Terms of Service.
For the use of The ID Co. Limited Services.

Terms of Service

1. Overview

1.1. This document sets out the terms of service of The ID Co. application programming interfaces (the “The ID Co. API’s”) which can be accessed by legal entities following a successful application to The ID Co. for the relevant key.

1.2. The ID Co. API’s to which these terms of service relate are provided by The ID Co. LIMITED (“The ID Co.”) Argyle House, 3 Lady Lawson Street, Edinburgh, EH3 9DR.

1.3. These terms apply to all services provided by The ID Co. including but, not limited to, the miiCard and DirectID services.

1.4. The ID Co. will try to keep everything in this document as straightforward as possible, but if there’s anything you are unsure of, please get in touch with us by:

1.4.1.emailing us at info@theidco.com

1.4.2.writing to: Chief Executive Officer, The ID Co., Argyle House, 3 Lady Lawson Street, Edinburgh, EH3 9DR, or, phoning us on +44 (0) 845 119 3333.

1.5. Similarly, if you have any information or feedback on The ID Co. API’s or indeed these terms of service that you wish to share with The ID Co. then please get in touch (The ID Co. may use this information / feedback without any obligation to you).

1.6. The ID Co. maintains a platform that is open and built to enable people around the world to prove that they are who they say they are. These Terms of Service describe the policies and principles around what type of innovation and interaction is permitted with The ID Co. service. The ID Co. API’s are designed to enhance your website, application or service that you provide to end-users.

1.7. The ID Co. want to empower our commercial partners to build valuable businesses utilising their own websites/online services around The ID Co. internet identity platform. In order to gain further benefit from The ID Co. service it may be necessary for your business to become a commercial subscriber (further details can be obtained from The ID Co. as required).

1.8. The ID Co. will always seek to encourage and enable interesting development and innovation, but must always seek to protect both The ID Co.'s and the end-users' respective rights and these terms of service aim to set this out. The ID Co. may from time to time investigate any person / company / organisation accessing The ID Co. API’s that they are doing so in accordance with these Terms of Service.

2. An overview of the terms of The ID Co. api’s service

2.1. By accessing The ID Co. API’s, you agree these The ID Co. API’s Terms of Service (“Terms of Service”) together with all other The ID Co. guidelines and terms of use applicable from time to time, which shall include, without limitation: -

2.2. If you are entering into these Terms of Service on behalf of a company or other legal entity, you represent that you have the legal authority to bind the legal entity to these Terms of Service, in which case "you" or "your" shall mean such legal entity. If you do not have such authority or if you disagree with any of the terms in this Terms of Service, The ID Co. does not grant you a license to use the API’s. In the event of any inconsistency between these Terms of Service and other The ID Co. guidelines or terms of use then these Terms of Service shall prevail.

2.3. The ID Co. may: -

2.3.1.set a limit on the number of The ID Co. API’s available at any given time in the sole discretion of The ID Co. (and you shall not attempt to get around such limits); and

2.3.2.monitor the utilisation of The ID Co. API’s to ensure that products are of a quality required to utilise The ID Co.; and

2.3.3.send you certain communications in connection with the use of The ID Co. API’s (unless you have chosen to opt-out of receiving such communication).


3.1. You acknowledge and agree that The ID Co. and/or its licensors own all intellectual property rights in The ID Co. API’s. Except as expressly stated herein, this agreement does not grant you any rights to, or in, patents, copyrights, database rights, trade secrets, trade names, trade-marks (whether registered or unregistered), or any other rights or licences in respect of The ID Co. business. The ID Co. confirms that it has all the rights in relation to The ID Co. API’s that are necessary to grant all the rights it purports to grant under, and in accordance with, these Terms of Service.

3.2. The contents of The ID Co. API’s and The ID Co. service, including its “look and feel” (e.g., text, graphics, images, logos and button icons), photographs, editorial content, notices, software and other material are protected under copyright, patent, trademark and other laws. The content of this belongs to or is licensed to The ID Co., or our software or content suppliers. The ID Co. grant you the right to view and use The ID Co. API’s subject to these Terms of Service.

3.3. You may download or print a copy of The ID Co. API’s information provided by The ID Co. for your internal use only. Any distribution, reprint or electronic reproduction of any content from The ID Co. API’s in whole or in part for any other purpose (other than the purpose for which The ID Co. API’s are intended) is expressly prohibited without our prior written consent.

