Keytrust Terms Of Service

Updated 2 March, 2021

Term of Service for using Keytrust

Our commitments to you and from you to us.

Schedule 1

Please read these terms and conditions carefully, as they set out our and your legal rights and obligations in relation to Keytrack New Zealand Limited’s “Keytrack ®” platform and services.

You should print a copy of these terms and conditions for future reference. We will not file a copy specifically in relation to you. These terms and conditions are available in the English language only.

If you have any questions or complaints about our services, please contact us at [email protected] or by writing to Keytrack Limited, 19 Moore Street, Howick, Manukau, 2014, New Zealand. 

Definitions and interpretation

1.1. In the Agreement:

Affiliate” means an entity that Controls, is Controlled by, or is under common Control with the relevant entity;

Agreement” means the agreement between the Provider and the Customer for the provision of Keytrack’s services, incorporating these Terms of Service (including the Schedules) and any amendments to the Agreement from time to time;

Anniversary Date” means the date of commencement of chargeable Services. Where the Charges are monthly, the Anniversary Date will be the same day of the immediately following month. The Anniversary Date will be deemed to be the last day of the same month for monthly Anniversary Dates between 28th and 31st where the month does not contain the applicable number of days;

Business Day” means any weekday, other than a bank or public holiday in New Zealand;

Business Hours” means between 09:00 and 17:30 New Zealand Standard Time on a Business Day;

Charges” means the amounts payable by the Customer to the Provider under or in relation to the Agreement;

Control” means the legal power to control (directly or indirectly) the management of an entity (and “Controlled” will be construed accordingly);

“Customer” means a person or body of persons (whether corporate or unincorporated and whether in the public or private sector) that requires an identity information check for its business purposes.

Customer Confidential Information” means any information disclosed (whether disclosed in writing, orally or otherwise) by the Customer to the Provider during the Term that is marked as “confidential”, described as “confidential” or should have been understood by the Provider at the time of disclosure to be confidential; the Customer Materials;

Customer Materials” all works and materials: uploaded to, stored on, processed using or transmitted via the Platform by or on behalf of the Customer or by any person or application or automated system using the Customer’s account; and otherwise provided by the Customer to the Provider in connection with the Agreement;

Data Controller” means the entity which determines the purposes and means of the processing of Personal Information and who authorises to give Keytrack Personal Data processing instructions.

“Data Subject” is the individual who is the subject of Personal Information;

“Data Vendor” is a source of Personal Information for which the data processor accesses to confirm the data subjects personal information.

Documentation” means the documentation made available on the website and/or Platform to the Customer;

Effective Date” means the date that the Agreement comes into force as specified in Clause [3] Agreement and Term of the Terms of Service;

Force Majeure Event” means an event, or a series of related events, that is outside the reasonable control of the party affected (including failures of or problems with the internet or a part of the internet, hacker attacks, virus or other malicious software attacks or infections, power failures, industrial disputes affecting any third party, changes to the law, disasters, explosions, fires, floods, riots, terrorist attacks and wars);

GST” means New Zealand Goods and Services Tax and is chargeable in the context where a Customer is within New Zealand, and under the rules set out by New Zealand Inland Revenue Department;

“Intellectual Property Rights” means all intellectual property rights wherever in the world, whether registered or unregistered, including any application or right of application for such rights (and the “intellectual property rights” referred to above include copyright and related rights, database rights, confidential information, trade secrets, know-how, business names, trade names, trade-marks, service marks, passing off rights, unfair competition rights, patents, petty patents, utility models, semi-conductor topography rights and rights in designs);

Permitted Purpose” means utilising the Platform in accordance with this Terms of Service and the Acceptable Use Policy set out in Schedule [1];

Personal Data” has the meaning given to it in the New Zealand Privacy Act 2020;

Platform” means the software platform known as Keytrack with its Keytrust software that is owned and operated by the Provider, and that will be made available to the Customer as a service via the internet under this Agreement;

Provider” means Keytrack New Zealand Limited “Keytrack”, a company incorporated in New Zealand having its registered office at 19 Moore Street, Howick, Auckland 2014, New Zealand;

Schedule” means a schedule attached to the Agreement;

Services” means all the services provided, or to be provided, by the Provider to the Customer under this Agreement, it’s Permitted Purpose and in Schedule 3;

Term” means the term of this Agreement; and

Upgrades” means new versions of, and updates to, the Platform, whether for the purpose of fixing an error, bug or other issue in the Platform or enhancing the functionality of the Platform.

