1. PURPOSE OF THE GTCU

The purpose of these General Terms and Conditions of Use (hereinafter referred to as the "GTCU") is to specify the content and terms and conditions of issue and use of the Electronic Identification Means issued by BE YS TRUSTED SOLUTIONS France in its capacity as Electronic Identity Provider, as well as the respective commitments and obligations of the various parties involved.

Electronic Identification Means are used by their Users to authenticate themselves on the online services of BE YS TRUSTED SOLUTIONS France's partners.

Electronic Identification Means are certified as compliant by the ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information) at the substantial assurance level in accordance with the provisions of Regulation (EU) 910/2014 on electronic identification and trust services for electronic transactions in the internal market, as amended by Regulation (EU) 2024/1183 of the European Parliament and of the Council of 11 April 2024 - hereinafter referred to as the "eIDAS Regulation" or any new applicable text replacing it.

‍

2. DEFINITIONS

KIPMI Application: Refers to the software application published and provided by EIP, giving access to solutions and services, and which is available free of charge in Apple's "App Store" and Google's "Google Play Store" for download by the User onto their Apple iOS or Android device. The Application also includes the content, software, programs, tools (programming, navigation, etc.), databases, operating systems, documentation and all other elements and services that comprise it, as well as any updates and new versions that may be made to the Application by the EIP. It provides a reliable digital identity for each User and offers a range of solutions and services

User applications: Application services requiring electronic identification of their users via an Electronic Identification Means issued by the EIP.

Client: Client entity that has decided to subscribe to the Service, which it uses for its own needs or makes available to Users.

Electronic Identity Provider (EIP): BE YS TRUSTED SOLUTIONS France - the entity that issues and is responsible for the Electronic Identification Means issued in accordance with the rules defined in its Electronic Identification Scheme Policy.

Electronic Identification Means (EIM): a physical and/or non-physical unit containing a person's identification data and used for the authentication of an online service.

Electronic Identification System Policy (EISP): A set of rules, identified by an identification number (OID), defining the requirements with which the EIP complies in the provision of its services.

User party: A natural or legal person who relies on electronic identification.

Service: The service of issuing and managing Electronic Identification Means issued by the EIP.

User: A user is a natural person who uses an electronic means of identification to identify themselves to an online service. Any natural person of legal age who, at the request of a user application and able to register and have their identity verified by the EIP, may become a user of the EIM. The user must comply with the condition’s incumbent upon them, as defined in the EIP's PSIE and in these GTCU. The user's identity attributes are recorded by the EIP and distributed to user applications upon request after authentication.

‍

3. CONTACT SUPPLIER OF ELECTRONIC IDENTITY

The electronic identity provider is BE YS TRUSTED SOLUTIONS France

Email: kipmi.customer.service@be-ys.com

Be Ys Trusted Solutions France

10 boulevard Haussmann 75009 Paris France

And/or https://www.kipmi.com/

4. DESCRIPTION OF THE EIM

The EIM issued to the User by the EIP is integrated into the KIPMI Application that the User must install on their device. This application allows the User to register, verify their identity, obtain and manage an electronic identity and finally authenticate themselves. The application is available in English and French, and the User can choose their preferred language in their account settings.

User authentication on a user application is carried out via a portal provided for this purpose. This portal provides the User with their identity attributes, subject to their consent.

‍

5. FINANCIAL TERMS

The download of the mobile application, the request, use and renewal of the Electronic Identification Means are free of charge for the User.

‍

6. ENTRY INTO FORCE OF THE GTCU

The General Terms and Conditions of Use are valid from the date they are posted online until a new version is published.

These GTCU shall enter into force upon acceptance by the User.

The User will be asked to accept these EIM GTCU prior to activating their EIM.

The User will be informed of any changes to these GTCU. They must accept the new version of the Terms when they first use their EIM after they come into force.

If the User refuses the GTCU, the User may no longer use their EIM and must request its revocation.

‍

7. PROCEDURE FOR OBTAINING AND ACTIVATING THE EIM

The User must download the KIPMI Application to their smartphone from an official store. When using it for the first time, the User must follow the onboarding process, which includes several steps:

• Account creation

• Identity verification

• Issuance of an electronic identity

The User must enter their email address, first name, surname and telephone number, then accept the General Terms and Conditions of Use. They must then click on the "Register" button.

In order to create an account, the User must set a PIN code during registration. This PIN code consists of 6 digits and is subject to certain validation rules.

Once the PIN code has been created, the User must confirm their email address and telephone number.

The User verifies their email address using the 6-digit code sent to them at the email address provided. Their phone number is verified using a 6-digit code sent by SMS to the phone number provided by the User.

