All participants in this website, in any capacity, including Users, Affiliates (Eligible Commissionable Sales Lead Providers), and Venders (Lead Buyers), and “Company” shall be transparently informed of these Federal required disclosures. Some purchases may result in commissions to affiliates. Users and Buyers are subject to the agreements as transparent and displayed upon purchase. Any outside contractor, of any sort, must have their own independent agreement with creditandinvestments.com to participate in our lead program or affiliate prograsm

Contents

•          Definitions

•          Registration and Your Account/Duties and Understandings

•          Privacy

•          Confidentiality

•          Term and Termination

•          Exhibit B: DPRA

 

  1. Definitions
    1. Us/we/Company/Advertiser – Legal Analysis LLC AKA Company/CreditandInvestments/Us/We) that elects to participate in the Network, as specified in the applicable Program Details.
    2. Affiliates – A company or individual entity that participates in the Network to earn compensation for Qualifying Transactions.
    3. Agent – (AKA sub-affiliate, sub-publisher, distribution partner) or other similar third-party relationship through which an Affiliate participates in a Program. Agents are subject to Company’s prior written approval in accordance with Section III.C.
    4. Applicable Law – All national, state, and local (1) laws, ordinances, regulations, and codes and (2) orders, requirements, directives, decrees, decisions, judgments, interpretive letters, guidance and other official releases of any regulatory authority that apply to you or the performance of your obligations hereunder.
    5. Company Data –shall have the same meaning as provided in the Company Data Protection Requirements Addendum, attached hereto as Exhibit B.
    6. Buy API Program – an approved Company program that permits Affiliates who have entered into an agreement with Company, or an Company approved third party, to display products or services that are listed on an Advertiser’s digital property on a digital property that is owned and operated by the Affiliate and allow end users to purchase such products or services through Company’s API.
    7. Gross Merchandise Bought (“GMB”) – The total purchase price paid by a buyer for a Qualifying Transaction, excluding any shipping fees and taxes.
    8. Link – A hyperlink embedded in a Promotional Method that allows an end user to click to Participating Sites and Content.
    9. Participating Sites and Content – Any Advertiser website or content that is promoted by Affiliates, as described in the applicable Program Details.
    10. Program – A performance-based marketing program to promote Participating Sites and Content as set forth in the applicable Program Details.
    11. Promotional Content – Buttons, banners, widgets, text, Software Applications and other creative content that are used by Affiliates to promote Participating Sites and Content.
    12. Promotional Method – The methods by which Affiliates promote Participating Sites and Content, which may include Promotional Content.
    13. Promotional Tools – Tools or API platforms that may be provided by Company or a third party that Affiliates may use to create their own Promotional Content.
    14. Qualifying Transaction – An activity by an end user (such as a purchase or app download) that qualifies the Affiliate to receive compensation, as described in the Program Details.
    15. Software Application – A software application developed by an Affiliate to be used in a Promotional Method.
    16. Tracking Code – A tracking code provided by Company that is embedded in Promotional Methods to track the Qualifying Transactions.
    17. Venders – are Lead Buyers who pay for the lead, after it closes, and after they collect the monies.

 

  1. Registration and Your Account/and Duties and Understandings.
  2. Account Security. You are responsible for all activity on your Network account and for loss, theft or unauthorized disclosure of your password (other than as a result of Company’s gross negligence or willful misconduct or omission). You must provide Company with prompt written notification of any known or suspected unauthorized use of your account or breach of the security of your account. Privacy and Data.