1.2. In the Agreement, a reference to a statute or statutory provision includes a reference to: that statute or statutory provision as modified, consolidated and/or re-enacted from time to time; and any subordinate legislation made under that statute or statutory provision.

1.3. The Clause headings do not affect the interpretation of the Agreement.

1.4. The ejusdem generis rule is not intended to be used in the interpretation of the Agreement.

2.1 The Provider can change the Agreement at any time by providing the Customer at least 30 days’ prior notice of the change. The Customer’s continued use after that notice means that the Customer agrees to the changed Agreement.

3.1. No contract will come into force between the Provider and the Customer unless and until this agreement is consented which includes digital acceptance of the terms in this Terms of Service.

3.2. The Provider’s Privacy Policy applies to all personal information provided to the Provider and forms part of the Agreement.

3.3. Once in force, this Agreement will continue indefinitely, unless terminated in accordance with Clause [14].

4.1. The Platform will automatically generate an account for the Customer enabling the Customer to access the Platform and Keytrust services. The customer must satisfy itself as to the adequacy of the Platform for its Anti-Money Laundering legal compliance. The Customer accepts and acknowledges that is has not relied on any statements or representations on the part of Keytrack as to the adequacy of the Services or the reliability or independence of any electronic data source, except as expressly recorded in this Agreement. For the electronic identity checks against Customer selected databases, Keytrack only verifies that the information provided by the Customer is consistent with the information held in the databases requested by the Customer.

4.2. Subject to the limitations set out in Clause [4.3] and the prohibitions set out in Clause [4.4], the Provider hereby grants to the Customer a non-exclusive licence to use the Platform for the Permitted Purpose via any standard web browser in accordance with this Agreement and all other policies of the Provider, during the Term.

4.3. The licence granted by the Provider to the Customer under Clause [4.2] is subject to the Customer complying at all times with the terms of this Agreement and comply with the providers Privacy Policy.

4.4. Except to the extent mandated by applicable law or expressly permitted in the Agreement, the licence granted by the Provider to the Customer under this Clause [4] is subject to the following prohibitions:

  • the Customer must not sub-licence its right to access and use the Platform or allow any unauthorised person to access, alter, modify, copy or use the Platform;

4.5. For the avoidance of doubt, the Customer has no right to access the object code or source code of the Platform, either during or after the Term.

4.6. All Intellectual Property Rights in the Platform and any suggestions, enhancements, requests, recommendations, corrections or other feedback provided by the Customer relating to the Platform shall, as between the parties, be the exclusive property of the Provider.

4.7. The Customer shall ensure that no unauthorised person will or could access the Platform using the Customer’s account.

4.8. The Customer must not use the Platform in any way that causes, or may cause, damage to the Platform or impairment of the availability or accessibility of the Platform, or any of the areas of, or services on, the Platform.

4.9. The Customer must not use the Platform:

  • in any way that is unlawful, illegal, fraudulent or harmful; or
  • in connection with any unlawful, illegal, fraudulent or harmful purpose or activity.
  • in any way outside of the permitted use.

4.10. The customer must not reverse engineer any component of the Services.

5.1. During the Term, the Provider may apply Upgrades to the Platform. Upgrades may result in changes the appearance and/or functionality of the Platform.

5.2. The Provider may from time to time suspend access to the Platform in order to carry out scheduled maintenance or Upgrades.

5.3. The Provider will endeavour to give to the Customer advance notice of scheduled maintenance affecting access to the Platform, including details of the expected Platform downtime. The Customer acknowledges that advance notice from the Provider may not always be possible in the case of urgent maintenance.

6.1. The Customer grants to the Provider a non-exclusive licence to store, copy, transmit and otherwise use the Customer Materials for the purposes of operating the Platform, providing the Services, fulfilling its other obligations under the Agreement, and exercising its rights under the Agreement.

6.2. Subject to Clause [6.1], all Intellectual Property Rights in the Customer Materials will remain, as between the parties, the property of the Customer.