4. Licensed uses and restrictions

4.1. The ID Co. API’s are owned by The ID Co. and are licensed to you on a worldwide (except as limited below), non-exclusive, non-sub-licensable, revocable basis on the terms and conditions set forth herein. These Terms of Service define legal use of The ID Co. API’s, all updates, revisions, substitutions, and any copies of The ID Co. API’s made by or for you. All rights not expressly granted to you are reserved by The ID Co. You should note that you are responsible for your application and any use you make of The ID Co. API’s.

4.2. Your license to The ID Co. API’s under these Terms of Service continues until it is terminated. You may terminate the license by discontinuing use of all or any of The ID Co. API’s. The ID Co. may terminate the license at any time for any reason. This license terminates if you (unless The ID Co. determines otherwise in its sole discretion): -

4.2.1.violate any of the terms within these Terms of Service;

4.2.2.you do not acknowledge “The ID Co.” in distributions of The ID Co. API’s in source or binary code form;

4.2.3.you use the name “The ID Co.” to endorse or promote products without the written permission of The ID Co. (in advance);

4.2.4.sub-licence, sell, lease or transfer The ID Co. API’s to a third party (or provide access codes or derive any income whatsoever from The ID Co. API’s unless permitted by The ID Co.;

4.2.5.use The ID Co. APIs in any manner or for any purpose that violates any law or regulation, any right of any person (including The ID Co.), including but not limited to intellectual property rights;

4.2.6.utilise The ID Co. API’s in connection with or to promote any products, services, or materials that constitute, promote or are used primarily for the purpose of dealing in:

4.2.7.unlawful, harmful, threatening, defamatory, obscene, infringing, harassing or racially or ethnically offensive;

4.2.7.a. illegal activity;

4.2.7.b. sexually explicit images;

4.2.7.c. promoting unlawful violence;

4.2.7.d. discriminatory based on race, gender, colour, religious belief, sexual orientation, disability, or any other illegal activity; or

4.2.7.e. damaging or injury to any person or property;

4.2.8.use The ID Co. API’s in a manner that exceeds a reasonable volume, constitutes excessive or abusive usage as determined by The ID Co. in its sole discretion (acting reasonably);

4.2.9.use The ID Co. API’s in a manner that competes with products or services offered by The ID Co.;

4.2.10. use The ID Co. API’s in a manner that is inconsistent with The ID Co. business model (if you wish to confirm that your application constitutes an acceptable use of The ID Co. API’s then please get in touch for confirmation) or is contained within the section entitled “What you will not do”.

4.2.11. do not include the following disclaimer with any The ID Co. computer code: -


Subject to the restrictions set forth in these Terms of Service, you may use The ID Co. API’s and any updates provided by The ID Co. from time to time.


5.1. The ID Co. takes end user security and privacy extremely seriously and expects similar standards from you.

5.2. You are solely responsible for securing clear, express consent from the end-user, granting you permission to access such end-user’s data or miiCard account using The ID Co. API’s, including (where relevant) retrieving end-user-specific information. You will strictly comply with the scope of express consent the end-user grants you when accessing such end-user’s miiCard account or data;

5.3. You (or a suitable contact within your legal entity or company) must be reachable at all times for security questions or concerns raised by The ID Co. and you will maintain suitable end-user support;

5.4. All materials, including software and documents, that you provide to The ID Co., must be checked with industry standard antivirus and security software, and determined to be virus-free and secure. Any data provided to The ID Co. must not contain harmful scripts or code. (The ID Co. adopts such processes as standard practice);

5.5. Your networks, operating system and software (including web server(s), routers, databases, and computer systems) must be properly configured to industry standards, as required to securely operate your service. If you do not completely control any aspect of this set-up you will use all control or influence that you have over such set-up, and you will not select/configure a set-up in a manner to avoid this obligation. To the extent you have control or influence over your computer set-up, you will log (with time and date) all instances of access to the computer set-up. You will encrypt the password and username files for the computer set-up that store or process any The ID Co. end-user data that you are permitted by The ID Co. to access. Passwords must be unique, unintuitive, and changed often. You will minimise access to and use of the passwords. Wherever possible, commands which require additional privileges should be securely logged (with time and date) to enable a complete audit trail of activities. When an individual terminates his or her employment with you, his or her passwords and access password facilities must be terminated immediately; You must promptly report any security deficiencies in or intrusions to your computer set-up that you discover to The ID Co. via email. You will work with The ID Co. to immediately correct any security deficiency, and will disconnect immediately any intrusions or intruder. If you become aware of any unauthorised use of end-user information, you agree to notify us immediately at info@theidco.com. Please note that no public announcement will be made without The ID Co.’s express prior consent;

