3 Rivers Logistics, Inc (referred to as “We”, “Us”, “Our”, or “3 Rivers” herein)
use the Location Information of End User mobile devices provided by wireless Service Providers in the products, applications and/or services (“Our Service/Application”) that We make available to you and/or your Authorized Users (referred collectively to as “You” or “Your” herein). Proper use and protection of Location Information is important. As such, You are subject to the following terms when You use Our Service/Application:
ALL SERVICE PROVIDER DATA IS PROVIDED ON AN AS-IS, WHERE-IS BASIS, WITHOUT WARRANTY, GUARANTEE OR LIABILITY.
1. Use of Wireless Location Information
2. Use of Wireless Service Providers' Names; Publicity
2.1 You shall not publicly use wireless Service Provider's name, trademarks, trade names, service marks or logos without prior written permission of the applicable wireless Service Provider.
2.2 You shall not publicize the relationship with wireless Service Providers without the permission of the applicable wireless Service Provider including, without limitation, that Our Service/Application is compatible with the wireless Service Provider's network or devices.
2.3 Our Service/Application supports wireless location for subscribers of AT&T, Boost, Metro PCS, Sprint, T-Mobile, US Cellular, Verizon and Virgin Mobile and text messaging for subscribers of those Service Providers plus most Tier 2 and 3 US wireless Service Providers.
3. Important Message about your Cellular Provider (AT&T, Sprint, T-Mobile, US Cellular, Verizon and others).
3.1 You shall make any Application that utilizes Location Information available to End Users until the later of: (i) ninety (90) days from the End User's initial purchase of Your Application; (ii) the expiration of the period of time indicated to End Users that Your Application will be available or supported; and (iii) the date support services stop for all End Users. In the event that You intend to discontinue Your Application for any reason whatsoever, You will (a) provide written notice to Us that Your Application will no longer be supported at least ninety (90) days before a cessation in support services to the End Users; and (b) provide written notice to each End User at least thirty (30) days before support stops.
4. Compliance with Law, Policies, Industry Practices and Guidelines
4.1 You understand and agree that You and affiliated third parties may be subject to additional unanticipated obligations and legal requirements as a result of use of location aware applications or services. You will only access, use, copy, store and disclose Location
Information as long as End User notice, consent and all other requirements have been
satisfied and maintained. You will at all times comply with applicable laws, rules and regulations, industry practices, third-party guidelines and other relevant policies and requirements, including: (i) all applicable consumer protection, marketing, data security, export and privacy laws; (ii) Federal Trade Commission privacy initiatives; and (iii) the CTIA Best Practices and Guidelines for Location-Based Services. You will not allow Location Information of an End User to be accessed from outside the country in which the End User is subscribed for wireless service without the prior written consent of the End User’s wireless Service Provider.
4.2 You will comply with all of the following as amended from time to time, as applicable:
a. all applicable privacy, consumer protection, marketing and data security laws and government guidelines;
5. Consent and Privacy Settings
6. Revocation of Consent
If End User consent is denied or withdrawn, You may not collect, transmit, maintain, process or utilize Location Information or perform any other actions for which End User consent has been denied or withdrawn.
7. Use and Storage of Location Information
You may only use Location Information for the sole purpose of using Our Service/Application as intended by End Users. Location Information shall not be accessed, used, copied, stored or disclosed for any other purpose without the explicit prior consent of End Users. You must delete Location Information immediately when it is no longer needed or upon request of End Users and/or provide a readily available means for End Users to delete stored Location Information. You shall not: (a) collect or store any information delivered via Our Service/Application, other than temporary caching on Your servers or End User devices, for purposes other than to determine the location of an End User device; (b) use automated scripts to access Our Service; or (c) otherwise mine or attempt to mine information delivered via Our Service/Application.
8. Privacy Safeguards and Considerations
8.1 You must not use Our Service/Application to undermine End User privacy and nor to allow unauthorized surveillance. To mitigate the risk of End Users being located without their knowledge and consent, You must implement security measures and safeguards that protect End User privacy and safety such as, but not limited to, encrypting sensitive data such as Location Information and using private networks to transmit such data.