After creating the account, the User is asked to provide and prove their identity via remote identity verification. They must present a valid official ID document, and their face is compared to the photo on the ID.

Once the identity verification is successful, the User will have 72 hours to activate their account by accepting the verified identification information extracted from the personal identification document used for verification.

If an account is not activated by accepting the identification information within 72 hours, the User is required to restart the identity verification process.

If the identity verification fails, the User will be informed and asked to start the procedure again. There is no limit to the number of times the User can attempt to verify their identity, provided that no fraud is detected.

Account activation indicates successful activation of the EIM.

The identity attributes remote stored in the EIM are those provided by the identity verification service and derived from the identity document presented.

8. TERMS OF USE OF THE EIM

Use of the EIM for electronic identification requested by the user's application

The User's electronic identification is requested by a User application (including the Service itself). This application displays a QR code requesting the information necessary to authenticate the User. The User opens the KIPMI Application. They authenticate themselves on their mobile application using their PIN code. They then scan the QR code. The KIPMI Application asks the User to confirm the sharing of personal data requested by the user application. The User agrees (or declines) to provide the data. Upon acceptance, the KIPMI Application shares the User's data with the User Application. This allows the User, for example, to access the services of that application or to validate an operation on it.

The User must ensure that authentication is requested by a legitimate application and, if not, must not enter their PIN and report the incident to the Service.

Use of the EIM for electronic identification requested by company systems that are directly integrated with the KIPMI Application

The User's electronic identification may also be requested by company systems integrated directly into the KIPMI Application. In this case, the User will receive a notification in the application containing information about the legal entity requesting their electronic identification. The User may choose to accept or decline the request. To do so, they must authenticate themselves using their PIN code.

Use of the EIM for document sharing

The EIM can be used to share documents between users and trusted parties. The KIPMI Application allows users who are members of an organisational space to receive document sharing requests from organisations of which they are members. The User can accept or decline the request. To accept or decline the request, they must authenticate themselves using their PIN.

Using the EIM for attribute sharing

The KIPMI Application allows attributes such as first and last name, personal identification number, social security number, gender, etc. to be shared between users and trusted parties. The User may accept or refuse the request to share attributes. To accept or refuse the request, the User must authenticate themselves using their PIN code.

9. TERMS AND CONDITIONS FOR MODIFYING THE EIM

If the User renews their identity document before it expires, they can modify the identity attributes stored in the EIM by providing a new identity document. In this case, they do not need to undergo a new identity verification but will have to authenticate themselves using a PIN code.

The User may change their telephone or email details in the mobile application, after authentication and verification. Changing the telephone number requires verification of the device via an SMS code sent to the new number. Once the number has been validated, it is updated in the database associated with the User's account. To change their email address, the User must validate the new address via a code sent to the new email address. Once validated, the email address is updated in the database associated with the User's account.

If the User changes devices, they can request an EIM on their new device by following the procedure for obtaining an EIM described in Article 7.

‍

10. RENEWAL PROCEDURES

The renewal of an EID involves requesting a new one if the user already has a valid EID that has not expired or been revoked. Otherwise, it is considered a new application and is processed as an initial application.

The renewal of an Electronic Identification Means may be requested in advance by its User (for example, in the event of a change of device) or be offered by the Service within three months prior to its expiry.

The renewal of the EIM requires the electronic identification of the User with their valid EIM.

A User may not hold two valid EIMs at the same time. The renewal of an EIM automatically cancels the previously valid EIM.

‍

11. TERMS AND CONDITIONS OF REVOCATION, SUSPENSION AND REACTIVATION

The User may request the revocation or suspension of their EIM from the KIPMI Application, after authentication with their PIN code.

Revocation or suspension of the EIM may also be requested by sending an email to: kipmi.customer.service@be-ys.com

The revocation and suspension management function of the KIPMI Application is available 24/7. Any request for revocation or suspension of a EIM is processed within 24 hours. This period begins upon receipt of the request and ends with the communication of information relating to the revocation or suspension to third parties.

Revocation prohibits any further use of the EIM. The User may request a new EIM following revocation, under the same conditions as for an initial request.

The EIP may decide to revoke the User's EIM in the following cases:

• The User has not complied with or no longer complies with the GTCU;

• an error (intentional or unintentional) has been

detected in the registration file;

• the EIM or associated activation data is suspected of being compromised, is compromised, lost or stolen;

• the User has passed away;

• the User has filed a complaint for identity theft.

In order to reactivate their EIM, the User must go through the initial identity verification procedure.

‍

12. USE LIMITATIONS

An EIM can only be issued to Users who are 18 years of age or older, have a device under their exclusive control that meets the minimum requirements of the Service, and have an official identity document accepted by the remote identity verification service.