6.3. The Customer warrants and represents to the Provider that the Customer Materials, and their use by the Provider in accordance with the terms of the Agreement, will be in accordance with the Acceptable Use Policy set out in Schedule [1] and will not:

  • breach any laws, statutes, regulations or legally-binding codes;
  • infringe any person’s Intellectual Property Rights or other legal rights; or
  • give rise to any cause of action against the Provider or the Customer or any third party, in each case in any jurisdiction and under any applicable law.

6.4. Where the Provider reasonably suspects that there has been a breach by the Customer of the provisions of this Clause [6], the Provider may:

  • suspend any or all of the Services and/or the Customer’s access to the Platform while it investigates the matter.

6.5. Any breach by the Customer of this Clause [6] will be deemed to be a material breach of the Agreement for the purposes of Clause [14].

7.1. The Charges in respect of access to and use of the Platform will be available via a fixed Charge, a recurring Charge, a variable Charge or other Charge agreed between the Provider and Customer. Charges are provided within the Keytrack platform and via discussion with the Keytrack sales team.

7.2. The fixed Charge will be determined on a pay-as-you-go model for the services supplied on the Platform as outlined on the pricing page of Provider’s website plus GST (if any), which shall be payable by credit card before services are available.

7.3. The variable and recurring Charges will be determined by the Customer’s selection of package options as outlined on the pricing page of Provider’s website or as agreed via consultation between the Provider and Customer (including prospective Customer). The variable and recurring Charges will be plus GST (if any) and invoiced by the Provider at the time of selection and order by the Customer, and on an agreed, recurring basis.

7.4. Charges must be paid by credit or debit card, or through a direct debit process, and will be automatically deducted by the Provider at the timing as determined between the Provider and Customer.

7.5. All Charges stated in or in relation to the Agreement are stated exclusive of GST, unless the context requires otherwise. GST will be payable by the Customer to the Provider in addition to the principal amounts.

7.6. The Provider may suspend access to the Platform and the provision of the Services if any amounts due to be paid by the Customer to the Provider under the Agreement are overdue. The Customer must pay Keytrack all reasonable costs (including collection costs and legal costs) that Keytrack incurs in attempting to recover any such overdue payments.

8.1. The Provider will make available, during Business Hours, an email support facility for the purposes of:

  • assisting the Customer with the proper use of the Platform; and/or
  • determining the causes of errors and fixing errors in the Platform.

8.2. The Customer must make all requests for support services via email to [email protected] .

9.1. The Customer warrants to the Provider that it has the legal right and authority to enter into and perform its obligations under the Agreement.

9.2. The Customer acknowledges that complex software is never wholly free from defects, errors and bugs, and the Provider gives no warranty or representation that the Platform will be wholly free from such defects, errors and bugs; the Provider will not and does not purport to provide any legal advice under the Agreement or in relation to the Platform and the Provider does not warrant or represent that the Platform will not give rise to any civil or criminal legal liability on the part of the Customer or any other person.

9.3. All of the parties’ warranties and representations in respect of the subject matter of the Agreement are expressly set out in the terms of the Agreement. To the maximum extent permitted by applicable law, no other warranties or representations concerning the subject matter of the Agreement will be implied into the Agreement.

9.4. The Customer agrees that it is using the Services for the purposes of a business and the Consumer Guarantees Act 1993 (NZ) and any other similar consumer protection legislation in any jurisdiction does not apply to the Services or the Agreement and that it is fair and reasonable that the parties are bound by this clause.

9.5. Each party warrants to the other that it has the full power and authority necessary to validly enter into and perform all obligations under this Agreement.

9.6. The Customer has made and will continue to make its own assessment of the suitability, adequacy and compatibility of the Services for its purposes.

9.7. The Customer will ensure that any data subject is advised that they will be using an external service not owned by the Customer.

9.8. The Customer shall ensure that it obtains any necessary consent required to use the Services (in written or electronic form) from the Data Subject in respect of the information provided by the Data Subject before any Identity Check is performed and the Customer shall retain such evidence of consent for Keytrack within 5 days’ notice of a request by Keytrack. The Customer accepts that such evidence may be forwarded to a Data Vendor.