 

  1. User Information Received from Company. In connection with your participation in the Network and the Programs, Company may make available certain information that relates to an Company or Company user, browser or device (“Company User Data”). Company User Data is Company’s Confidential Information. You may not use Company User Data other than for the purpose for which it was provided to you, and under no circumstances to create or augment audience profiles.
  2. Affiliate’s Compliance with Relevant Privacy Regulations.
    1. You must maintain and post a privacy notice in your websites or applications that complies with all Applicable Laws, including full and accurate disclosure of:
      1. your collection, use and disclosure of visitor information,
      2. your use of third-party technology, including Company’s tracking technology,
      3. your use of cookies and options for discontinuing use of such cookies.
  3. DPRA Requirements. By participating in the Network, you agree to comply with the terms of the DPRA.
  4. Use of Company Data. You acknowledge and agree that you will only use Company Data for the sole purpose of participating in a Program and as otherwise directed or approved by Company in writing.  For the avoidance of doubt, you acknowledge and agree that you have no ownership of, or right to use, sell, rent lease, copy, access, combine, reproduce, display, perform, modify, transfer, or disclose Company Data, or any derivative works thereof, except as expressly provided in this Agreement or as otherwise agreed to by Company in writing.  Additionally, you agree not to disclose any Company Data to any third parties, except as indicated in this Agreement or as otherwise agreed to by Company in writing.

 

  1. Right to Audit. Company and its service providers have the right to audit your or your Agent’s sites or activities in relation to your and your Agent’s participation in the Network and the Programs. You shall not block or otherwise interfere with such audit, and Company and its service providers may use technical means to overcome any methods you may use to block or interfere with such audit. To the extent not prohibited by Applicable Law, audits may include requests for documents and server logs, and visits to your facilities and those of your Agents. Your failure to reasonably comply with Company’s efforts to audit your or your Agents’ compliance with this Agreement shall constitute a material breach of this Agreement. If Applicable Law does not allow you to share server logs with Company, you must provide Company with other proper proof of traffic that you sent to Participating Sites and Content.
  2. Remedy for Breach. If Company in its sole discretion believes that you or your Agents have breached this Agreement or that you or your Agents have engaged in fraudulent activity, it may take any and all steps it deems appropriate.
  3. Suspension. – If Company suspends your account from the Network or a Program, you will no longer get paid for any future activity. You are required to immediately remove all Promotional Methods. Company in its sole discretion may reinstate your account in the event you have taken all necessary remedial actions to Company’s satisfaction.

 

  1. Confidentiality. In connection with your participation in the Network and the Programs you may be provided with data and information that is confidential and proprietary to Company or the Advertiser(s), as is designated by the disclosing party or that is reasonably understood to be proprietary or confidential (“Confidential Information”). Confidential Information does not include information: (a) that is or becomes publicly available through no act or omission of the receiving party; (b) disclosed to the receiving party by a third party not bound by any confidentiality obligation with respect to such information; (c) developed by the receiving party independent of the disclosing party’s Confidential Information; or (d) that is in the possession of the receiving party and not subject to any duty of confidentiality as of the date you accept the terms of this Agreement. You agree to use the same degree of care, but no less than a reasonable degree of care, to maintain the confidentiality of and to protect any proprietary interests of Company or the affiliate. You may deliver a copy of such Confidential Information (i) pursuant to a subpoena issued by any court or administrative agency, (ii) to your accountants, attorneys or other agents (“Representatives”) solely on a need-to-know basis in connection with the performance of your obligations or rights under this Agreement and the applicable Program Details; provided that (x) you are responsible for the compliance of your Representatives hereunder and (y) such Representatives shall be subject to a written confidentiality agreement or otherwise subject to fiduciary obligations of confidentiality covering the confidential treatment of Confidential Information, with confidentiality restrictions no less protective than those provided in this Agreement and (iii) otherwise as required by Applicable Law, upon written notification to Company. Upon termination of this Agreement or your participation in a Program, you must destroy or return any Confidential Information provided to you under this Agreement and, if requested by Company, provide a certification of destruction.
  2. Term and Termination.
  3. Terms and assignments are outlined in independent agreements.

Social Media. You may use Links on social media sites that allow posting of affiliate marketing links. It is permitted to use URL shortening services offered by Bitly (Bit.ly), Google (Goo.gl and FDL), Hootsuite (Ow.ly), Buffer (Buff.ly) and Geniuslink (geni.us) to promote through your social media accounts.