5.6. The ID Co. will have the right to review, or to have an independent third party that is not your competitor, to inspect and review your compliance with these security provisions (at The ID Co.’s expense). You will (at your own expense) correct any security flaws detected by such a review as soon as possible. You will then promptly certify to The ID Co. in writing that the security flaw has been corrected, along with a description of the corrective action(s) taken. The ID Co. will give you reasonable notice before conducting such a review. If a review reveals a material breach of any of these security provisions, you will reimburse The ID Co. for the reasonable costs of the review.

6. What you WILL not do

6.1. You agree that you will not:

6.1.1.violate any laws or regulations;

6.1.2.include any function within the service that you offer end-users that collects their The ID Co. “log-in” details (i.e. usernames and/or passwords) and you must also allow a The ID Co. enduser to log-out of your service;

6.1.3.exaggerate or otherwise circumvent the intended limits of “The ID Co.”;

6.2. use any robot, spider or other similar automated data gathering or extraction tools, program, algorithm or methodology to access, acquire, copy or monitor The ID Co. API’s or any portion of it without our express written consent, which may be withheld at our sole discretion;

6.3. use or attempt to use any engine, software, tool, agent, or other device or mechanism to navigate or search The ID Co. API’s, other than the search engines and search agents available through The ID Co. API’s and other than generally available third-party web browsers;

6.4. post or transmit any file which contains viruses, worms, or any other contaminating features (that may interfere with the proper working of The ID Co. API’s); or

6.5. attempt to decipher, decompile, disassemble, or reverse-engineer any of The ID Co. API’s

6.6. The provisions of this clause on “What you will not do” shall apply during the continuance of these Terms of Service and indefinitely after their expiry or termination (as the case may be).


7.1. You agree to give The ID Co. all necessary assistance for the operation of your service in order that The ID Co. can continue to monitor end user security and privacy. You will have a policy of only requesting data required for the operation of your systems and only with the consent of the end user. At no time will you attempt to bypass systems designed to ensure end user data / information is secure or can be accessed without the express of the end user. You will maintain privacy and security policy that tells end-users how it is that you will use any data obtained as a result of the interactions with The ID Co. and will not utilise any data in a manner that is inconsistent with these said policies. It is extremely important to The ID Co. that end user data remains at all times capable of control by the end user and you should seek to engage with this policy;

7.2. You will delete all data you receive from The ID Co. should the end user specifically request and you will not transfer any additional data in relation to an end-user to The ID Co. (unless specifically authorised to do so). You will enable all end-users to be able to disconnect OR remove your service;

7.3. You will not use end user data received from The ID Co. in connection with any advertising, unless the end user has specifically authorised you to do so;

7.4. You will under no circumstances sell any data that you receive from The ID Co. to a third party;

7.5. You will delete end user data if this is held in a manner inconsistent with the aims of The ID Co.;

7.6. The ID Co. may from time to time (and in its sole discretion) limit access to end user data;

7.7. You shall comply with The ID Co.'s instructions in relation to the processing of personal data as such instructions are given and varied from time to time by The ID Co.; and

7.8. You shall at all times take all appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data; and

7.9. You shall immediately notify The ID Co. if you receive any complaint, notice or communication which relates directly or indirectly to the processing of personal data under these Terms of Service, provide full co-operation and assistance in relation to any such complaint, notice or communication. In addition, you shall also notify any breach of this provision on the “Protection and Processing of Data” to The ID Co. immediately;

7.10. You shall provide to The ID Co. on request a copy of all personal data held by you pursuant to these Terms of Service, in the format and on the media reasonably specified by The ID Co., and shall promptly inform The ID Co. if any such data is lost or destroyed or becomes damaged, corrupted, or unusable.