9.9. Keytrack will provide specific consent wording (see Schedule 5) that will be required from the Data Subject before the Data Subject can begin the identity checking process. Where the Customer wishes to perform identity checks on an ongoing basis it shall obtain the consent from each Data Subject to such ongoing checks and retain evidence of the consent.

9.10. The Data Subject may withdraw consent to an identity check at any time by cancelling the identity check in progress, notifying the Customer it wishes to withdraw consent, ceasing to be a customer to the Customer, the passing of 18 months since the Data Subject last consented to ongoing identity checks.

9.11. It is the Customers responsibility to ensure that where the Customer’s use of the Services requires it to send, display or provide access to the personal information stored, held or displayed by Keytrack, it will only do so to a person who has the right to receive or view such personal information in accordance with applicable law and will take all necessary steps to prevent any other disclosure of such information. The Customer acknowledges that it is solely responsible for any breach of this clause.

10.1. The Customer will indemnify and will keep indemnified the Provider against all liabilities, damages, losses, costs and expenses (including legal expenses and amounts paid in settlement of any disputes) suffered or incurred by the Provider and arising as a result of any breach by the Customer of Clause [6.3].

11.1. Nothing in the Agreement will:

  • limit or exclude the liability of a party for death or personal injury resulting from negligence;
  • limit or exclude the liability of a party for fraud or fraudulent misrepresentation by that party;
  • limit any liability of a party in any way that is not permitted under applicable law; or
  • exclude any liability of a party that may not be excluded under applicable law.

11.2. The limitations and exclusions of liability set out in this Clause [11.2] and elsewhere in the Agreement are subject to Clause [11.1]; govern all liabilities arising under the Agreement or in relation to the subject matter of the Agreement, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty; and

11.3. The Provider will not be liable in respect of any loss of profits, income, revenue, use, production or anticipated savings.

11.4. The Provider will not be liable for any loss of business, contracts or commercial opportunities.

11.5. The Provider will not be liable for any loss of or damage to goodwill or reputation.

11.6. The Provider will not be liable in respect of any loss or corruption of any data, database or software.

11.7. The Provider will not be liable in respect of any special, indirect or consequential loss or damage.

11.8. The Provider will not be liable for any losses arising out of a Force Majeure Event.

11.9. The Provider’s liability in relation to any event or series of related events will not exceed the lessor of: NZ$500; and the total amount paid and payable by the Customer to the Provider under the Agreement during the 12 month period immediately preceding the event or events giving rise to the claim.

12.1 The Customer warrants that it has the legal right to disclose all Personal Data that it does in fact disclose to the Provider under or in connection with this Agreement and in use of the Platform.

12.2. The Provider warrants that it has in place applicable security measures against unauthorised processing of Personal Data and against loss or corruption of Personal Data processed by the Provider on behalf of the Customer and as set out in its Privacy and Data Protection Policies, Privacy Policy and Security Standards framework.

13.1 The Provider will:

(a) Keep confidential and not disclose the Customer Confidential Information to any person save as expressly permitted by this Clause [13] and Keytrack’s Privacy Policy;

(b) Protect the Customer Confidential Information against unauthorised disclosure by using the same degree of care as it takes to preserve and safeguard its own confidential information of a similar nature, being at least a reasonable degree of care; and

(c) Without prejudice to the generality of Clause [13.1(b)], deploy and maintain security systems and technologies in relation to the Customer Confidential Information held on the Platform.

13.2. Customer Confidential Information may be disclosed by the Provider to its officers, employees, agents, insurers, sub-processers and professional advisers, provided that the recipient is bound in writing to maintain the confidentiality of the Customer Confidential Information disclosed.

13.3. The obligations set out in this Clause [13] shall not apply to:

  • Customer Confidential Information that is publicly known (other than through a breach of an obligation of confidence);
  • Customer Confidential Information that is in possession of the Provider prior to disclosure by the Customer;
  • Customer Confidential Information that is received by the Provider from an independent third party who has a right to disclose the relevant Confidential Information; or
  • Customer Confidential Information that is required to be disclosed by law, or by a governmental authority, stock exchange or regulatory body.

13.4. The contents of this agreement are considered confidential information. Both party’s may disclose the existence of this agreement for marketing purposes such as but not limited to displaying logos.