8.2 You must carefully consider the safety implications of Your use of Our Service/Application and implement the appropriate safeguards to address the foreseeable risks.
8.4 You must provide a resource for End Users to report abuse of Our Service/Application and a process that can address that abuse in a timely manner.
9. Intended Recipients' Use of Location Information
You shall ensure that any recipient of Location Information only receives Location Information when necessary with consent of End User, uses the Location Information only for the purpose for which it was provided, disposes of Location Information after use unless otherwise permitted by End User and takes measures to protect the Location Information against unauthorized access, use, copying, storage and/or disclosure.
10. Prohibited Content
Content You use with or send via Our Service/Application must not: (a) contain any material that is unlawful or defamatory or that infringes upon or violates any copyright, trademark, patent, personality, publicity, or privacy rights or any other intellectual property or other rights of any third party; (b) promote or facilitate any illegal activity, such as illegal gambling; (c) contain any adult themed or sexually explicit content; (d) depict violence, prejudice, discrimination, or racism; (e) contain alcohol, tobacco or death-related content; and (f) contain any information that is false or likely to mislead or deceive.
11. Harmful Code
You will maintain an appropriate level of security and integrity for End Users in connection with the use of the Services and implement procedures to prevent the transmission of Harmful Code to End Users and unauthorized access to devices and Service Provider networks. "Harmful Code" means (a) viruses, worms or other malicious code; (b) any feature that prevents or interrupts the use of a Service Provider network or any device, including, without limitation, any lock, drop-dead device, Trojan-horse routine, trap door, time bomb; (c) any other code or instruction that is intended to be used to access, modify, delete, damage, or disable the functionality of a Service Provider network or any device; or (d) data or messages that are unsolicited or of a volume that unreasonably burden a Service Provider network or any device. You will immediately notify Us if You know or have reason to know of any breach of security or known vulnerability of Your systems that could lead to a breach of these security obligations and will remedy the breach or such vulnerability within 24 hours.
12. Security Provisions
12.1 You must implement and maintain administrative, physical and technical safeguards that prevent any collection, use or disclosure of, or access to, End User information that this Agreement does not expressly authorize, including, without limitation, an information security program that meets the highest standards of best industry practice to safeguard End User information. The information security program will include, without limitation, (i) adequate physical security of all premises in which End User information will be processed or stored; (ii) reasonable precautions taken with respect to the employment of and access given to personnel, including background checks and security clearances that assign specific access privileges to individuals; and (iii) an appropriate network security program. The network security program will include, without limitation, (x) appropriate access controls and data integrity controls; (y) testing and auditing of all controls; and (z) appropriate corrective action and incident response plan.
12.2 You shall implement and maintain administrative, physical and technical security controls to protect Location Information and the availability and integrity of Service Provider networks and services. You shall use measures to sufficiently mitigate security threats when using Our Service/Application, including: (i) unauthorized access; (ii) unauthorized changes; (iii) disruptions or denial of service; (iv) escalation of user privilege; (v) service fraud; (vi) improper disclosure of sensitive information; and (vii) degradations of service.
12.3 When You use Our Service/Application or communicate Location Information over an Internet Protocol network, any network traffic shall have security controls to protect from threats, including, but not limited to, eavesdropping, data tampering and data collection.
12.4 You shall not, nor allow any other person or system to, : (i) perform any functions or link to any content or use any robot, spider, site search or other retrieval application or device to scrape, retrieve or index services or to collect, disseminate, use, store or disclose information about End Users for any unauthorized purpose; (ii) disable, override or otherwise interfere with any Service Provider alerts, warnings, display panels, consent panels and the like, including, but not limited to, those that are intended to notify End User that Location Information is being accessed, used, copied, stored or disclosed; (iii) be designed or marketed for automatic or autonomous control of vehicles, aircraft or other mechanical devices or emergency or life- saving purposes; or (iv) be designed, developed, marketed, distributed, offered or otherwise made available for the purpose of harassing, abusing, stalking, threatening or otherwise violating the legal rights (such as the rights of privacy and publicity) of others or any other illegal or unethical purpose.