7.11. Furthermore, you shall:

7.11.1. comply with your obligations under the provisions of the Data Protection Act 1998 (the “Act” (United Kingdom statute)) or similar “safe harbour” or data protection legislation in the country in which you are situated. Where you are not based in the United Kingdom you shall at all times comply with obligations equivalent to the obligations of a Data Controller under the provisions of the Act and in particular, but not limited to, the Seventh Data Protection Principle in the Act. You shall take appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data. When considering what measures are appropriate, you shall have regard to the state of good practice, technical development and the cost of implementing any measures to ensure a level of security appropriate to the harm that might result from such unauthorised or unlawful processing or accidental loss or destruction, and to the nature of the data to be protected;

7.12. at all times process personal data solely in accordance with end-user’s instructions (or as detailed in relation to your service) from time to time;

7.13. provide a written description of the technical and organisational methods employed by you for processing personal data;

7.14. ensure the reliability of your personnel by vetting staff appropriately who have access to the personal data received as a result of the interaction with The ID Co.;

7.15. not transfer the personal data outside the European Economic Area unless your service terms and conditions given to the end user state that this will happen;

7.16. The ID Co. may from time to time serve on you, an information notice requiring you, within such time and in such form as is specified in the information notice, to furnish to The ID Co. such information as The ID Co. may reasonably require relating to:

7.16.1. compliance by you with your obligations to The ID Co. under these Terms of Service in connection with the processing of personal data; and/or

7.16.2. the rights of data subjects, including but not limited to subject access rights.

7.17. You shall permit The ID Co. or The ID Co.'s representative (subject to reasonable and appropriate confidentiality undertakings), to inspect and audit your data processing activities (and/or those of your agents and approved sub-contractors) and comply with all reasonable requests or directions by The ID Co. to enable The ID Co. to verify and/or procure that you are in full compliance with your obligations in relation to the under this provision on the “Protection and Processing of Data”. In addition, you shall carry out regular security audits as may be required by The ID Co. to ensure compliance with this provision and shall, on request, provide copies of the reports of such audits to The ID Co. If such audits show any non-compliance, you shall remedy such breaches of the standards at your expense.

7.18. The provisions of this clause on the “Protection and Processing of Data” shall apply during the continuance of these Terms of Service and indefinitely after their expiry or termination (as the case may be).


8.1. You may be given access to confidential information from The ID Co. in order to perform obligations under this agreement. The ID Co.’s confidential information shall not be deemed to include information that:

8.1.1.is or becomes publicly known other than through any act or omission of the receiving party;

8.1.2.was in the other party's lawful possession before the disclosure;

8.1.3.is lawfully disclosed to the receiving party by a third party without restriction on disclosure;

8.1.4.is independently developed by the receiving party, which independent development can be shown by written evidence; or

8.1.5.is required to be disclosed by law, by any court of competent jurisdiction or by any regulatory or administrative body.

8.2. You shall hold The ID Co.'s confidential information in confidence and, unless required by law, not make The ID Co.'s Confidential Information available to any third party, or use The ID Co.’s Confidential Information for any purpose other than the implementation of this agreement.

8.3. The ID Co. shall take all reasonable steps to ensure that any of your confidential information to which The ID Co. has access is not disclosed or distributed by its employees or agents.

8.4. You acknowledge that the end user data is the confidential information of the end user.

8.5. You will not make any statement regarding the use of The ID Co. API’s implying a partnership or joint venture with The ID Co. (unless specifically authorised to do so). In the course of further promoting The ID Co.’s products and The ID Co. API’s, The ID Co. may where required to do so use your company and/or product name (and you agree to such use).

8.6. When using The ID Co. API’s you agree to display The ID Co. name and logo as required by The ID Co. and The ID Co. hereby grant you a non-transferable, non-exclusive licence during the term of these Terms of Service to display such name and logo. You understand that from time to time The ID Co. will distribute guidelines on how The ID Co. logo and name may be displayed and you agree to display these as required by The ID Co.

8.7. This section on confidentiality shall survive termination of these Terms of Service, however arising.

9. Disclaimer of representations and warranties

9.1. You accept responsibility for the selection of The ID Co. API’s to achieve certain results and acknowledge that The ID Co. API’s have not been developed to meet your specific individual requirements. Your use of The ID Co. API’s is at your own risk and you will be solely responsible for any damage that may result from said use including but not limited to any damage to your computer system or data loss.

9.2. The ID Co. cannot always foresee or anticipate technical or other difficulties which may result in failure to obtain data or loss of access to data. The ID Co. do not assume responsibility for the timeliness, accuracy, deletion, non-delivery or failure to store any end-user data, communications or personal settings. Your access to and use of The ID Co. API’s may be interrupted from time to time for any of several reasons, including, without limitation, the malfunction of equipment, periodic updating, maintenance or repair of The ID Co. API’s or other actions that The ID Co., in our sole discretion, may elect to take.