14.1. The Provider may terminate the Agreement immediately by giving written notice to the Customer if the Customer:

  • Commits any material breach of any term of this Agreement;
  • Persistently breaches the terms of the Agreement (irrespective of whether such breaches collectively constitute a material breach); or
  • Becomes insolvent, liquidated or bankrupt, has an administrator, receiver, liquidator, statutory manager, mortgagee’s or chargee’s agent appointed, becomes subject to any form of insolvency action or external administration, or ceases to continue business for any reason.

14.2. The Customer may terminate the Agreement at any time by giving written notice of termination to the Provider, or any applicable Keytrack account closure procedure outlined on the Provider’s website.

14.3. The Provider may terminate the Agreement with a Customer by giving one (1) month’s written notice of termination to the Customer.

15.1. Upon termination of the Agreement, all the provisions of the Agreement will cease to have effect, save that the following provisions of the Agreement will survive and continue to have effect (in accordance with their terms or otherwise indefinitely): Clauses [1, 10, 11, 13, 15 and 18].

15.2. Termination of the Agreement will not affect either party’s accrued liabilities and rights as at the date of termination.

16.1. Any notice given under the Agreement must be in writing including Digital means (whether or not described as “written notice” in the Agreement) and must be sent by post, or sent by email or other mutually accepted digital means between the Provider and Customer (or as notified by one party to the other in accordance with this Clause).

16.2. On agreement and use of the Platform’s Services, parties agree that the Platform represents a secure web exchange for the purposes of notices adequate by law and under the relevant jurisdictions, and that all parties agree that they are subscribed to the same secure web document exchange for the purposes of acknowledging the means of notice provided by the Platform.

16.3. The Customer will immediately notify Keytrack upon becoming aware of any third party infringing of Keytrack’s intellectual property rights in any manner.

17.1. Where a Force Majeure Event gives rise to a failure or delay in either party performing its obligations under the Agreement (other than obligations to make payment), those obligations will be suspended for the duration of the Force Majeure Event.

17.2. A party who becomes aware of a Force Majeure Event which gives rise to, or which is likely to give rise to, any failure or delay in performing its obligations under the Agreement, will:

forthwith notify the other; and will inform the other of the period for which it is estimated that such failure or delay will continue.

17.3. The affected party will take reasonable steps to mitigate the effects of the Force Majeure Event.

18.1. No breach of any provision of the Agreement will be waived except with the express written consent of the party not in breach.

18.2. If a Clause of the Agreement is determined by any court or other competent authority to be unlawful and/or unenforceable, the other Clauses of the Agreement will continue in effect.  If any unlawful and/or unenforceable Clause would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the Clause will continue in effect (unless that would contradict the clear intention of the parties, in which case the entirety of the relevant Clause will be deemed to be deleted).

18.3. Except as provided in paragraph 2.1 of this Agreement, the Agreement may not be varied except by a written document signed by or on behalf of each of the parties.

18.4. The Provider may freely assign any or all of its contractual rights and/or obligations under the Agreement to any Affiliate of the assigning party or any successor to all or a substantial part of the business of the assigning party from time to time.

18.5. The Agreement is made for the benefit of the parties, and is not intended to benefit any third party or be enforceable by any third party.  The rights of the parties to terminate, rescind, or agree any amendment, waiver, variation or settlement under or relating to the Agreement are not subject to the consent of any third party.

18.6. Subject to Clause [11.1]:

  • the Agreement including its Schedules constitute the entire agreement between the parties in relation to the subject matter of the Agreement, and supersede all previous agreements, arrangements and understandings between the parties in respect of that subject matter; and
  • neither party will have any remedy in respect of any misrepresentation (whether written or oral) made to it upon which it relied in entering into the Agreement.

18.7. The Agreement will be governed by and construed in accordance with the laws of New Zealand, and the courts of New Zealand will have exclusive jurisdiction to adjudicate any dispute arising under or in connection with the Agreement.

Schedule 2

Keytrust®, is an electronic identity verification service for KYC/AML compliance and a feature of the Keytrack platform. Keytrust services customers in operation of business activities captured under FATF (financial Advisory Task Force) for DNFBPs (Designated Non-Financial Businesses and Professions) and applicable similar jurisdictional laws.

Keytrust’s electronic identity verification services can be customised by the user within or external to the Keytrack deal.