13. Information Security Vendor Assessments, Annual Security Audits & Visitation and Inspection Rights
13.1 Information Security Vendor Assessment ("ISVA"). Wireless Service Providers of the associated End Users reserve the right to require You to complete an ISVA process once per year, as described below. A Service Provider may require that additional security controls or mitigation plans be implemented and maintained by You based on results of an ISVA.
13.2 Previous Security Audit. Prior to commercial use of Our Service/Application, Your systems that access Our Service/Application or use, access, process or store Location Information (“Your Systems”) shall have been subjected to an information security audit conducted internally or by an independent third party. You will provide Us the results of the most recent audit upon request for delivery to any requesting Service Provider. Any third-party or internal audits shall not have revealed any material vulnerabilities in Your Systems or any component thereof and to the extent that any such vulnerabilities were found to exist, You shall have fully remedied such vulnerabilities prior to commercial use of Our Service/Application.
13.3 Future Security Audits. You agree to engage an independent third-party to perform no
less than annual security audits of Your Systems, including any third-party data center(s)
utilized by You. You will provide Us the results of the latest audit within thirty (30) days of a request, including, without limitation: (i) whether the audit revealed any material vulnerability in Your Systems; and (ii) if so, the nature of each vulnerability discovered. If the audit reveals one or more material vulnerabilities, You will correct each such vulnerability at its sole cost and expense and will certify in writing to Us that it has corrected all such vulnerabilities. You must complete all vulnerability corrections within sixty (60) days of completion of the audit, unless the vulnerabilities by their nature cannot be corrected within such time in which case the corrections must be completed within a mutually agreed upon time.
13.4 Visitation and Inspection Rights. A Service Provider, or its authorized representatives, may at any time, upon reasonable notice, visit any or all locations of Your Systems to inspect them and to assess Your performance of Your obligations under this Section. For purposes of such an inspection, You will grant a requesting Service Provider and its representatives access, during normal business hours, to Your Systems and to all books, records, procedures and information that relate to Your performance under this Section, including, without limitation, any information Service Provider deems necessary to ascertain any facts that relate to Your performance hereunder. If: (i) a Service Provider determines in connection with any such inspection that You have failed to perform any of Your obligations under this Section, and (ii) a Service Provider notifies You or Us in writing of Your breach of this Section, then You will, within ten (10) days, develop a corrective action plan in cooperation with the requesting Service Provider. Such plan will be subject to Service Provider's approval in its reasonable discretion and You will promptly implement such plan at its sole expense. These inspection and corrective action rights supplement, and in no way limit, Our or Service Provider's other rights in this Agreement.
13.5 Should such inspection request be denied, or should the inspection reveal flaws inconsistent with applicable policies, practices or procedures, the requesting Service Provider may terminate access to the Location Information of its subscribers at any time.
14. Incident Support, Response and Resolution
You agree to comply with the applicable performance and support obligations established from time to time by wireless Service Providers of End Users with respect to location aware services. In the event of an incident, outage or other occurrence related to Our Service/Application, awireless Service Provider may assess the severity level of the incident and, if appropriate, recommend a support, response and resolution plan. You understand that Our intent and
that of the wireless Service Providers in resolving any incident is to perform such resolution in a manner that reasonably prioritizes preservation of the integrity of wireless Service Provider facilities, the wireless Service Provider network, the wireless Service Provider services and End User use of Our Service/Application. We and wireless Service Providers may use the contact information submitted by You, which must be kept up to date, to communicate with You regarding these performance and support obligations. Your contact information may be shared by wireless Service Providers with their subscribers who are End Users and/or other third parties to provide support, response and resolution services.