 

  1. Disclosure about Relationship with Company. Note that the Federal Trade Commission requires disclosure of any material connection or relationship when you endorse or promote a product or service to your readers, unless the connection is already clear from the context of the communication containing the endorsement/promotion. Affiliate links can be considered such a material connection. If the connection is not already clear from the context of the communication containing the endorsement/promotion of a product or service, then you must insert a statement such as the below on your website. “When you click on links to various merchants on this site and make a purchase, this can result in this site earning a commission. Affiliate programs and affiliations include, but are not limited to, the Company Partner Network.” Additionally, any posts on your social media channels (including, but not limited to Facebook, Twitter, and Instagram) must include #ad, #advertisement, #sponsored, or something similar at the beginning of the post to clearly and conspicuously disclose the material connection (unless the connection is already clear).
  2. Unacceptable Placements.
    1. Your Promotional Methods may not incorporate any topics that Company in its sole discretion considers to fall in any of the following categories:
      1. sexually explicit materials
      2. violence/illegal goods, services or activities
      3. discrimination based on race, sex, religion, nationality, disability, sexual orientation, or age
      4. libel or defamation
      5. content that is aimed at children specifically, content that otherwise is misleading, obscene or hate-oriented

Exhibit B: Data Protection Requirements Addendum

DPRA Requirements

 By participating in the Network, you (as defined in the Company Partner Network Agreement, to which this is attached) agree to comply with the terms of this DPRA, as the same may be updated from time to time.

1.     Purpose and Scope:

This Data Protection Requirements Addendum (the “DPRA”) reflects your commitment to abide by Applicable Law concerning the Processing of the eBay Data (defined below). This DPRA prescribes the minimum data protection and information security standards that you, your agents and assigns must meet and maintain in order to protect Company Data from unauthorized use, access, disclosure, theft, manipulation, reproduction, a Security Breach (defined below) or otherwise during the term of the Company Network Agreement (“Terms”) and for any period thereafter during which you, your agents, or assigns has possession of or access to any Company Data.

Capitalized terms used but not defined herein shall have the meaning set forth in the Terms.

2.     Definitions: 

a.     “Applicable Law” means any applicable data protection, privacy, or information security laws, codes, and regulations or other binding restrictions governing Processing of eBay Data.

b.      “Data Centers” means locations at which you provide data Processing or transmission functions in support of your Application. Data Centers can be owned by you or by a third party.

c.     “Data Controller” means the party that determines the purposes of the Processing of Personal Data.

d.     “Data Processor” means the party that Processes Personal Data on behalf of, and under the instruction of, the Data Controller.

e.     “Data Subject” means the identified or identifiable person who is the subject of Personal Data.

f.      “Company Data” means data or information (regardless of form, e.g., electronic, paper copy, etc.) transmitted through the Company feeds, Company dashboard, Company API(s), Promotion Tools or otherwise provided by or on behalf Corporate Family Member (as that term is defined in the Terms) to you.

g.        “Confidential Data”: Information that is intended only for a limited audience within eBay or whose release would likely have an adverse financial or reputational effect on Company, Company customers, or Company clients. Examples include, but are not limited to: customer or client customer individual names, email addresses, physical addresses and any other information that correlates to a person, software source code, customer personal contact information, customer email addresses, etc.; or

ii.       “Personal Data”: data or information that makes a natural person identified or identifiable or is a numerical, physical, physiological, cultural, economic, mental or other factor of identity relating to an identified or identifiable person.

Company Data specifically excludes data classified by us as “Restricted Data,” which includes highly sensitive or regulated information that is intended only for a limited audience within eBay or whose release would likely have a material adverse financial or reputational effect on eBay or any Data Subject. Examples include but are not limited to: (i) Government issued identification numbers for specific countries (e.g., USA Social Security number; Germany Shufa ID, Canada Social Insurance number, driver’s license number; state identification number); (ii) Bank account numbers and related bank wire transfer financial information; and (iii) customer date of birth.