Fields of Application

  • KYC/AML Compliance
  • Proof of Address
  • KYC/AML Account Opening
  • Corporate clients check
  • Keytrust’s document verification service is able to capture and validate over 4 500 documents from 150+ countries, including utility bills, driving licenses, residence permits, government-issued IDs, etc

New Zealand Application

When utilising Keytrust services in compliance with New Zealand AML regulations, the Amended Identity Verification Code of Practice 2013 (The Code) in conjunction with the Identity Verification Code of Practice – Explanatory Note (December 2017) (The Note) provides suggested best practices for all reporting entities conducting electronic name and date of birth identity verification on customers that have been assessed to be low to medium risk.

Keytrust helps reporting entities comply with The Code to operate as ‘safe harbour’ within the AML/CFT Act from electronic:

a) Name x2, date of birth x1, and proof of address x1 verification

b) PEP & sanction checks

c) Biometric verification

Keytrust services include but are not limited to the below list (Keytrack reserves the right to extend or decrease its service offering from time to time.

Keytrust Customers/Data Controllers, upon requesting the relevant electronic identity or document check from the Data Subject, will receive a PDF report of the results of the identity verification search/check within their Keytrack account. The results report will be downloadable from the Data Controllers account for sharing with the Data Subject(s) and will be password protected.

If the Data Controller is also utilising Keytrack’s Deal, the Data Controller can automatically upload the Data Subject’s results report to the Deal and securely share the file with the Data Subject within the cloud-based platform. The Data Subject will be able to download the results report and use the ID number of the Govt ID document used in the verification process to view the results.

Keytrack and Keytrust provide Customers unlimited document storage. Identity Verification Reports can be securely stored on the Provider’s platform for download or destruction at any time.

Coming soon to the Keytrack platform is Keychat, a one-to-one or one-to-many end-to-end encrypted real-time communications app.

Service name Description of Service
AML Screening: International Sanctions, PEPs, Watchlists and Adverse Media A solution for сhecking whether the client is on any of the global sanctions lists, PEP lists, watchlists, blacklists or adverse media (OFAC, UN, HMT, EU, DFT etc.). Ongoing monitoring is included by default for one year once the check is completed. Ongoing monitoring means regular (daily) review of the data collected during the AML Screening.
Identity Document Verification Determines the authenticity and legitimacy of the document to ensure that it has not been forged or altered. More than 6500 types of international identity documents from 220+ countries and territories supported.
Face Match and Liveness Check Compares faces on the submitted images with each other and analyzes the movements of the person, confirming that documents belong to a particular person and that person is real.
Date of Birth, Name and Address Check and confirmation

Checks, confirms and verifies: first and last name, date of birth, address, and residency by checking against relevant regulated data bases and by analysing the following types of documents:

  • Passport
  • Driver’s license bearing residential address
  • Tax bills
  • Utility bills
  • Voter rolls
  • Bank statements
  • Other documents accepted as proof of address
Automated Сorporate Registry Check Real-time access to government corporate registry databases and other public records for enhanced verification of Company Name, Registration Number, Registration Status; Registered Address, Business Activities, Shareholders, Officers, Directors; where available.
Customer Due Diligence of Legal Entities Depending on the applicable AML laws, verification based on corporate documents, identification and verification of identity of ultimate beneficial owner, establishment of control structure, including evaluation of each intermediary shareholder and ownership schemes up to the ultimate beneficial owner.

Schedule 3

User instructions refer to the permitted use in relation to the Keytrust Services available as stipulated in this Agreement and used in accordance with Keytrack’s Privacy Policy and Terms of Service.

The Customer must ensure appropriate levels of privileges be allocated to various staff members. The conducting of ID checks must be performed by authorised employees of the Customer only. The Customer will ensure that suitable checks are in place regarding security of passwords etc. and will use the Provider’s site in accordance with relevant laws in the applicable jurisdiction of the user.

The Provider will not and does not purport to provide any legal advice under the Agreement or in relation to the Platform including Keytrust services. The Customer should obtain independent legal advice and must satisfy itself as to the adequacy of the Keytrust for meeting its requirements in relation to any Anti-Money Laundering or other laws to which you and whether Keytrack/Keytrust can assist you in meeting any legal obligations you may have.

