MitID Terms of Service
This document (“MitID Terms of Service”) governs the Customer’s use of MitID and is an addendum to Criipto’s general Terms of Service.
1. The Services
Criipto offers MitID authentication as a broker on behalf of Nets DanID A/S (“Nets”), the operator of MitID.
Any regulation, including definitions, service levels, and data protection policy, from Criito’s Terms of Service apply to these MitID Terms of Service as well, unless specifically stated otherwise.
To use the MitID services, the Customer will need to register as a MitID service provider by signing up for the MitID Service. This registration is done at Criipto's website.
During the registration process the Customer must provide:
- the name of the Customer’s company,
- the Customer’s CVR-number/VAT-number/SE-number and
- a statement saying whether the Customer’s company is a public or private entity.
There are two ways of identifying the Customer:
- The Customer identifies itself by performing a NemID or MitID company login.
- Criipto performs the KYC (know your customer) process of the Customer.
The fees for these two ways of identifying the company are specified below.
3. The Customer’s obligations
Nets has specified conditions in the agreement between Criipto and Nets (“Nets-Criipto-Agreement”), which Criipto must ensure is reflected in its terms with the Customers (these MitID Terms of Service). These obligations are as follows:
MitID characteristics – It is important to Nets that the MitID Solution layout is consistent for all its users. The Customer must therefore ensure that it always follows Nets’ guidelines for the design of the MitID, e.g. regarding name, logo, domain name. The Customer must ensure that it always stays informed of any changes to these guidelines. During the Subscription Period, Criipto will inform the Customer of any changes to these guidelines.
Data Protection Policy – If the Customer obtains personal data, this information must be handled in accordance with Criipto’s Data Protection Policy (please see Terms of Service). The Customer must inform the End User and Criipto in case of a personal data breach.
Limited period – An authentication of an End User in the MitID solution can be used for a total duration of 5 hours (300 minutes), after which the End Customer must authenticate itself again. The Customer can therefore not re-use an authentication of an End User, if the above-mentioned period has lapsed, but must instead authenticate the End User again. Any authentication that has not been made within the above-mentioned period cannot be made, mentioned or otherwise reproduced as a MitID authentication. Neither Nets or Criipto can in these cases be held responsible for security or other matters related to such authentication. This means, among other things, that information about possible blocking, suspending an End User’s MitID or additional information about the MitID identity is no longer available to the Customer.
MitID and Nets – The Customer must ensure that it acts in a way that does not significantly affect (or can significantly affect) the End User’s perception of the MitID solution in a negative way, violate the integrity of the MitID solution, or pose a security risk.
Fees for the MitID Solution – The Customer can in no way charge its End Users for the authentication used in connection with the MitID Solution.
If the Customer does not essentially fulfill these obligations – based on Nets’ and/or Criipto’s assessment – Criipto can block the Customer’s access to the MitID solution until the Customer essentially fulfills the obligations.
Furthermore, Nets can – in extraordinary cases – block the Customer’s access to the MitID solution if Nets finds significant security reasons for this.
Criipto acts as a broker in the relationship between the Customer and Nets, and Criipto, therefore, has no control over the MitID solution.
As a result hereof, Criipto shall not be liable for any liability (whether in contract, tort, misrepresentation, restitution, under statute or otherwise) arising out of or in connection with any party’s (be it the Customer, the End Users or others) use of the MitID Solution, unless the injured party can prove it to be circumstances within Criipto’s control.
In the event an injured party raises a claim, this must be raised against Criipto, who will subsequently have a recourse claim against Nets.
5. Changes to MitID Terms of Service
These MitID Terms of Service can be changed without notice to the Customers, e.g. if Criipto changes its general Terms of Services, or the Nets-Criipto Agreement is changed. The Customer agrees and acknowledges that the MitID Terms of Services can be changed by the MitID-partnership in accordance with the changes made to the Nets-Criipto Agreement which shall apply to service providers.
If the agreement between Criipto and the Customer is terminated, the Customer must cease any use of the MitID service immediately.