vendor will immediately notify Dornet unless expressly prohibited from doing so by the government or law enforcement agency.

SECURITY OF DORNET DATA

The vendor certifies that it has not been the subject of any proceeding regarding any trust related matter including, but not limited to, fraud, counterfeiting, identity theft and the like, and that the vendor has not been the subject of any civil, criminal, or regulatory matter that would create an enhanced security risk to Dornet or its data. If any such matter has occurred or occurs during the course of the Customer’s relationship with Dornet, the vendor shall provide to Dornet a signed statement, along with all relevant supporting documentation, providing all details of such matter.

CUSTOMER’S COMPREHENSIVE INFORMATION SECURITY PROGRAM

The vendor shall establish and implement, and thereafter maintain, a comprehensive information security program that is reasonably designed to protect the security, confidentiality, and integrity of the data received from Dornet. This program shall include, but is not limited to, the implementation of industry best practice controls such as current and updated anti-virus software on systems, appropriate use of firewalls and intrusion detection systems, and periodic monitoring of user activity. Such program, the content and implementation of which must be fully documented in writing, shall contain administrative, technical, and physical safeguards appropriate to the Customer’s size and complexity, the nature and scope of Customer’s activities, and the sensitivity of the information received from Dornet, including:

The designation of an employee or employees to coordinate and be accountable for the information security program.

The identification of material internal and external risks (both known and reasonably anticipated) to the security, confidentiality, and integrity of personal information that could result in the unauthorized disclosure, misuse, loss, alteration, destruction, or other compromise of such information, and assessment of the sufficiency of any safeguards in place to control these risks. At a minimum, this risk assessment should include consideration of risks in each area of relevant operation, including, but not limited to: (a) employee training and management; (b) information systems, including network and software design, information processing, storage, transmission, and disposal; and (c) prevention, detection, and response to attacks, intrusions, or other systems failures.

The design and implementation of reasonable safeguards to control the risks identified through risk assessment, and regular testing or monitoring of the effectiveness of the safeguards’ key controls, systems, and procedures.

The evaluation and adjustment of the Customer’s information security program in light of the results of the testing and monitoring required by subparagraph 3, any material changes to the Customer’s operations or business arrangements, or any other circumstances that the vendor knows or has reason to know may have a material impact on the effectiveness of its information security program.

The vendor shall promptly remediate any deficiencies identified above.

Specifically, the information security program shall implement the following requirements:

User access management. Each vendor must name a System Administrator who will be responsible for maintaining the following records:
A complete list of each username associated with each User ID, ensuring that each User ID and password is assigned to only one individual. User ids and passwords may not be shared, and “generic” User ids and passwords are not permitted.
Usernames and passwords. User passwords must be at least 16 characters long, must be changed at least every 90 days, must contain at least 3 of the 4-character sets (uppercase, lowercase, number, special characters), and User ids must be suspended after at most five continuous and unsuccessful login attempts.
IP address restrictions are required for Customers who have access to full Social Security Numbers (”ssns”) and/or Driver’s License Numbers (”dlns”). IP address restrictions are also strongly recommended for non-qualified access users. The types of IP address restrictions include:
Full restrictions – the vendor can only gain access when using the product within the IP address range designated.
Roaming restrictions – subject to approval by Dornet, the vendor can gain access to the products both inside and outside of the IP address restriction range. Within the IP address range, the product will display full ssns and dlns. Outside of the IP address range, the product will display truncated ssns and will not display dlns. Customers must ensure that all transactions, XML and Web Based Applications, are sent over an encrypted medium. Valid encryption strategies are either HTTPS (TLS) 1.2 or better and at least 128 bit or HTTP over an IP Secure VPN.

All Batching must be tracked by the vendor using a specific vendor user ID.

Dornet may require the vendor to enhance their authentication procedures using multi-factor authentication for access to certain types of data.

All Customers are required to have FTP servers in place for receiving batch requests. Security measures should include Standard PGP encryption (Public Keys Exchange) or a secure SFTP using SSH as a method of encryption.

Customers are required to take reasonable and appropriate steps to ensure that information that is mailed to their clients and consumers is appropriately secured. These steps include using confidential envelopes for mailing, not marking the outside of the envelope with any information regarding its contents, and masking or truncating sensitive information in printed and mailed documents wherever possible.

VENDOR AUDIT AND TRAINING REQUIREMENTS

AUDIT PROGRAM

In addition to Dornet’ own stringent security and audit programs, Dornet contractually requires its customers to have a defined audit program in place that will be designed to reasonably prevent unauthorized usage and will detect unauthorized or inappropriate use of Dornet data. Customers must appropriately monitor use of the Dornet Data and ensure compliance with the Dornet’ standards, legal and regulatory obligations and contractual obligations made by the vendor to Dornet.

Upon request by Dornet, the vendor shall provide copies of such audit files to confirm compliance with these terms and conditions set forth herein. Dornet reserves the right to monitor and audit the Customer’s Audit Program as it deems appropriate, in its sole iscretion, and Dornet requires all Customers to co-operate fully and provide, without undue delay, responses to such monitoring and auditing. Violations, as determined by Dornet in its sole discretion, may be grounds for immediate changes without notice to account status, including but not limited to, suspension, change in service level provided, and/or termination of account. The vendor shall randomly audit a representative number of its existing and new Customers per year (for example, by applying the “95/5” statistical methodology to their account selection for such random audit program). The vendor shall maintain, during the Term and for five years following termination of the agreement, accurate and complete books and records related to its audits and investigations.

MONITORING AND LOGGING REQUIREMENTS

The Vendor Audit Program must include sufficient monitoring and logging capability to track individual transactions. Specifically, Dornet must be able to identify the following information for each search performed by its customers:

vendor company/entity that performed the search.
User ID used to access the system
Name of the individual that is registered to each User ID.
Date and time the search was performed.
IP address from which the search originated; and
Business reason and corresponding legal permissible purpose under the applicable statute (for example, the GLBA) permitting the Customers to conduct each search.

Dornet must monitor its customers to ensure that it is in compliance with its contract for Dornet Products, and that its customers are in compliance with all laws and regulations. Customers are required to take reasonable and appropriate steps to ensure that their use abides by all terms and conditions of their relationship with Dornet.