Keytrust will not allow electronic identity verification on the Data Subject to commence until the Data Subject consents. This consent is requested of the Data Subject via electronic form through the Keytrust verification process. A Data Subject can withdraw consent at any time by notifying the Customer/Data Controller that it is withdrawing consent and practically by stopping an individual check before completing the electronic process, or in circumstances where the Data Subject ceases to be a customer of the party to this agreement, or should 18 months have had passed since consent was last provided to the Customer.

When a Data Controller requests Keytrust services within the Provider’s Platform, the Data Controller authorises and appoints Keytrack as a Processor which enables Keytrack to process all data in conducting the Platform’s services according to Privacy law and to all obligations in the article 28 of the GDPR and in line with Keytrack’s Privacy Policy at

Once this Agreement is terminated by cancelling a Keytrack Account or other communicated means, Keytrack’s appointment as Processor will also terminate.

Schedule 4

Before an identity check is initiated against the Data Subject by the Data Controller, the Data Subject will be required by the Keytrack platform to consent to the below wording via electronic form on a one off or ongoing basis before a check is or future checks are carried out. Once the Data Subject consents, Keytrack will allow the Check to begin.

I hereby authorise the Data Controller/Organisation requesting the forthcoming Identity Verification Check pursuant to know your customer (KYC) and anti-money laundering (AML) procedures, to verify my identity utilising electronic identity verification services provided by Keytrack through the Keytrust services, and accessing public and private data sources which may hold information about my identity and address, for this purpose.

I hereby agree and express my voluntary, unequivocal and informed consent that my personal data provided to Keytrack, incorporated and registered in New Zealand with company number 7109233, whose registered office is at 19 Moore St, Howick, Manakau, New Zealand, shall be processed utilising Keytrack’s – Keytrust services on instruction from the Data Controller.

I accept the means of identification for the purposes of obtaining this consent shall be established in the course of the processing of the customer’s/my personal data carried out in accordance with this consent.

I hereby acknowledge and agree that Keytrack shall process my personal data on behalf of and by means / for the purposes as determined by the Data Controller, with which I wish to establish a business relationship after completion of KYC and AML procedures. In any case, I hereby acknowledge and agree that I know the details and address of the Data Controller.

I hereby acknowledge and agree that Keytrack shall process my personal data by means of automated reading, verification of the authenticity and other automated processing of photos and scanned copies of documents and with further check against the data in multiple databases, including inter alia International politically exposed persons (PEPs) and Sanctions, Country Specific Sanctions Lists, Criminal Lists and Financial Lists.

I hereby acknowledge and agree that the personal data may be disclosed to entities associated with Keytrack to achieve the purpose of processing under this Consent.

The consent for the processing expressed hereby covers the following operations: collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The consent for the processing expressed hereby includes the following personal data: name and surname, passport or any identity card data, registered address, banking details, facial image, or any other legally approved identity verification sources in the relevant jurisdiction provided by Keytrack’s services and as requested by the organisation that I wish to conduct a business relationship after completion of KYC and AML procedures.

I hereby represent that I have been informed of the fact that my biometric personal data, i.e. my facial image, will be processed and I hereby give my voluntary, unequivocal and informed consent hereto.

I hereby represent that I have been informed about my right to:

  • withdraw my consent to personal data processing;
  • access and adjust my personal data to the extent possible and permitted on the Keytrack platform;
  • make a justified demand in writing for the blocking of the processing of my data due to particular situation;
  • object to the processing of my personal data;
  • object to the transfer of my personal data, including the right to object to engaging any of Keytrack’s sub-processers in processing my personal data;
  • object to being subject to a decision based solely on automated processing/profiling
  • make a justified demand in writing to erase my personal data subject to applicable laws and pursuant to Keytrack’s Privacy Policy and Terms of Service,
  • all of which rights may be exercised by contacting Keytrack with a respective notice at [email protected]

I hereby represent that I have carefully read all the above provisions and do voluntarily and unequivocally agree with them.

This Policy is constantly reviewed and rectified in order to provide best compliance with the EU GDPR and applicable national laws. If you have any request or complaint regarding the above, or you want to exercise any of the right granted to you by applicable laws, please contact us at [email protected]

Try Keytrack for your team

30-day all access free trial * | No credit card required

Get Started