An EIM may only be used as described in these GTCU.

An EIM is valid for the duration of validity of the identity document used for its issuance, but the validity period of the EIM may not exceed five years under any circumstances. It must be renewed before this date, otherwise it will expire.

The EIM complies with the substantial assurance level provided for in the eIDAS Regulation.

‍

13. TECHNICAL REQUIREMENTS

To obtain and use the EIM, users must have access to a smartphone with an internet connection, a valid email address and a phone number.

‍

14. OBLIGATIONS AND RESPONSIBILITIES OF THE USER

Users of the EIM are responsible for the truthfulness and accuracy of the personal information provided in connection with their use of the Service. This includes, but is not limited to, the following data:

• First name and surname;

• Email address;

• Mobile phone number.

The User is responsible for keeping their personal information up to date.

Users are required to:

• accept and comply with these Terms of Use, as well as any subsequent versions, before using the EIM;

• provide the Service with accurate personal information;

• verify that their personal data as recorded by the Service is correct, and report any errors found on the Service without delay;

• strictly follow the instructions relating to the remote identity verification process and only use a valid and authentic identity document;

• keep the device on which they have installed the KIPMI Application under their exclusive control;

• keep the EIM PIN strictly confidential and never disclose it to anyone;

• request the revocation of the EIM in the event of theft, loss, suspected compromise or compromise of the User's identity document, device or the User's EIM PIN code, as well as in the event of refusal to accept a new version of the GTCU.

‍

15. OBLIGATIONS AND RESPONSIBILITIES OF THE EIP

The EIP is required to verify the identity of Users using a remote identity verification service that complies with the substantial assurance level, and to retain proof of this identity verification for the period specified in the "PERSONAL DATA" section.

‍

16. LIMITATION OF LIABILITY OF THE EIP

Subject to applicable public law provisions, the EIP cannot be held liable for any unauthorised or non-compliant use of the activation data, the KIPMI Application or any other equipment or software made available.

The EIP shall not be liable in particular for any damage resulting from:

• the use of the EIM for purposes other than those provided on behalf of the Client;

• the use of an expired or revoked EIM;

• a case of force majeure: any damage due to a cause beyond its control, including, but not limited to, the events listed in Article 1218 of the Civil Code.

The EIP cannot be held liable for any damage resulting from errors or inaccuracies affecting the information contained in the EIM, when these errors or inaccuracies result directly from the erroneous nature of the information communicated.

Under no circumstances shall the EIP intervene in any way whatsoever in the contractual relations that may be established between Clients and Users, in particular regarding the use of the User's electronic identification by the Client.

‍

17. PERSONAL DATA

The collection, storage and processing of personal data by the EIP is carried out in accordance with Regulation (EU) 2016/679 ("GDPR"). As data controller, the EIP uses personal data exclusively for the performance of this contract. The purpose of the processing is to manage the lifecycle of Users' EIM (issuance, use, revocation and renewal) and, where applicable, the commercial relationship and invoicing for the Service. In accordance with the GDPR, the User has the right to request the rectification, erasure (subject to the provisions of eIDAS) or restriction of processing concerning him or her, or to object to processing on legitimate grounds, as well as to request the portability of his or her data. Further information is available in the EIP's Privacy Policy, which can be consulted on the KIPMI application.

For any questions, complaints or to exercise their rights regarding personal data protection, Users may contact the data protection officer:

Either by email: dpo@be-ys.com  

Or by post to the following address:

Be Ys Trusted Solutions France

10 boulevard Haussmann 75009 Paris, France

The records collected by the Service are kept, along with event logs, for a maximum period of ten years after the expiry of the EIM.

‍

18. DOCUMENT REFERENCES

The PSIE is accessible on the KIPMI app.

‍

19. ENTIRE AGREEMENT

The parties acknowledge that these General Conditions and Terms of Use constitute the entire agreement between them relating to the subject matter hereof and supersede all prior agreements and proposals relating to the same subject matter, regardless of their form.

20. INSURANCE COVERAGE

The EIP declares that it is insured by a reputable company for civil liability covering the provision of electronic identity services.

21. COMPLAINTS

For any information requests or complaints relating to the Service and/or the EIM, Users must contact the EIP by email at the following address: kipmi.customer.service@be-ys.com

‍

22. SETTLEMENT OF DISPUTES AND APPLICABLE LAW

In the event of a dispute relating to the interpretation, formation, validity or performance of these GTCU, the parties expressly agree that French law shall apply to the exclusion of any international law.

The parties shall endeavour to settle amicably any dispute relating to the interpretation or performance of the contract as soon as possible. In the absence of conciliation, any dispute relating to the validity, interpretation or performance of these GTCU shall be submitted to the competent French courts.