9.3. The ID Co. API’s are provided on an “as is” and “as available” basis and with no warranty (either express or implied of any kind) and The ID Co. disclaims any conditions of satisfactory quality and fitness for a particular purpose, in relation to this agreement. Without limitation, The ID Co. specifically denies any implied or express representation that The ID Co. API’s will be fit:

9.3.1.to operate in conjunction with any hardware items or software products other than with those that are identified by The ID Co. as being compatible; or

9.3.2.to operate uninterrupted or error-free or are free of inaccuracies or that they are wholly reliable or will reliably integrate with your platform.

9.4. The ID Co. does not warrant or guarantee that it will be able to rectify all defects, nor that any defect which does not materially affect your operations using The ID Co. API’s will be corrected before the issue of the next new release. Any unauthorised modifications, use or improper installation of The ID Co. API’s by, or on your behalf shall render all The ID Co.’s warranties and obligations under this agreement null and void.

9.5. The ID Co. do not represent, warrant or guarantee that the content that may be available through the service is free of infection or virus or other code that may be disruptive or damaging.

9.6. The ID Co. however welcome any feedback on The ID Co. API’s and will attempt (although are under no obligation) to correct any errors or inaccuracies and enable interaction with your platform.

10. Limitations on our liability

10.1. The ID Co. shall not be responsible or liable to you or any third party, whether in contract, warranty, delict or tort (including negligence) or otherwise, for any direct, in-direct, special, incidental, consequential, exemplary, liquidated damages, including but not limited to loss of profit, revenue or business, arising in whole or in part from your access to The ID Co. API’s, your use of The ID Co. API’s or these Terms of Service, even if The ID Co. have been advised of the possibility of such damages. Notwithstanding anything to the contrary in these Terms of Service, our liability to you for any cause whatsoever and regardless of the form of the action, will at all times be limited to the level of any charges by The ID Co. to you in the 365 days prior to the commencement of any action.

10.2. Nothing in this agreement excludes the liability of The ID Co.:

10.2.1. for death or personal injury caused by The ID Co.'s negligence; or

10.2.2. for fraud or fraudulent misrepresentation (by The ID Co.).

10.3. You shall defend, indemnify and hold harmless The ID Co. against claims, actions, proceedings, losses, damages, expenses and costs (including without limitation court costs and reasonable legal fees) arising out of or in connection with your use of The ID Co. API’s in breach of these Terms of Service if: -

10.3.1. you are given notice of any such claim;

10.3.2. The ID Co. provides reasonable co-operation to you in the defence and settlement of such claim, at your expense; and

10.3.3. you are given sole authority to defend or settle the claim.

10.4. This provision on “Limitations on our Liability” shall survive termination of these Terms of Service, however arising.

11. Modifications to the TERMS OF SERVICE

11.1. The ID Co. may modify these Terms of Service from time to time. Any and all changes to these Terms of Service will be posted on our site. These Terms of Service will always state the date it was last revised. You are deemed to accept and agree to be bound by any changes to these Terms of Service when you use The ID Co. API’s after those changes are posted.

12. Governing law and forum for disputes

12.1. These Terms of Service, and your relationship with us under these Terms of Service, shall be governed by the laws of Scotland without regard to its conflict or choice of laws provisions. Any dispute with us, or our officers, directors, employees, agents or affiliates, arising under or in relation to these Terms of Service shall be resolved exclusively through the Scottish courts, except with respect to imminent harm requiring a temporary or preliminary interdict or injunction in which case The ID Co. may seek this in any court with jurisdiction over the parties. You understand that, in return for agreement to this provision, The ID Co. are able to offer the Service on the terms stated in these Terms of Service, without charge to you, and that your consent to this provision is an indispensable consideration under these Terms of Service.

12.2. This provision on “Governing Law and Forum for Disputes” shall survive termination of these Terms of Service, however arising.

13. Other important matters

13.1. If any portion of these Terms of Service is deemed unlawful, void or unenforceable by any arbitrator or court of competent jurisdiction, these Terms of Service as a whole shall not be deemed unlawful, void or unenforceable, but only that portion of these Terms of Service that is unlawful, void or unenforceable shall be deleted from these Terms of Service.

13.2. If The ID Co. do not exercise or enforce any legal right or remedy which is contained in these Terms of Service (or which The ID Co. have the benefit of under any applicable law), this will not be taken to be a formal waiver of our rights and that those rights or remedies will still be available to us. These Terms of Service represents the entire understanding and agreement between you and us regarding the subject matter of the same, and supersedes all other previous agreements.