You agree that you will not attempt to access, receive, transmit, process or store any “Restricted Data”

h.     “Processing” or “Processes” means any operation or set of operations which is performed upon eBay Personal Data, whether by automatic means or not, including but not limited to collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

i.     “Security Breach” means a compromise of the systems in which eBay Data has been accessed or acquired by one or more unauthorized parties, or you or eBay reasonably suspects that such a breach of security may have occurred, or any act that violates any Applicable Law. For the avoidance of doubt, “a compromise of the systems” includes, but is not limited to: misuse, loss, destruction, unauthorized access, collection, retention, storage, or transfer.

j.      “Sub-Processor” or Sub-Affiliate” means any of your Affiliates, agents or assigns that Processes Company Personal Data subject to the Terms, and any unaffiliated Data Processor engaged by you or by your Affiliates.

3.  REASONABLE SECURITY:

You represent, warrant, and agree to use Security Measures (as defined below) (i) to ensure the protection of the rights and freedoms of the Data Subjects in accordance with Applicable Laws and Regulations. You agree that “Security Measures” shall mean commercially reasonable security-related policies, standards, and practices commensurate with the size and complexity of your business, the level of sensitivity of the data collected, handled and stored, and the nature of your business activities, provided that all such policies, standards, and practices shall, at a minimum, comply with any Applicable Laws and Regulations and shall give due consideration to information security management systems, physical security, physical access control, access control to systems, access control to data, disclosure control, input control, security and privacy enhancing technologies, awareness, training and security checks in relation to your Personnel (job control), availability control, segregation control, incident response management/business continuity and audit controls/due diligence. You further represent, warrant and agree to (v) implement industry standard security controls to detect malware on any ads served by you or your partners to a person and take appropriate actions to remove identified malware in a timely manner. You shall provide a detailed description of the Security Measures if needed, as required by law.

4.    Logical Security:

a.    Access Controls.  You certify that you employ access control mechanisms that in accordance with your business size as required by law:

5.    Security Vulnerability Management:

a.    Vulnerability Management and Application Security Assessments. If Federal Law mandates by your business size that you must run internal and external network vulnerability scans at least annually and after any material change in the network configuration (e.g., new system component installations, changes in network topology, firewall rule modifications, or product upgrades), then you agree that you will do such. Vulnerabilities identified and rated as high risk by you will be remediated within ninety (90) days of discovery.

b.    For all Internet-facing applications that collect, transmit or display Company Data, if your company size is required and mandated to conduct an application security assessment review to identify common security vulnerabilities as identified by any and all Federal requirements, you agree to do such.

c.    Patch Management. If your company size is required and mandated to, then you will patch all workstations and servers with all current operating system, database and application patches deployed in your computing environment according to a schedule predicated on the criticality of the patch. You must perform appropriate steps to help ensure patches do not compromise the security of the information resources being patched. All emergency or critical rated patches must be applied as soon as possible but at no time will exceed thirty (30) days from the date of release, then you agree that you will do such.

7.    Security Breach:

If your company size is required and mandated to have certain protections and safeguards implemented, then you will maintain an industry standard incident response function capable of identifying, mitigating the effects of, and preventing the recurrence of Incidents. Upon discovering or otherwise becoming aware of an Incident that may put Company Data at risk (“Breach”), you shall take commercially reasonable measures to mitigate the harmful effects of the Incident. You shall also notify Company of the Breach as soon as practicable, but in no event later than 24 hours after the Breach and in any case before notifying any relevant authority. You must ensure that affected third parties are notified of the Breach, at Company’s sole discretion, either by notifying such third parties after Company has reviewed and approved the language and method of notice. You agree to cover the costs of any such notification, including reimbursing Company for any reasonable costs such as to provide credit monitoring to affected Data Subjects.